last executing test programs:

3.303283367s ago: executing program 2 (id=1692):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/power/pm_trace_dev_match', 0x56480, 0x164)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x3a, 0x40, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000440)=[{0x1, 0x8}, {0x0, 0xe, 0x1000}, {0x0, 0xfff}], 0x3, 0x0)
syz_open_procfs(0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000080)=@bpf_lsm={0xd, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="750a000000000000611ca9cde58dcb19114c010000000000000000000000040000000000dfffff77007dca73e9e33114dc31cc04ef8b6bd769ce872376af"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x22ba2, 0x9990, 0x20000009, 0x0, r0, 0x3, '\x00', 0x0, r0, 0x5, 0x4, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0xf, &(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000057000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_dev$vim2m(0x0, 0x8, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

3.109330644s ago: executing program 0 (id=1693):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r0, 0x0, 0x18, &(0x7f0000000080)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)

2.949814126s ago: executing program 0 (id=1694):
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x20000804)
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x80000003)
syz_usb_connect(0x0, 0xfffffffffffffffb, 0x0, 0x0)
r1 = dup2(r0, r0)
read$FUSE(r1, &(0x7f0000000180)={0x2020}, 0x2020)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f00000000c0)={0x0, @adiantum, 0x0, @desc3})
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x104, 0x4, 0x3e8, 0x200, 0x200, 0x0, 0x300, 0x300, 0x300, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'erspan0\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x4}}}, {{@uncond, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'pim6reg\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
ioprio_get$uid(0x0, 0xffffffffffffffff)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)={0x34, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0xc, 0x0, 0x0, @u64=0x7}]}]}, 0x34}}, 0xc000)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)

2.71143777s ago: executing program 1 (id=1695):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x3c1, 0x3, 0x438, 0x0, 0x168, 0x0, 0x268, 0xa, 0x368, 0x250, 0x250, 0x368, 0x250, 0x3, 0x0, {[{{@uncond, 0x0, 0x228, 0x268, 0x0, {0x0, 0x28e}, [@common=@inet=@hashlimit3={{0x158}, {'caif0\x00', {0x0, 0x7ff, 0x0, 0x1, 0x300, 0x6, 0x1000}}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "48c01c5140d722edd3fb24545886bbd1be494201b400"}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x498)
syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0)
openat$fuse(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket(0xf, 0x4, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000040), &(0x7f0000000180)=0x4)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = syz_io_uring_setup(0x2293, &(0x7f0000000400)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x1})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000480)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="0c010100", @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf25020000002c00018008000300030000000800030003000000080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="2400018008000300030000000800030000000000080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="6c00018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB="08000300010000000800030002000000140002007465616d30000000000000000000000008000300010000001400020073797a5f74756e00000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="3c000180140002007663616e30000000000000000000000008000300000000000800030000000000140002006e657464657673696d30000000000000"], 0x10c}, 0x1, 0x0, 0x0, 0x800}, 0x400c001)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
write$UHID_CREATE2(r7, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r4, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_int(r0, 0x0, 0xe, 0x0, &(0x7f0000000080))
r8 = socket(0x2b, 0x1, 0x1)
getsockopt$inet6_IPV6_IPSEC_POLICY(r8, 0x29, 0x22, 0x0, 0x0)
accept4$unix(r8, 0x0, 0x0, 0x80000)
getsockopt$IPT_SO_GET_REVISION_MATCH(r8, 0x0, 0x42, &(0x7f0000000280)={'icmp6\x00'}, &(0x7f0000000200)=0x1e)

2.639371323s ago: executing program 1 (id=1697):
socket$nl_route(0x10, 0x3, 0x0)
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(r0, &(0x7f0000000180))
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {0x800300}}, './file0\x00'})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x690a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4}, &(0x7f0000000140), &(0x7f0000000100))
keyctl$set_reqkey_keyring(0xe, 0x3)
request_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000040)='\x00\xb2\xd1)\xda\xff|\xd1\x85b\xad77\x00\fJ\xfc\xb4\x1e\xae\xe8:`\xe9\x9ew\xf5l\xee\x8dg\xc2\'\x88\xe9\xf3\x05\xe02\xe6\v_\xe9\x89\x86s\x8dh#$\xe4\xb1\xd0\x93\xceh\xfcsP)\xd9\xce\x19+?\xc6\xf7\xc0[G\x15\xde-x\xa9\xe5,\xec\xf6\xfb\xc9~2\xa1\xeb\xb3Pp\x93\x90\x17\xb2\x95\xe7\r\xae^\x92n\xbd\xf3\xb1\xac\xe3sf\xc9X\x05j:\xb6~\xa6#\xbf\x06t\xf2\xb5gd\xd7\xcc\"A_\xecu\xe8<dR}\x8e\b\x16\x8c\xa6\x01\x11\x97S\x99k\x1e\x03\x8e\xea\v}+\".\xda,\xfe\xb7\xbf\x01T\x99\xbdF\xd4\x925[\xd1\xeb\xdf\x98\xfa\xb0\x93\xc3>\x84\xe3\x92J\xaa!\xae\xa2\xd7\xf3\xc6J\xb9i\x9d\xb4{\xee\xf0|\xd9\x05\xaa\xbb\xfe\x12\xa0\xbb\xecY\x0f \xa3\xba?#\x90\x8c,nNQ<pCoa\xf2\xd1\x96\x8f\xf3>\xa1\xed', 0x0)

2.355688546s ago: executing program 2 (id=1699):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000000780)=""/102392, 0x18ff8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, 0x0, 0x0}, 0x20)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0), 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000ffdbdf2501000a000c00040002000000000000000c00060001000000000000000c00020007000000000000000c00080001000000000000001c0007"], 0x60}}, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000640), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRESHEX=0x0, @ANYRES8=0x0, @ANYBLOB="000000010000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000010000eae2dc5d9735fe9a000046ce1030f86c5ed5"], 0x50)

2.203951211s ago: executing program 2 (id=1700):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, r1, {<r3=>0xffffffffffffffff, 0xee00}}, './file0\x00'})
sendmsg$nl_netfilter(r1, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000002c0)={&(0x7f0000000680)={0x330, 0xe, 0x6, 0x201, 0x70bd2b, 0x25dfdbfb, {0x5, 0x0, 0x6795}, [@nested={0x15f, 0x1a, 0x0, 0x1, [@typed={0x8, 0x4c, 0x0, 0x0, @pid=r0}, @generic="fa56e41e55f6fe7f5fee86a2b2e5821eca747e2bd0ed06b0f4f6b0c23b9a368a7a43ac33bfd139cb6ba6adcb408ac751a178e1571a9fb467ee98fdfddd7709ed0bbc652a7f687452a742b1b02b49f40ca7f5440207049c07e7f8128923951f015d0a16a3fd0dc199a6698aebb3d0ab356b1e714eb0affa74fb944f8460c5f4d0e459a0ea424d716e32366d9891f4daadd5eaee", @typed={0x8, 0x92, 0x0, 0x0, @uid=r3}, @typed={0x14, 0xab, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}, @typed={0x4, 0x26, 0x0, 0x0, @binary}, @typed={0x9e, 0xd4, 0x0, 0x0, @binary="1ff8cfc235ad6ef13c5537bc975c43e96cb5f0410dbdbd1beb47f7743dae54160e87bc7a4e6eedb2c89226d7b2a1c600cbed7a317db7bb45972c34ca1d731320550f528dc623d6fa69237fff9d88b8631de474dae3b6e92eb73f1875934fc08edb0e030ea5e49aabd2ce745ba40d94ac025bae5f497dea3124c5fce6b63ac5f5e53f53a48e10c7eb07c82b99c91eba1531f951356ae87fa44901"}]}, @typed={0x8, 0x144, 0x0, 0x0, @u32=0x7}, @nested={0x15a, 0x12a, 0x0, 0x1, [@generic="ab8af86e2ea1b030313d2bb8d1ed1260962bbd9d5ed3b26a4d0fef2b3aefff17fb32895f85b69192de051398e9a4170418c4164485c1977ea16d57e6e2e760a042b8a088d153140542b9cb7ac73dafeefd2276d12cde47c2d9e2ab7cf2e972d965d24b9301a25adf45389f80e055f71074b56f7cf44f3c462ec2e91713480500ff92be94469502c4c561b9aea9b3bbd06a95a7a7abf0bdc01d024dc142ed213ab718717692cab5d35cf73332e33ec261918387541348d663a2fd648902efa1d14ed34a2aaf4692847979d3c8a9ba1e2a75f1dd66fc008f1cc9cd", @generic, @typed={0x8, 0xda, 0x0, 0x0, @str='GPL\x00'}, @generic="f9d53623a3e069c5e039cdc72c1f9c577a99e3a987398d7f398deec383e193820bf75237cf318f47425ccefad3f93c94488912a45ea0b92e607aea9ff98bf7c6d9e3e67b8662c35eb4832cf188724bfa", @typed={0x8, 0x147, 0x0, 0x0, @fd=r1}, @typed={0x14, 0x138, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x31}}, @typed={0x8, 0x41, 0x0, 0x0, @pid=r0}]}, @generic="06616fe500256a68c52e211ae42d10611e2f12a9f80fc881c5e3d2a88ca921a0b73e9e2ef0bda86a8842cbe98d8353b0bcb37e4259f74e74b55fff80a6146ab4f04dce86bad6cf32db6a21d092ddf16c513ccb81", @generic='u']}, 0x330}, 0x1, 0x0, 0x0, 0x51979a2ac866def5}, 0x20000001)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
sendfile(r4, r4, 0x0, 0x40008)
r5 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r5, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r5, 0xa)
r6 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r7 = accept4(r5, 0x0, 0x0, 0x0)
connect$netlink(r7, &(0x7f0000000000)=@unspec, 0xc)
listen(r7, 0xffffffff)

1.928144472s ago: executing program 1 (id=1701):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_clone3(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000380)=""/124, 0x7c}], 0x1, 0x2, 0x200)
mmap(&(0x7f0000819000/0x2000)=nil, 0x2000, 0xf, 0x10, r1, 0x1000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x7, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c000000020605000000000000000000000000000900020073797a3200000000050004000000000005000100060000001400078008000640000000000800134000000000050005000a00000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
accept4(r2, 0x0, 0x0, 0x400)
socket$l2tp(0x2, 0x2, 0x73)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1000, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
socket(0x10, 0x80002, 0x0)

1.841056317s ago: executing program 1 (id=1702):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008"], 0x58}}, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioperm(0x3, 0x7, 0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
getresgid(0x0, &(0x7f0000000340), 0x0)
fchdir(0xffffffffffffffff)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc0185879, 0x0)
setresgid(0x0, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_getoverrun(0x0)
syz_emit_ethernet(0x42, &(0x7f0000000200)={@local, @random='\x00 \x00\x00\x00\b', @void, {@ipv4={0x800, @tcp={{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x7, 0xb1, [@dev]}, @timestamp={0x44, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f00000000c0)={0x32b})
memfd_secret(0x0)
socket(0x10, 0x80002, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080))
newfstatat(0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', &(0x7f0000000640), 0x100)
mount$overlay(0x0, 0x0, 0x0, 0x8000, &(0x7f0000000040)={[{@metacopy_off}, {@index_off}, {@index_off}, {@xino_off}, {@metacopy_on}]})
r2 = syz_open_dev$vim2m(&(0x7f0000000280), 0x800, 0x2)
ppoll(&(0x7f0000000300)=[{r2, 0x2007}], 0x1, 0x0, 0x0, 0x0)

1.795604964s ago: executing program 1 (id=1703):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r0=>0x0})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r2=>0x0})
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000540)={0x0, 0x88a8ffff, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001100a7cc5a8100ae541d002007000000", @ANYRES32=r4, @ANYBLOB="00000a00100000001c001a80080002802d00ff0408000200f47b0c0d"], 0x44}}, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000f40)={'bond_slave_0\x00', <r7=>0x0})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000f717b3c0fd22874f91d78bde69fa2a89f7d43318b3fcd9bb9f12fe41bbc4e64dd45f90a6c3855947d5cbf31f98c54df7b982877272ddd40460deb0b7e1d461cb145e9d695e68289afd93c061ad71927db52c40a8bc161944514bd366b67f9a46e78657ce347351ea36", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES64=r4, @ANYBLOB='\x00'/28], 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="00000000000000000000060000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=<r11=>r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000f80)={r10, 0x0, 0x25, 0x2, @val=@perf_event={0x63cfe4c6}}, 0x18)
r12 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r13=>0x0})
sendmsg$TEAM_CMD_NOOP(r5, &(0x7f0000000f00)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000ec0)={&(0x7f0000001800)=ANY=[@ANYBLOB="14030000", @ANYRES16=0x0, @ANYBLOB="08002bbd7000dedbdf250000000008000100", @ANYRES32=r13, @ANYRESHEX=0x0, @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="400002803c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000008000100", @ANYRES32=r13, @ANYBLOB="f001028038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400060000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=r0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000400000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000800000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000900000008000700000000003c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000800000008000700000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000000000100", @ANYRES32=r13, @ANYBLOB="0000028000000100000001006d6f64650000000000000000000000000000000000000000000000000000000000000300050000000000040062726f6164636173740000000000010000000100656e61626c65640000000000000000000000000000000000000000000000000000000300060000000000040000000600", @ANYRES32=r13, @ANYBLOB="00000100000001006c625f73746174735f726566726573685f696e74657276616c000000000000000000030003000000000004000100000000000100", @ANYRES32=r13, @ANYBLOB="00000280000001000000010001625f74785f686173685f746f5f706f72745f6d030003000000000004000000000000000000000400000000", @ANYRES32=r7, @ANYBLOB="000007000000000000000100000001007072696f72697479000000000000000000000000000000000000000000000000000003000e000000000004000100000000000600", @ANYRES32=r4, @ANYBLOB="00000100000001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000000003000300000000000400", @ANYRES32=r7, @ANYBLOB="000007000000000000000100000001006e6f746966795f70656572735f636f756e740000000000000000000000000000000003000300000000000400090000000000010000000100616374697665706f727400000000000000000000000000000000000000000000000003000300000000000400", @ANYRES32=r13, @ANYBLOB="00000100", @ANYRES32=0x0, @ANYBLOB="0000028000000100000001006d6f6465000000000000000000000000000000000000000000000000000000000000030005000000000004006c6f616462616c616e6365000000010000000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000000000300060000000000040000000600", @ANYRES32=0x0, @ANYBLOB="000001000000010071756575655f69640000000000000000000000000000000000000000000000000000030003000000000004000000000000000600", @ANYRES32=r13, @ANYBLOB="0000010000000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000000000300060000000000040000000600", @ANYRES32=r4, @ANYBLOB="00000100000001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000000030003000000000004000200000000000100000001006c625f73746174735f726566726573685f696e74657276616c000000000000000000030003000000000004000a000000000001000000010071756575655f69640000000000000000000000000000000000000000000000000000030003000000000004007600000000000600", @ANYRES32=r2, @ANYBLOB="00000100e36b55e72dcc210370423b9ce5b96abfcd63d52961cd0291f5625954a0ce8f43b0b9daba02c1d7fe182aa058c50fb24a327d6c029c39108c482fba789dee96d02dcd76d12f65b1fd717f16df77513dca43cc6ffd65c7fa39a6139103be7eff3529f71e84a15c5c741438f8", @ANYRES32=r2, @ANYBLOB="000002800000010000000100616374697665706f727400000000000000000000000000000000000000000000000003000300000000000400", @ANYRES8=r3, @ANYRESDEC=r11, @ANYRES32=0x0, @ANYBLOB="0000028000000100000001006c625f73746174735f726566726573685f696e74657276616c0000000000000000000c00030000000000040007000000"], 0x314}, 0x1, 0x0, 0x0, 0x20000050}, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="0200000004000000008001400200000000000000", @ANYRES32, @ANYBLOB="0100000000fb61e73990002e2b00000000009f744001fd3708410000", @ANYRES64=r6, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'team0\x00', <r14=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team0\x00', <r15=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="38060000", @ANYRES16, @ANYBLOB="040027bd7000ffdbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="88000280400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000000000008000600", @ANYRES32=r0, @ANYBLOB="44000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000014000400a4ff040b0300000000040661ff00000008000100", @ANYRES32=0x0, @ANYBLOB="0002028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000700000008000600", @ANYRES32=r0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000010000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000f000000080007000000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000900000008000600", @ANYRES32=r0, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r4, @ANYBLOB="3c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000005000300050000000900040068617368000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400ff000000080007000000000008000100", @ANYRES32=r7, @ANYBLOB="fc000280400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004005f9d000008000600", @ANYRES32=r0, @ANYBLOB="40000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e6365003c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000005000300050000000900040068617368000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="08000100", @ANYRES32=r14, @ANYBLOB="f80002803c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040008000000080007000000000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000a00000008000600", @ANYRES32=r0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400ff07000008000100", @ANYRES32=r15, @ANYBLOB="8001028038000100246173745f72656a6f696e5f696e74657215fe4897f178cc285dc63344b55876616c0000000000000300030000000800000040000100240001006d6f6465000600000000000000000000df6edfa6000000000000efffffffffff0400030005000000100004006c6f616462616c616e6365003c00010024eb0100757365725f6c696e6b75705f656e61626c5e64000000000000000000000000000500030006000000040004000800060050b0695b0877336c3936718df03d300c09", @ANYRES32=r0, @ANYBLOB="40000100240001007072696f726974790000000000000000000000000000000000000000050003000e00000008800400090000000800060000000000", @ANYRES32=r0, @ANYBLOB="4c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c00040009000709050000000001801f2200000039000202ff0700003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r0, @ANYBLOB], 0x638}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r16 = socket$l2tp(0x2, 0x2, 0x73)
r17 = syz_usb_connect(0x0, 0x3f, &(0x7f0000002000)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e", @ANYRES8], 0x0)
syz_usb_control_io(r17, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$caif_seqpacket(0x25, 0x5, 0x0)
r18 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r18, 0xc0145b0e, &(0x7f0000000040))
close_range(r16, 0xffffffffffffffff, 0x0)

1.619721777s ago: executing program 3 (id=1705):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r1 = getpid()
r2 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_io_uring_complete(0x0)
write$P9_RRENAME(r3, &(0x7f0000000540)={0x7, 0x15, 0x2}, 0x7)
r4 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r5, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0x18ffc}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc4740a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeadcd3641110bec4e93a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b900000000c52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9440c1961e80477166f3f847e855cdddc941d996d61ea0ce23b37e9d21c849d1e1e53087a3b109012e3a3ecbd219265048bf5c72b7ba2826b73323301b4bc94d0e4afde44867d71049a7c89bc617e215571ac910d8005000000000000006c34d2342806960b6bcb00000000000000000000000000113ee640b9ed0304a0bfb125204d30990361bf45ef45277a167cd2b00437e070b004c5aa90766538b4fe45a16f14b270904d36eaa87508ac6d46639b3971ac6a88dc531fcc5ffc6b76b334795d88156336a9a452a9022485bb572dacb7aa25f748bc75918a16d9d5ae21004cd799ac4951beb2c6c9b5baf60081b86cc2e31c49f4ea055fb3639036c95c69b1ae60e685d486dbd1d5e7d0daacd73acfc80b9c9c92000000000000000000000000000091bd1a7398248ed5a93752567682bbda235299fd8a7d447ecfe6a09c3afee6afa0d15522e81f28c3fc11fff52eb98cbe889bad6c2965dd2c08041fd7049803"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SEQ_GETINCOUNT(r6, 0x80045105, &(0x7f0000000100))
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r7, 0x0, 0x0)
ioctl$VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000040)={0xf0f045})
pread64(r4, &(0x7f0000000400)=""/42, 0x2a, 0x0)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_emit_ethernet(0x86, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x4, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@dev}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@dev}]}]}}}}}}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs$pagemap(r1, &(0x7f0000000180))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x0, 0x10004, 0xfffffffd, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f909, 0x8000, '\x00', @p_u8=&(0x7f0000000080)}})

1.379928909s ago: executing program 2 (id=1706):
r0 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r0, 0xc0385720, &(0x7f0000000000)={0x1})
unshare(0x62040200)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=@deltclass={0xd18, 0x29, 0x100, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x5, 0x3}, {0xfff1, 0xd}, {0xfff3, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x6}}, @tclass_kind_options=@c_red={0x8}, @TCA_RATE={0x6, 0x5, {0x7, 0x2}}, @TCA_RATE={0x6, 0x5, {0x7, 0x80}}, @tclass_kind_options=@c_htb={{0x8}, {0xc94, 0x2, [@TCA_HTB_PARMS={0x30, 0x1, {{0x2d, 0x2, 0x3, 0x0, 0x1, 0x4a7b741f}, {0x1, 0x0, 0x88d, 0x6, 0x5, 0xccb8}, 0x80d0, 0x799f, 0x40, 0xe, 0x5}}, @TCA_HTB_CEIL64={0xc, 0x7, 0x208a}, @TCA_HTB_RTAB={0x404, 0x4, [0x15d, 0x9db, 0x54, 0x5, 0x7fff, 0x80000001, 0xfffffff3, 0xc, 0xd, 0x1000, 0x0, 0x0, 0x4, 0x1, 0x9, 0xe7, 0x2, 0xffffffff, 0x8, 0x1, 0xf017, 0x80000001, 0x1, 0xf05f, 0x81, 0x4, 0x6, 0x8, 0x9, 0x1, 0x9, 0x62ff76f2, 0x4, 0x100, 0xc2, 0x9, 0x8, 0x450, 0x2, 0x7, 0x10, 0x0, 0x80, 0xffffff01, 0x5, 0x3, 0xfffffffb, 0x5, 0x53, 0x8, 0x401, 0x9, 0x10, 0x8001, 0x3, 0x4, 0x5, 0x4, 0x4, 0x3, 0x3, 0x8, 0x2, 0x2, 0x9, 0x8, 0x0, 0x6, 0x2, 0x7fff, 0x71b9, 0x6, 0x0, 0xfff, 0x5, 0x5, 0x0, 0x10, 0xb5, 0xf18, 0x7f, 0x5, 0x2bfc, 0xfff, 0x3, 0x0, 0x4, 0x80000001, 0x100, 0x1, 0xe, 0x9, 0x3, 0x2, 0x8, 0x3, 0x1, 0x6, 0x4, 0x1, 0x7, 0xb26, 0x6, 0xff, 0x400, 0x3, 0x8, 0x0, 0x5, 0xa1a6, 0x0, 0xd2, 0x81, 0x8000, 0x6, 0x5, 0x0, 0x9, 0x3, 0x0, 0xf, 0xfd2, 0xd, 0x5, 0x49d22f, 0x3, 0x7f, 0xca2, 0x4, 0x8, 0x1000, 0x1ff, 0x0, 0x0, 0x1, 0xb20, 0x5, 0x0, 0xfd0, 0x7, 0x4, 0x81, 0x8, 0x0, 0x8, 0x2, 0xffff6cd3, 0xfffffff7, 0x8, 0x8, 0x800, 0x7, 0x6, 0x8000, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x3, 0x1de, 0x2a18, 0xffffffff, 0x8, 0x6, 0x7, 0x2, 0x5, 0x400, 0x9, 0x3, 0x5, 0x3, 0x2, 0x9, 0x3972, 0x2, 0x24, 0x1c3, 0x10, 0x0, 0xefd, 0x1, 0xfffffffe, 0x35, 0x2000, 0x1, 0x6, 0x3, 0x4, 0x6, 0x7, 0x400, 0x1, 0x6, 0xffffffff, 0x5, 0x4b9, 0x7, 0x8, 0xffff406f, 0x3, 0x1, 0x6, 0xfffff71e, 0x1, 0x4, 0x10001, 0x1ff, 0x80, 0xd45, 0x400, 0xaaa, 0x9, 0x99, 0x944, 0xffff, 0x0, 0x0, 0x9, 0x8, 0xb641, 0xf, 0x5, 0x3, 0x2, 0x8, 0xffffffff, 0x2, 0x5175, 0x2, 0x9, 0xfffffffe, 0xb0, 0xfffffffe, 0x9, 0x6, 0x9, 0x9, 0x2, 0x5, 0x3f903506, 0x401, 0x401, 0x2b, 0x6, 0x4, 0x10, 0x9, 0x3, 0x40, 0x522, 0x2, 0x53f, 0x10, 0x1ff]}, @TCA_HTB_RATE64={0xc, 0x6, 0x26}, @TCA_HTB_PARMS={0x30, 0x1, {{0x3, 0x1, 0x9, 0x5, 0x2, 0xfffffffb}, {0xc, 0x1, 0xffff, 0x800, 0x7f, 0x6}, 0x6, 0x7, 0x94, 0x8, 0xc203}}, @TCA_HTB_CEIL64={0xc, 0x7, 0xb5a2}, @TCA_HTB_RTAB={0x404, 0x4, [0x80000000, 0x9, 0x2, 0xfffffffc, 0x13, 0x7, 0xdb6, 0x1, 0x400, 0xffffefff, 0x7fff, 0x6, 0x8001, 0x7, 0x2, 0x2, 0x7, 0x4, 0x9, 0x800, 0x8, 0x0, 0x4000000, 0x3, 0x34f, 0x9, 0x9, 0x80000001, 0x8, 0x3, 0x400, 0x4d9010c, 0xfffffff7, 0x5, 0x9, 0xffff8001, 0x8, 0x8, 0x1, 0x9, 0x101, 0xf33, 0x5, 0x6, 0x6, 0x0, 0xfffffd71, 0x8, 0x10, 0x7, 0xd7a, 0x6, 0x0, 0x0, 0x0, 0xffffff89, 0x7, 0x6, 0x2, 0x7, 0x0, 0x1, 0x7, 0xfffffff8, 0x7f, 0x0, 0x0, 0x2, 0x6, 0x7, 0x9, 0x0, 0xffff, 0x0, 0x3, 0x6, 0x0, 0x4, 0x9, 0x2, 0x4, 0x4, 0xd41, 0xa, 0x9, 0x1, 0x6, 0x62c, 0x82e4, 0x2, 0xb8, 0x7, 0x1ff, 0x8, 0x5, 0x4, 0x7, 0xfffffffa, 0x496, 0x6, 0x10, 0x8, 0x5, 0x7, 0xfffffffa, 0x1, 0x3, 0xff, 0x7, 0x6, 0x96, 0x8, 0x2d4, 0x1, 0xfff, 0x6, 0x5, 0x4, 0x6, 0xff, 0x7ff, 0x2, 0x9, 0x0, 0xd0, 0x800, 0xfffffffd, 0x3, 0x9, 0x6, 0x3, 0x1a, 0x6, 0x8, 0x6, 0xd, 0x2, 0x6, 0x8f, 0x46d, 0xfffffffe, 0x7fff, 0x7, 0x1, 0x3, 0x3b561ddd, 0x7, 0x1ff, 0x7, 0xa, 0x5, 0x8, 0x1000, 0xfffffffe, 0x9, 0x3ff, 0x10000, 0x10, 0x2, 0x3, 0x4, 0x8e0f, 0x100, 0x7, 0xfff, 0x0, 0x4, 0x1, 0x800, 0x1, 0x3, 0x3, 0xf4, 0x3, 0x100, 0x8, 0x1, 0x6, 0x8000, 0x5, 0x5, 0x777, 0x63, 0xfff, 0x84, 0x1, 0x3, 0x4, 0x1, 0x4, 0xffffff11, 0x5, 0x4, 0x4, 0x1, 0x63e, 0x9, 0x77, 0x1, 0xbde, 0x2, 0x7, 0x2, 0x1, 0xb113, 0x3, 0x9, 0x100, 0x8c58, 0x5, 0x5, 0x8, 0x3, 0x60a000, 0x80, 0x7, 0xffffffff, 0xff, 0x200, 0x0, 0x3, 0x6, 0x1, 0x7, 0xfff, 0x8, 0x2, 0x7, 0x5, 0x5, 0x0, 0x8, 0x0, 0x800, 0x4, 0x21d18000, 0x6, 0x7, 0x0, 0x1000000, 0x800, 0xd, 0xb3, 0x10, 0xffff233e, 0x0, 0x2, 0x8, 0x3, 0x5, 0x3, 0x10001, 0x2, 0x7c128b51, 0xfffffff9, 0xfffff000]}, @TCA_HTB_CTAB={0x404, 0x3, [0xffffff6d, 0x1d8128b, 0xac6d, 0x3, 0x7, 0x0, 0x8, 0x9, 0xb, 0xd, 0x1, 0x2, 0xffffffff, 0x3, 0xa, 0x1, 0x2d15, 0x5, 0x2, 0x3, 0x3, 0xa87dff7, 0xff, 0x10000, 0x7, 0x40000000, 0x3, 0x5f62, 0x3, 0x81, 0x3, 0x3e65, 0x2, 0x8, 0xec, 0xfff, 0x2, 0x9, 0x9, 0x100, 0xb2, 0x901, 0x3, 0xa, 0x5, 0x4, 0x5, 0x80000001, 0x9, 0x5, 0x919b, 0x4, 0x0, 0x8, 0x0, 0x2, 0x7fff, 0x5bdc1428, 0xc, 0x5, 0x9, 0x5, 0x6, 0x6469d5ab, 0x200, 0x8, 0x36b9a246, 0x7, 0x8, 0x1, 0xffffffa0, 0x401, 0xb, 0x17cf, 0x5, 0x2, 0x9, 0x6, 0x1, 0x3, 0x8, 0x9, 0x9, 0x4, 0x8, 0xd2b, 0x2, 0xf2cb, 0x6, 0x2, 0x9, 0x8, 0x6, 0xfffffffa, 0x7, 0x9, 0x7f, 0x2, 0x5cb, 0x5, 0x5, 0x7, 0x9c2a, 0x4, 0x1, 0x8, 0x0, 0xffffffff, 0x3, 0x100, 0x5, 0x5, 0x2, 0x2, 0x8, 0x9, 0xffff0001, 0x10, 0x1, 0xffff, 0x43, 0xfffff77e, 0x1, 0x1, 0x6, 0x6, 0x5, 0x0, 0x3, 0x1000, 0x81, 0xd517, 0x1ff, 0x8, 0x3, 0x3, 0x9, 0x7, 0x7c7f, 0x9, 0xf, 0xa6, 0xfffffff9, 0x7, 0x3, 0x3, 0x3, 0x1, 0x3, 0x9f, 0x81, 0x81, 0xfffff800, 0xffffff00, 0x401, 0x7cbf, 0x6, 0x2, 0x7, 0x1000, 0x1, 0x40, 0x8, 0x0, 0x7fff, 0x8, 0xa2c, 0x9, 0x2, 0x9, 0x1, 0xffffffff, 0x7fff, 0x6, 0x8, 0xfb91, 0x10001, 0x7, 0xfffffffc, 0xffff03da, 0xf, 0xffff, 0x1, 0x0, 0x0, 0xd, 0x8000, 0x7, 0xe, 0x6, 0x80000001, 0x8, 0x3, 0xeddb, 0x5, 0x0, 0x5, 0x8, 0xaaf, 0x3, 0x6, 0x8, 0x8001, 0x9, 0x5, 0x8, 0x200, 0x10000, 0x8, 0x9e, 0x3, 0x9, 0x1, 0x0, 0xfffffffe, 0xfffffffb, 0xbdfc, 0x5, 0x100, 0x7, 0x26c, 0x2, 0x1, 0xf567, 0x7, 0x1, 0x1, 0x1, 0x3ff, 0x0, 0x8, 0x7, 0x6, 0x4c6, 0x6, 0x2, 0xf3, 0x3, 0x0, 0x7, 0x4, 0xb, 0x4, 0x4, 0x59, 0x4, 0x40, 0x597e, 0x80000001, 0x40, 0x1, 0x4, 0x5, 0x1, 0x9, 0x6]}]}}, @tclass_kind_options=@c_tbf={0x8}, @TCA_RATE={0x6, 0x5, {0x8, 0x4}}, @tclass_kind_options=@c_mqprio={0xb}, @tclass_kind_options=@c_drr={{0x8}, {0xc, 0x2, @TCA_DRR_QUANTUM={0x8, 0x1, 0x4}}}, @TCA_RATE={0x6, 0x5, {0x9f, 0xa}}]}, 0xd18}, 0x1, 0x0, 0x0, 0x404c8c4}, 0xc4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newtfilter={0x58, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xa}, {}, {0x5}}, [@filter_kind_options=@f_u32={{0x8}, {0x2c, 0x2, [@TCA_U32_SEL={0x14}, @TCA_U32_INDEV={0x14, 0x8, 'veth1_vlan\x00'}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021501700001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000024170380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000f01600800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000ac0201802800028008000340000000000900020073797a3100000000080003400000000008000180000000003800028008000340000000000800018000000000080003400000000008000340000000000900020073797a300000000008000340000000002c00028008000340000000000900020073797a31000000000900020073797a32000000000800034000000000d0000100b408b1e286b5c8f7a7321d1f80c982b3c96b4dac7dead86aceee30544dfdb289f2cae899fc3fe86ee3f122505d76d6b5878270ecb40c37908d60b9ed31d97a3e0ee856f3cf3c2fdfee967991f8d1ef7fdce37b30f8842735e543ac808675a64f66eb37009373328ddf992e92b3a5765bd5f765d73c578babbb08efd7b59dab641a88f3099e34bb7fbc04cb298bb0df6eb0dc4ca79864758aff38b7192698c89435c5699f4a9222ad4a2c68c9356b741f04ef667f7a169b8976632c7cb98f18ba558bc302c7b73401c42a76160c0002800800034000000000440002800900020073797a310000000008000340000000000900020073797a32000000000900020073797a320000000008000180000000000900020073797a3200000000fc000100789be1642f8430c460e8692a8f8c45aaf3118316539052ba181a60f03707ec8179fd143ed6c4db73977b77f68686d2ec94b25435ecec60f6ac23db96833cbf99779e33db32e62fe3a078933d3c1122022952988b9550db169ecb6e39fd8720a05d3eeb5d40a7ab91f9b5565dc2b48c9ac61eefd9d0aab86e58ea1940d2240a851dbeabcf0b6cefba164663ad87cbcdb6aa1468529d1206b1fa3aa39118b45ab882df7fb2c6e9c25a706f99002cc42ee9b894b4bbfe66ce8fa1038566ae3407d5c80e28dc3911476785933d1ef923697a44a9cd4271d539e2ecc14d37a5e2074116425f0766b49a6febf9f1b8405ee9de1363b262f1be283921020180380002800900020073797a300000000008000340000000000900020073797a300000000008000180000000000900020073797a30000000003c0002800900020073797a320000000008000180000000000800018000000000080003400000000008000180000000000900020073797a3100000000380002800900020073797a300000000008000180000000000900020073797a320000000008000340000000000900020073797a320000000024000280d3fd0180000000000900020073797a32000000000900020073797a3000000000f3000100a6117a78b9e48d6dd9ad86fc2c54547cbee98c24f4b972c82722771febf3e388f9b3907852ee4adbd95ca25deb487ac3d49d3716931979f6bbf2b8cdcc0bc37f27a54709a59c31c01c5544b11cb9c6ca800d7f23c3cc5237458188f26a04c78ad8dfd3b13e958558dc3b7f0f4cfc16c4fd23e11b25bd23b195b64166e0c3a8ab3ebbd2ead4abf745bcf4d4b0610521d7ec52023ed38c7f9fb1cbab6a9d87c96fd783ff63f9483766557291fcc41f17c423550c1e965a66e30631b271db96cccb68bf8c91656e894ef46a296974170da742b0d13d665f0f2e80d3590b3dc637851b6e7b0adc59ab874ce337a258bc430008000340000000010c0004400000000000000001941001802c0001001943281e8af5fa4de43a18b194246a7a86da4a16357db4bc3d3edaccb333b121e8636c2e1c00e4e13c0002800900020073797a310000000008000340000000040900020073797a3100000000080003"], 0x17d4}}, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.379646116s ago: executing program 3 (id=1707):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x0, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
pselect6(0x40, &(0x7f00000001c0)={0x8, 0x8000000000008, 0x4, 0x0, 0xfffffffffffffa5a, 0x4000000000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x4, 0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfff}, 0x0, 0x0)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
listen(r2, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="04040a0000000000005467920034db81e7abdddc259aee6063e57dfee0da"], 0xd)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
socket$netlink(0x10, 0x3, 0x0)
syz_emit_vhci(0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$tty1(0xc, 0x4, 0x2)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r5, 0x111, 0x2, 0x0, 0x4)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x101, 0x100}})
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x610782, 0x1ff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)

1.358795304s ago: executing program 0 (id=1708):
socket$kcm(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000300), 0x24000, 0x0)
iopl(0x3)
init_module(0x0, 0x3f00, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0)
lseek(r1, 0x405, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000008400), 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180200000000ff7f00000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@ifindex, 0xf, 0x1, 0x9, &(0x7f00000001c0)=[0x0], 0x1, 0x0, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0], <r3=>0x0}, 0x40)
r4 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000480), 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000004c0)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0700000010200000", @ANYRES32=r0, @ANYRES32=r4, @ANYBLOB="490adfe159a1866ea8d915d16f688c39321b03925590a03abdf8a649dc6d8f44b4cfdf67a4a4c1dfaae395a5ccd3d8c63e3df1", @ANYRES64=r3], 0x20)
r5 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x94}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xffffffff, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r8, 0x0)
accept4$x25(r8, 0x0, 0x0, 0x0)

1.358214731s ago: executing program 2 (id=1709):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
r0 = getpid()
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0xe0701, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000180)=@tcp6, 0x3}, 0x20)
getsockopt(0xffffffffffffffff, 0x0, 0x6, 0x0, &(0x7f0000001ffc))
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000700)=@newlink={0x28, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1044}, [@IFLA_MTU={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4028080}, 0x0)
setfsuid(0xee01)
setresuid(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_GETSTATE(r1, 0x80045105, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB="8c00000010000304000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="97020000000000005c00128009000100626f6e64000000004c00028008fe76cb7b68087ab100001800088000000000e00000017f00000174010102000000000500010000"], 0x8c}}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0xa06e1, 0x0)
r4 = syz_clone(0x82010000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4008032, 0xffffffffffffffff, 0x0)
ptrace$poke(0x5, r4, &(0x7f0000000080), 0x0)
connect(r3, &(0x7f0000000100)=@ethernet={0x0, @dev}, 0x80)

534.145923ms ago: executing program 3 (id=1710):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a00002806000100"], 0x1c}}, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000100)={'syz0\x00', {0x0, 0x0, 0x0, 0xffff}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x80], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x967]}, 0x45c)
openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000640), 0x1, 0x0)
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff})
read(r3, 0x0, 0x0)

490.809429ms ago: executing program 3 (id=1711):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_clone3(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000380)=""/124, 0x7c}], 0x1, 0x2, 0x200)
mmap(&(0x7f0000819000/0x2000)=nil, 0x2000, 0xf, 0x10, r1, 0x1000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x7, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c000000020605000000000000000000000000000900020073797a3200000000050004000000000005000100060000001400078008000640000000000800134000000000050005000a00000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
accept4(r2, 0x0, 0x0, 0x400)
socket$l2tp(0x2, 0x2, 0x73)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1000, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
socket(0x10, 0x80002, 0x0)

490.42343ms ago: executing program 2 (id=1712):
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x4, "eb9c22c2"}, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
preadv(r4, 0x0, 0x0, 0x3c, 0x0)

482.394588ms ago: executing program 0 (id=1713):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1) (async)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
flistxattr(r4, 0x0, 0x91) (async)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x1a, &(0x7f0000000000)=0x8002, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) (async, rerun: 64)
r6 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) (rerun: 64)
setsockopt$ax25_int(r6, 0x101, 0x9, &(0x7f0000000000), 0x4) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1}) (async, rerun: 64)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0xc02, 0x0) (rerun: 64)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) (async)
r8 = dup3(r7, r0, 0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r9, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r9}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

390.181592ms ago: executing program 0 (id=1714):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0xc0f85403, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r1=>0x0)
fcntl$lock(r0, 0x24, &(0x7f0000000080)={0x2, 0x1, 0x9, 0x7, r1})

389.767532ms ago: executing program 0 (id=1715):
r0 = socket$inet(0xa, 0x801, 0x84)
sendto$inet(r0, &(0x7f0000000000)='E', 0x1, 0x0, &(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x74, &(0x7f0000000200)={0x0, 0x0, 0x10, 0x3}, &(0x7f0000000240)=0x18)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
io_setup(0x8535, &(0x7f0000000300)=<r4=>0x0)
io_pgetevents(r4, 0x1, 0x1, &(0x7f0000000340)=[{}], 0x0, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x109b41)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
ioctl$USBDEVFS_SETINTERFACE(r5, 0x80045510, &(0x7f0000000000))
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
io_submit(r4, 0x1, &(0x7f0000002540)=[&(0x7f0000002140)={0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0}])
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2e1, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r9, 0xc02c564a, &(0x7f00000001c0)={0x4, 0x34324142})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0x1, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8, "0c5557152e55ec04040022fa20c242eb"}}}]}, 0x48}}, 0x0)
bind$netlink(r2, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r2, &(0x7f0000000040)="2600000022050000000000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b3f45a16ff092669e0b0f125714b6f5e504", 0x37)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x1, 0x7}, 0x0)
r12 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r12, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
dup(r12)

344.316012ms ago: executing program 1 (id=1716):
socket$packet(0x11, 0x3, 0x300)
socket$inet6(0xa, 0x3, 0x8000000003c)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00')
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18)
syz_emit_ethernet(0xbe, 0x0, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120100002ec6601037210100352a010203010902120001000000000904"], 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (fail_nth: 9)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, 0x0, &(0x7f0000000280))
socket$nl_route(0x10, 0x3, 0x0)
add_key(&(0x7f0000000540)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffc)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
read(r0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)

249.202054ms ago: executing program 3 (id=1717):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001440)={0xbb}, 0x8)
sendto$inet6(r2, &(0x7f00000002c0)="9e", 0x1a000, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x4, 0x10}, 0xc)
sendmsg$inet6(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)='h', 0x34000}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
syz_emit_ethernet(0xd76, &(0x7f0000002e40)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd607428dd0d403afffe8000000000000000000000000000bbff0200000000000000000000000000018700907800000000fe8800000000000000000000000000010018122b472e41e24b11f34b608816e522a7f3032efcb5633a3983e172d7dbb1cedeea00156dbf01dbd8e49e39e8fd54a9300113f16b56fd3ece899e2dff0f1443afc40da882e5a3d76d593c09402a0de4f7b9fcbd9c0f4b968122455e34e1afa222c60b04a9f2bfd548605a711678755475861538b9de80bb31e39fd8d5ba7fc1988c850ba77307a7519940fc99f9a55be09c10cf4bce1ecfeb8a12772325a7c3d35e786a6518357d8754da82aac43dba342a23914b38c05e40574575ca517536228c5d6a5028d27df7b743fc3853c906a38423567fff1d055cab50d3416d7c7ad3c425361ba2598561b179f1de5b9efd8e0adbfc22e390e5b28c643b3ec5b1911b0aed85e0bdedadb01d31bd43db483e4346db4c8bed69bf719eb5a414914175f43b624bf5715c0ed8695aa62c4a8fa9188e37488cbebbe562b6acb423619ecc9a9ede19352a14d9acff5e2f6c75d6f0aabffe6c6d812455a57e0c29a57dd326e4036abafa288f89c1173893cb92f0687065f00e372e11ebdaba2b394b2dcbef6c436bb1379e2f8e899d14dec87af6797ef7ba024cb3e4beb71bce33e8a2feb794cab55195915e96c77ba6ec75c40eda9e8867db4d2439debbcd96c1b9cbc9c8449ff6a90315e36c751d86fd0675c6923038f9de5570410d4692a1c2e48e1354102d7081d5f56affd5cb174805b7266cf32437e79fef151cd27e8ccb5ac1356f323480ac1e2eeac0984f22a8f6252b20e123a33c0160e84db794abf278ecd28220fbcaa2bc410d5ef2ccc0aa2c5fa574855c8bb0b21a1d4fce463ddee87b2199ce23addd50f89608296df2c15c48d3fe53c1844efe4677e4e824631e4197bd05328c0a105fb8e1ac6b8ba0b41da9acd0dc483da33edc9a666572e5177ecca75d277141c8f2d667fae92e645b3b5f1e374569813a3bd6cb2f9d9ee1c4a3d523795e22cf275c89bd25e8c500c5ede5609bc7df603774daef9377761dc9b281c8b7cd5d5eaf3ba7964f5730220b48ce0383a6c45b278da3eeb827f5de1e8a8b816d0538df4b77956cda06ebed815ff55e5f222efc5c0be86c8e257d8eeaa67d218b8429a2be3c7971c0e00f39c1f57e5381a7f293c00464a3b5110d857aadd8d4a5633f8df464d3dddf05fa90e44641f37506445249a2da466a0a429f0217a8d97938aa92a7530ca07f0147381b3a8679afa4a920d0c1e0dd48948da830870dd9ee084147650cebf328021ae1a7f989d5004c0ed996fdc977534b212fb4465e1fa00b3f9332149aea72d0bf1812610d75c0ec5ebacd87adbbcab195e388bcd92bb9d62382b76550af782efccd4d3a7ac6cd385d56c8b93d071caddc6e9c424fca8e3ca880de62a3f5efa642c00b459e31995b600364b0aab00ae95ba3e9381dbe6b96de4d92700a826a6d3814bd6fc6127692c5bc3178563bd3a6998004ff65bf3a2cfe5b5423f6d41ed6245dacf22ad88091ed6a7e3409cc6903afb558c014eb04efe376582d8d77d1f28cbf4797209d9c97d6e8d118d3980b8bf0746a05dd5d1de364a5e02372a6bc75725a9603a277c5273f0cda1b35218ba5b93d14cc9e70923196692872fd8d1292dd70f6abe424563fffaca17697b7369f56b22ebb12ac7d48c5f538aabcad0c5a93cb0cf6fb16b196d70b276a1f0ccb5b14ecd3a4fd97f0464d31e9b9b90d9e008e83a744e49a3c0ac61db5e538a4563fd090d87f7b5a7280fddc34989d921a0fe5f77ff95a436eeef58a2d4aed44aa0c4fee91e88edcd5d837fa6aca2290c788b5030110aa5e875e6c46487c9f6fdea5cc574b03d8484cb26891ebcf163700777cbcfa632135e796b6bb813ce8f69a0cbb85f974d28b10f46cdcfdf6ab27951c84786d261d729b409779c5af5eaf8219c09042ed5c7bc5293ac4a1f80db1b7951771e26f3dbda89479d180e70f5f281b6ad1bab9319fd4d10fab9aff98c30c3223dbc999f6402fcfab08290981374e081130f19d9d77e55aa3a262b3831c32e4772b5891fa9fa1e21ca3d53da44d91539c8640133a4e6053701d7532acbf0ee303ed660b4f8f3e4352edb0ea00f128d88707324bee046afdeaa3664a73e1d5dd4daa7ee1c0c2bf7f6cf10537b27f391398baf7cb0734da6bb76cdd786b1df9f16b6e8f9c27210fe972226d3a893ba329962bc4ed6f642c0e0b2810fa1182f79b7ff81122275bffb20218091acbe4853af1438a32c0af719017951e2432d79cddcdc7ca97a56ce670f8d18da8a6b511f1bf6eb18ae48908798e2ae9d031c81cbb2d7e000900d30e8be56c3df733e15750161b71472f78e9a6f0cdf576bb2e354d7917c4e491b231c13b8ee0a3cb02c7bbe77b9cdd84fa2f12450335b6805329dbc758c8123b390ebc4275bb354b8fa82258e23036ee18830687fcc647e461c204ae328ae38a00759f5f4b39aa533864c82118ba047ce1c1d5ac7b5fae78138405487db21670444369a98b19fd01a9802b907b65908e3e0b8574a49bc1e5bfd9cddea5b1f3e2b8cab177dfd6fd8537790dde3f128c3418685c1b5bdb2647283c31ac3e70a887ac6ef22cc10d489e68c2c82b58778c7d99dbfc8f37b0a6ace5f36a31713ce5762f9d671a44df0c69dde4eccb5eb058737b441d6b629bb0396d3ec7f4c07e5be86be775bfd6a6893f106ee9137981d9514d86771cd13b532f3458d30d107f927c170f9f61720ade6d563af1d2728b966fa1a79e9e39848bcb601e4c3354a2b94f203bc78c0bb39365036cea6c0a45258d01624981e36dc8e60225bf943a526ef396adfcd808e4d5a70c7d2cd668ebbb825ed1854bf94ad26e5f6a87a4eab1b044abb16cddd684e1e5c61b95363a1a4f8e569fe70c0c3e9d1a348ef757e80d6030302027284ae2400e761275541fb8ec41420b3bcfec1183bc931b7dfa444b621b725bba4acc46dc177000c338df895eacf2aa5996920b812973450f72aa39384f3c1847ee946f6325e5f88c25293c4319509b55d3f8bd4b2962ce505a5bfbd77a8264b63fd89c25ebdc97d5f3b8aeeebf147af39ed0d1b70b37abeee1249ba83451ff888f26eb0737b46e4a1697433f42eea726347f963cb60a3307b89d0a310255129f6f2be12b41dc51debae5df8642589ac9f176dbe55b82be99686c1446f89c8c48b5bedba1aa3d533bdb058281e6dd3d9ecacd7ea004dd59f6449a4c7d6eb4200d132b9d15d5361a520340c836ab74bef670128c05340fa2e2edfe4c56899c12e15cc7418a2dc356e6da881efc78b436a824ef91c7a2d07bc0a8de0242ecb7e16a86099764bb215c3c96b548c744dd470835aa7abeef9c764940eaf5faa2f05c54e4b0900d2aaa9fd68bd73ac8765bc28dec89555422ffb3d731d71d1ffce3021234aaf54282a36fac8f6de72ff0e3df80121bffe34d280e43136360359b2e07a7b4ab186f1fcdffd64659b118410f4e8ec040cc98ec2b1f9fbb537dba6fe055c26b148b001a9af6ff6568f67eac47737d010bdc1a9980a3469f3940c7f22ace5a9f97ff1bf5ca6cd113e94565937e13a91af1120ad50311604c5a98ff98f57d9e10d4abecf63ece2c69cf31bc1f1552be4698b76876f4834ea7a5fa1856e63b4a0123a5f208a1f90eed3323d957ebe694c5ca90278d5283ea212cf6119225b00eb008c539d41ffd5129939a85a1be3d2c64d0db06c426a9012747658d73f54a25deba8b60850a31ac835b3a845041d76860234dab41b8a2f6be98386bf89783ebd8cfca64cb347407f6e9c35e61071ed1fe462db2d69e206af0dacf03a24b9d294c58f717544eeb47229dc10d2845879d3ac02c42e265dd7280809101555a573c232fa3f27ee5b744c9f896960a0a3529ba295fb562e8eb515a6140700111fdb3569e30c7f7305596ff4d2800dc6d1d6c2a714e0b53a0b84ef6ae9179b79307a2cf05f849bf434d28f8909adaee401cb11ea71161f6294587c97401341131b5c1ea28c3f845c8d23d34862c3d70f1af2cc0dd090175c63b617a01791c75e4349c52a16c3a65e18e5ef0a4aeddefcfc37adc2fa8c9162e1641ec75110839c1cb505802e6b13cde79ad41ef7d110231ebba376bbfc06f28ed1eaacfb2c32163233430a1ae7b6f989f7c7edc94b01f2f3fa7da69966c3546f51de5f82caf164372a5da96abe9d432dab61f38a213e0e954d3d3c717e6b3ca982c32189764fd84996c4dcbcd57ed813b684abb49085d18e844c67983c5f231bce81be617927a0c1c6ad4b06be258d1957abe41913054e0910fce55827eef057368fa5f83c32ee315d11843e06ed95376ffa7a7c7d3890522c8e39c9ee575dee3087b764a09ba440287c6a9a72bfced28abefbff2ad7b85aeb7cdc6425c78e90f7177744e1f673e4b4fc4c0f8fecbe1984e4ac0670d9a898e4e8e64ac413d7642dbb988a347d26c6ed34f881c9e07e55a80111d31301e8b8012e90f6b39d4bf2d20533c08d4f73d7ceddedc5dc8616836da51cda90aaf07f8e9fec0c93bcef283c1a875ee27d6d03ef0b09fa36b8c32981eb07f7ecd6d536fd775b69c6f107e3302fe85c615082a0e328d5f279cf1e4761b876c9ce8a6d5edfa8f9b760f108f78fa018227419fe003c01390dd4efa6638b3d2de44789a99de1bb101634280793b85558d45337cf10add68c56dd6cddb4c9606bb6dab09b6804f924486c2d3b6c5f78039a81c2ee14245f7868f1ccb2c23ac00110c5513f06dbdb0265f0914e83e820d3030f3bf78380455fe8e3a8cce7f0ebf9f752a8d85aa75c012cb4b9e84"], 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r2, &(0x7f0000001480)=[{&(0x7f00000014c0)="c550e51b1524e16790f03eb1f23b338a8d464ada7a0bad7a9d7595416a340e1b5c8c1b4906ed9e74374c00daf4221e13e7e2198e632245b9bf13ec8a74a88bb6c123302c4f96de1b647591ba3f9a40532318c829c13b9e52463bd3d44234282af04e5196a4b09b71f7d7f856448a5ee48c4a6af543b45acc70f7ac8d9e160df723ffc177fcfc9090b1e73606", 0x8c}], 0x1)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000000000)=@ieee802154, 0x80, &(0x7f0000000240)=[{&(0x7f0000000100)=""/65, 0x41}, {&(0x7f0000000180)=""/91, 0x5b}, {&(0x7f0000000340)=""/191, 0xbf}, {&(0x7f0000000200)=""/12, 0xc}], 0x4, &(0x7f0000000400)=""/4096, 0x1000}, 0x60)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000918300000064574fed0008000300", @ANYRES32=r5, @ANYBLOB="0a00060008021100000000000c00430002000000feffffff"], 0x34}}, 0x0)

0s ago: executing program 3 (id=1718):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000000740)={&(0x7f0000000380)=@in6={0xa, 0x4e23, 0x0, @mcast2}, 0x1c, 0x0, 0x0, 0x0, 0x54, 0x20048885}, 0x20084054)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
gettid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x401)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f0000000480)=ANY=[@ANYBLOB="666964746572000000000000000000000000000000000000000000000000000002"], 0x48)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000180)={0x0, 0x2, 0x0, 'queue0\x00', 0xffffffff})
openat$sequencer(0xffffffffffffff9c, &(0x7f00000004c0), 0x180842, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = syz_open_dev$vim2m(0x0, 0xfffffffffffffffe, 0x2)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103}, 0x20)
sendmsg$inet6(r5, &(0x7f0000000000)={&(0x7f0000000400)={0xa, 0x4e21, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="14000000000000002900"/20], 0x18}, 0x0)
preadv(r3, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r6 = socket(0x848000000015, 0x805, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cgroup.kill\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x400, 0x0, @loopback, 0x3}, 0x1c)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0x13, &(0x7f0000000000)=0x8, 0x4)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x6}, 0x1c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYRES16=r3, @ANYBLOB="a62c1759c19b4978872141c47cb418221123449bd8488cd59c0699b8178d12c5116305db715f5ada498ffef9a3d390e4aea7a3bb8f7b3e0b521bc982bf059fe4dc016821944fdeaaa730d1b9267d8364094c49e1e3c8f998bac6161a54eee5a09a1b783f62f1fa32e10847d51532195802957f91b1b6fe3cabb0aac13d", @ANYRESOCT=r4], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x9)

kernel console output (not intermixed with test programs):

  T45] bridge_slave_0: left allmulticast mode
[  334.487661][   T45] bridge_slave_0: left promiscuous mode
[  334.489165][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.775236][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.780273][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  334.788047][   T45] bond0 (unregistering): Released all slaves
[  334.824352][   T39] audit: type=1800 audit(1729322233.159:698): pid=10864 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.1380" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  334.878687][   T45] bond1 (unregistering): Released all slaves
[  334.951913][   T45] bond2 (unregistering): Released all slaves
[  334.959234][T10865] Invalid logical block size (2)
[  335.026127][    T8] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  335.044705][   T45] bond3 (unregistering): Released all slaves
[  335.166210][    T8] usb 5-1: device descriptor read/64, error -71
[  335.383270][   T45] hsr_slave_0: left promiscuous mode
[  335.385161][   T45] hsr_slave_1: left promiscuous mode
[  335.387705][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  335.389794][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  335.392343][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  335.394300][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  335.416212][    T8] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  335.424825][   T45] veth1_macvtap: left promiscuous mode
[  335.427663][   T45] veth0_macvtap: left promiscuous mode
[  335.429157][   T45] veth1_vlan: left promiscuous mode
[  335.430549][   T45] veth0_vlan: left promiscuous mode
[  335.566105][    T8] usb 5-1: device descriptor read/64, error -71
[  335.686303][    T8] usb usb5-port1: attempt power cycle
[  335.711664][T10881] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  335.713586][T10881] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  335.980825][T10888] FAULT_INJECTION: forcing a failure.
[  335.980825][T10888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.984194][T10888] CPU: 3 UID: 0 PID: 10888 Comm: syz.1.1385 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  335.986962][T10888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  335.989730][T10888] Call Trace:
[  335.990611][T10888]  <TASK>
[  335.991394][T10888]  dump_stack_lvl+0x16c/0x1f0
[  335.992641][T10888]  should_fail_ex+0x497/0x5b0
[  335.993869][T10888]  _copy_from_user+0x30/0xf0
[  335.995091][T10888]  __sys_bpf+0x21c/0x49a0
[  335.996210][T10888]  ? ksys_write+0x21e/0x260
[  335.997611][T10888]  ? reacquire_held_locks+0x3f0/0x4c0
[  335.999011][T10888]  ? __pfx___sys_bpf+0x10/0x10
[  336.000559][T10888]  ? vfs_write+0x14d/0x1140
[  336.002098][T10888]  ? __mutex_unlock_slowpath+0x164/0x650
[  336.004014][T10888]  ? fput+0x30/0x390
[  336.005321][T10888]  ? ksys_write+0x1ad/0x260
[  336.006886][T10888]  ? __pfx_ksys_write+0x10/0x10
[  336.008514][T10888]  __x64_sys_bpf+0x78/0xc0
[  336.010033][T10888]  ? lockdep_hardirqs_on+0x7c/0x110
[  336.011801][T10888]  do_syscall_64+0xcd/0x250
[  336.013331][T10888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.015326][T10888] RIP: 0033:0x7fec7797dff9
[  336.016890][T10888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.023135][T10888] RSP: 002b:00007fec7877c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  336.025889][T10888] RAX: ffffffffffffffda RBX: 00007fec77b35f80 RCX: 00007fec7797dff9
[  336.026137][    T8] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  336.028513][T10888] RDX: 0000000000000050 RSI: 00000000200009c0 RDI: 0000000000000000
[  336.028527][T10888] RBP: 00007fec7877c090 R08: 0000000000000000 R09: 0000000000000000
[  336.035778][T10888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.038417][T10888] R13: 0000000000000000 R14: 00007fec77b35f80 R15: 00007ffe9a25e378
[  336.041082][T10888]  </TASK>
[  336.048251][    T8] usb 5-1: device descriptor read/8, error -71
[  336.306208][    T8] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  336.326511][    T8] usb 5-1: device descriptor read/8, error -71
[  336.418707][   T45] team0 (unregistering): Port device team_slave_1 removed
[  336.438571][    T8] usb usb5-port1: unable to enumerate USB device
[  336.495197][   T39] audit: type=1400 audit(1729322234.829:699): avc:  denied  { write } for  pid=10895 comm="syz.3.1388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  336.505841][   T45] team0 (unregistering): Port device team_slave_0 removed
[  337.089847][T10882] hsr_slave_0: left promiscuous mode
[  337.091631][T10882] hsr_slave_1: left promiscuous mode
[  337.196228][   T73] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  337.346255][   T73] usb 6-1: Using ep0 maxpacket: 8
[  337.349926][   T73] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  337.352043][   T73] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  337.354519][   T73] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  337.358217][   T73] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  337.360797][   T73] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  337.364147][   T73] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  337.367480][   T39] audit: type=1400 audit(1729322235.709:700): avc:  denied  { setopt } for  pid=10912 comm="syz.3.1394" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  337.373757][   T73] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.570535][   T45] bridge_slave_1: left allmulticast mode
[  337.572106][   T45] bridge_slave_1: left promiscuous mode
[  337.573710][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.579016][   T45] bridge_slave_0: left allmulticast mode
[  337.580664][   T45] bridge_slave_0: left promiscuous mode
[  337.583185][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.588567][   T45] bridge_slave_1: left allmulticast mode
[  337.590106][   T45] bridge_slave_1: left promiscuous mode
[  337.591775][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.593849][   T73] usb 6-1: GET_CAPABILITIES returned 0
[  337.595271][   T73] usbtmc 6-1:16.0: can't read capabilities
[  337.598591][   T45] bridge_slave_0: left allmulticast mode
[  337.600568][   T45] bridge_slave_0: left promiscuous mode
[  337.602497][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.612574][   T45] bridge_slave_1: left allmulticast mode
[  337.614257][   T45] bridge_slave_1: left promiscuous mode
[  337.616068][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.621063][   T45] bridge_slave_0: left allmulticast mode
[  337.622830][   T45] bridge_slave_0: left promiscuous mode
[  337.626981][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.819141][ T5379] usb 6-1: USB disconnect, device number 32
[  338.675252][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.683032][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  338.690209][   T45] bond0 (unregistering): Released all slaves
[  338.791526][   T45] bond1 (unregistering): Released all slaves
[  338.907849][   T45] bond2 (unregistering): Released all slaves
[  339.010949][   T45] bond3 (unregistering): Released all slaves
[  339.106310][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  339.113330][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  339.119655][   T45] bond0 (unregistering): Released all slaves
[  339.201758][   T45] bond1 (unregistering): Released all slaves
[  339.283341][   T45] bond2 (unregistering): Released all slaves
[  339.361058][   T45] bond3 (unregistering): Released all slaves
[  339.441663][   T45] bond4 (unregistering): Released all slaves
[  339.520844][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  339.527665][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  339.532042][   T45] bond0 (unregistering): Released all slaves
[  339.607726][T10958] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1410'.
[  339.958328][T10971] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1405'.
[  340.093852][T10971] netlink: 'syz.1.1405': attribute type 2 has an invalid length.
[  340.170654][   T39] audit: type=1400 audit(1729322238.509:701): avc:  denied  { create } for  pid=10975 comm="syz.1.1406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  340.184680][T10976] netlink: zone id is out of range
[  340.187027][T10976] netlink: zone id is out of range
[  340.189906][T10976] netlink: zone id is out of range
[  340.191301][T10976] netlink: zone id is out of range
[  340.192720][T10976] netlink: zone id is out of range
[  340.197495][T10976] netlink: set zone limit has 4 unknown bytes
[  340.201243][   T39] audit: type=1400 audit(1729322238.539:702): avc:  denied  { setattr } for  pid=10975 comm="syz.1.1406" name="NETLINK" dev="sockfs" ino=44600 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  341.267784][   T45] hsr_slave_0: left promiscuous mode
[  341.273189][   T45] hsr_slave_1: left promiscuous mode
[  341.279152][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.283489][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.288075][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.289949][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  341.290350][T10987] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=10987 comm=syz.1.1409
[  341.317579][   T45] hsr_slave_0: left promiscuous mode
[  341.319918][   T45] hsr_slave_1: left promiscuous mode
[  341.321994][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.323975][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.328765][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.330714][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  341.334872][   T45] hsr_slave_0: left promiscuous mode
[  341.342369][   T45] hsr_slave_1: left promiscuous mode
[  341.344668][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.346902][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.349572][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.351524][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  341.433953][   T45] veth1_macvtap: left promiscuous mode
[  341.435463][   T45] veth0_macvtap: left promiscuous mode
[  341.440027][   T45] veth1_vlan: left promiscuous mode
[  341.442671][   T45] veth0_vlan: left promiscuous mode
[  341.467304][   T45] veth1_macvtap: left promiscuous mode
[  341.468795][   T45] veth0_macvtap: left promiscuous mode
[  341.470335][   T45] veth1_vlan: left promiscuous mode
[  341.471747][   T45] veth0_vlan: left promiscuous mode
[  341.473944][   T45] veth1_macvtap: left promiscuous mode
[  341.475420][   T45] veth0_macvtap: left promiscuous mode
[  341.477368][   T45] veth1_vlan: left promiscuous mode
[  341.478798][   T45] veth0_vlan: left promiscuous mode
[  342.062675][   T39] audit: type=1400 audit(1729322240.399:703): avc:  denied  { bind } for  pid=10996 comm="syz.2.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  342.252873][   T39] audit: type=1400 audit(1729322240.589:704): avc:  denied  { write } for  pid=11001 comm="syz.0.1414" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  342.502285][   T45] team0 (unregistering): Port device team_slave_1 removed
[  342.599539][   T45] team0 (unregistering): Port device team_slave_0 removed
[  342.753813][   T39] audit: type=1400 audit(1729322241.089:705): avc:  denied  { ioctl } for  pid=11008 comm="syz.3.1416" path="/dev/vhost-net" dev="devtmpfs" ino=1114 ioctlcmd=0xaf11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  343.925548][   T45] team0 (unregistering): Port device team_slave_1 removed
[  344.013018][   T45] team0 (unregistering): Port device team_slave_0 removed
[  345.296337][   T45] team0 (unregistering): Port device team_slave_1 removed
[  345.381644][   T45] team0 (unregistering): Port device team_slave_0 removed
[  345.939488][T10987] FAULT_INJECTION: forcing a failure.
[  345.939488][T10987] name failslab, interval 1, probability 0, space 0, times 0
[  345.942785][T10987] CPU: 2 UID: 0 PID: 10987 Comm: syz.1.1409 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  345.945554][T10987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  345.948363][T10987] Call Trace:
[  345.949246][T10987]  <TASK>
[  345.950031][T10987]  dump_stack_lvl+0x16c/0x1f0
[  345.951289][T10987]  should_fail_ex+0x497/0x5b0
[  345.952535][T10987]  should_failslab+0xc2/0x120
[  345.953998][T10987]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  345.955441][T10987]  ? skb_clone+0x190/0x3f0
[  345.956633][T10987]  skb_clone+0x190/0x3f0
[  345.957757][T10987]  netlink_deliver_tap+0xab3/0xd90
[  345.959120][T10987]  netlink_unicast+0x6b4/0x7f0
[  345.960385][T10987]  ? __pfx_netlink_unicast+0x10/0x10
[  345.961778][T10987]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  345.963143][T10987]  netlink_ack+0x6a8/0xb90
[  345.964329][T10987]  netlink_rcv_skb+0x348/0x440
[  345.965596][T10987]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  345.967040][T10987]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  345.968439][T10987]  ? rcu_is_watching+0x12/0xc0
[  345.969707][T10987]  netlink_unicast+0x53c/0x7f0
[  345.970984][T10987]  ? __pfx_netlink_unicast+0x10/0x10
[  345.972367][T10987]  netlink_sendmsg+0x8b8/0xd70
[  345.973572][T10987]  ? __pfx_netlink_sendmsg+0x10/0x10
[  345.974972][T10987]  ? __import_iovec+0x1fd/0x6e0
[  345.976261][T10987]  ____sys_sendmsg+0xaaf/0xc90
[  345.977525][T10987]  ? copy_msghdr_from_user+0x10b/0x160
[  345.978953][T10987]  ? __pfx_____sys_sendmsg+0x10/0x10
[  345.980338][T10987]  ? __pfx___lock_acquire+0x10/0x10
[  345.981699][T10987]  ___sys_sendmsg+0x135/0x1e0
[  345.982945][T10987]  ? __pfx____sys_sendmsg+0x10/0x10
[  345.984315][T10987]  ? lock_acquire+0x2f/0xb0
[  345.985515][T10987]  ? __fget_files+0x40/0x3f0
[  345.986751][T10987]  ? fdget+0x176/0x210
[  345.987834][T10987]  __sys_sendmsg+0x117/0x1f0
[  345.989050][T10987]  ? __pfx___sys_sendmsg+0x10/0x10
[  345.990399][T10987]  ? __fget_files+0x244/0x3f0
[  345.991661][T10987]  do_syscall_64+0xcd/0x250
[  345.992865][T10987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.994427][T10987] RIP: 0033:0x7fec7797dff9
[  345.995609][T10987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.000839][T10987] RSP: 002b:00007fec7877c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  346.003017][T10987] RAX: ffffffffffffffda RBX: 00007fec77b35f80 RCX: 00007fec7797dff9
[  346.005080][T10987] RDX: 0000000000000040 RSI: 0000000020000440 RDI: 0000000000000003
[  346.007147][T10987] RBP: 00007fec7877c090 R08: 0000000000000000 R09: 0000000000000000
[  346.009205][T10987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  346.011270][T10987] R13: 0000000000000000 R14: 00007fec77b35f80 R15: 00007ffe9a25e378
[  346.013335][T10987]  </TASK>
[  346.149234][T11048] program syz.1.1424 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  346.150217][T11048] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1424'.
[  346.183275][ T5352] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  346.183416][ T5352] CPU: 2 UID: 0 PID: 5352 Comm: kworker/u33:6 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  346.189552][ T5352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  346.189564][ T5352] Workqueue: hci2 hci_rx_work
[  346.189582][ T5352] Call Trace:
[  346.189588][ T5352]  <TASK>
[  346.189594][ T5352]  dump_stack_lvl+0x16c/0x1f0
[  346.189613][ T5352]  sysfs_warn_dup+0x7f/0xa0
[  346.189626][ T5352]  sysfs_create_dir_ns+0x24d/0x2b0
[  346.189640][ T5352]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  346.189653][ T5352]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  346.189667][ T5352]  ? kobject_add_internal+0x12d/0x990
[  346.204287][ T5352]  ? do_raw_spin_unlock+0x172/0x230
[  346.204315][ T5352]  kobject_add_internal+0x2c8/0x990
[  346.204331][ T5352]  kobject_add+0x16f/0x240
[  346.204343][ T5352]  ? __pfx_kobject_add+0x10/0x10
[  346.204353][ T5352]  ? lockdep_hardirqs_on+0x7c/0x110
[  346.204374][ T5352]  device_add+0x289/0x1a70
[  346.212138][ T5352]  ? __pfx_dev_set_name+0x10/0x10
[  346.212155][ T5352]  ? __pfx_device_add+0x10/0x10
[  346.212173][ T5352]  ? mgmt_send_event_skb+0x2f2/0x460
[  346.212191][ T5352]  hci_conn_add_sysfs+0x17e/0x230
[  346.212207][ T5352]  le_conn_complete_evt+0x1078/0x1d80
[  346.212225][ T5352]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  346.212236][ T5352]  ? trace_contention_end+0xea/0x140
[  346.212252][ T5352]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  346.212265][ T5352]  ? skb_pull_data+0x166/0x210
[  346.212282][ T5352]  hci_le_meta_evt+0x2e2/0x5d0
[  346.212294][ T5352]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  346.212312][ T5352]  hci_event_packet+0x666/0x1180
[  346.212324][ T5352]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  346.230935][ T5352]  ? __pfx_hci_event_packet+0x10/0x10
[  346.230957][ T5352]  ? hci_send_to_monitor+0x37/0x470
[  346.230971][ T5352]  ? hci_rx_work+0x14d/0x16c0
[  346.230988][ T5352]  hci_rx_work+0x2c6/0x16c0
[  346.231003][ T5352]  ? lock_acquire+0x2f/0xb0
[  346.231015][ T5352]  ? process_one_work+0x921/0x1ba0
[  346.231029][ T5352]  process_one_work+0x9c5/0x1ba0
[  346.231044][ T5352]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  346.231054][ T5352]  ? __pfx_process_one_work+0x10/0x10
[  346.231068][ T5352]  ? assign_work+0x1a0/0x250
[  346.231086][ T5352]  worker_thread+0x6c8/0xf00
[  346.231101][ T5352]  ? __pfx_worker_thread+0x10/0x10
[  346.231111][ T5352]  kthread+0x2c1/0x3a0
[  346.231123][ T5352]  ? _raw_spin_unlock_irq+0x23/0x50
[  346.231136][ T5352]  ? __pfx_kthread+0x10/0x10
[  346.231149][ T5352]  ret_from_fork+0x45/0x80
[  346.231159][ T5352]  ? __pfx_kthread+0x10/0x10
[  346.231172][ T5352]  ret_from_fork_asm+0x1a/0x30
[  346.231193][ T5352]  </TASK>
[  346.233195][ T5352] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  346.233255][ T5352] Bluetooth: hci2: failed to register connection device
[  346.332629][T11040] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  346.340079][T11040] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  346.757466][   T39] audit: type=1400 audit(1729322245.099:706): avc:  denied  { map } for  pid=11057 comm="syz.2.1428" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  346.769418][   T39] audit: type=1400 audit(1729322245.099:707): avc:  denied  { write execute } for  pid=11057 comm="syz.2.1428" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  346.980375][T11060] FAULT_INJECTION: forcing a failure.
[  346.980375][T11060] name failslab, interval 1, probability 0, space 0, times 0
[  346.984419][T11060] CPU: 1 UID: 0 PID: 11060 Comm: syz.2.1429 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  346.987211][T11060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  346.990001][T11060] Call Trace:
[  346.990874][T11060]  <TASK>
[  346.991664][T11060]  dump_stack_lvl+0x16c/0x1f0
[  346.992899][T11060]  should_fail_ex+0x497/0x5b0
[  346.994146][T11060]  ? fs_reclaim_acquire+0xae/0x150
[  346.995510][T11060]  should_failslab+0xc2/0x120
[  346.996718][T11060]  __kmalloc_noprof+0xcb/0x400
[  346.997959][T11060]  tomoyo_realpath_from_path+0xb9/0x720
[  346.999387][T11060]  tomoyo_check_open_permission+0x2a7/0x3b0
[  347.000905][T11060]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  347.002561][T11060]  ? __pfx___lock_acquire+0x10/0x10
[  347.005245][T11060]  ? __pfx_hook_file_open+0x10/0x10
[  347.005271][T11060]  ? path_get+0x61/0x80
[  347.005291][T11060]  tomoyo_file_open+0x6b/0x90
[  347.005303][T11060]  security_file_open+0x64c/0x9d0
[  347.005317][T11060]  do_dentry_open+0x57c/0x1530
[  347.011654][T11060]  ? inode_permission+0xdd/0x5f0
[  347.012932][T11060]  vfs_open+0x82/0x3f0
[  347.013989][T11060]  ? may_open+0x1f2/0x400
[  347.015131][T11060]  path_openat+0x1e6a/0x2d60
[  347.016339][T11060]  ? __pfx_path_openat+0x10/0x10
[  347.017620][T11060]  do_filp_open+0x1dc/0x430
[  347.018799][T11060]  ? __pfx_do_filp_open+0x10/0x10
[  347.020099][T11060]  ? _raw_spin_unlock+0x3e/0x50
[  347.021364][T11060]  ? alloc_fd+0x2d7/0x6c0
[  347.022497][T11060]  do_sys_openat2+0x17a/0x1e0
[  347.023717][T11060]  ? __pfx_do_sys_openat2+0x10/0x10
[  347.025048][T11060]  ? __fget_files+0x244/0x3f0
[  347.026267][T11060]  __x64_sys_openat+0x175/0x210
[  347.027539][T11060]  ? __pfx___x64_sys_openat+0x10/0x10
[  347.028919][T11060]  ? ksys_write+0x1ad/0x260
[  347.030100][T11060]  do_syscall_64+0xcd/0x250
[  347.031281][T11060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.032795][T11060] RIP: 0033:0x7effd897c990
[  347.033939][T11060] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  347.038870][T11060] RSP: 002b:00007effd9790f70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  347.040984][T11060] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007effd897c990
[  347.043002][T11060] RDX: 0000000000000000 RSI: 00007effd89f03ae RDI: 00000000ffffff9c
[  347.045010][T11060] RBP: 00007effd89f03ae R08: 0000000000000000 R09: 0000000000000000
[  347.047021][T11060] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  347.049042][T11060] R13: 0000000000000001 R14: 00007effd8b35f80 R15: 00007ffe828fef58
[  347.051082][T11060]  </TASK>
[  347.076511][T11060] ERROR: Out of memory at tomoyo_realpath_from_path.
[  347.142788][T11065] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1430'.
[  347.371235][   T39] audit: type=1400 audit(1729322245.709:708): avc:  denied  { read append } for  pid=11063 comm="syz.3.1430" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  347.396197][   T39] audit: type=1400 audit(1729322245.709:709): avc:  denied  { open } for  pid=11063 comm="syz.3.1430" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  348.296436][ T5352] Bluetooth: hci2: command tx timeout
[  349.086565][   T39] audit: type=1400 audit(1729322247.429:710): avc:  denied  { create } for  pid=11090 comm="syz.0.1438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  349.088573][T11091] netlink: 'syz.0.1438': attribute type 1 has an invalid length.
[  349.092062][   T39] audit: type=1400 audit(1729322247.429:711): avc:  denied  { write } for  pid=11090 comm="syz.0.1438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  349.101159][T11091] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1438'.
[  349.104887][T11093] netlink: 'syz.0.1438': attribute type 1 has an invalid length.
[  349.108118][T11093] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1438'.
[  349.110935][T11091] trusted_key: encrypted_key: keyword 'new0default' not recognized
[  349.114717][T11091] syz.0.1438: attempt to access beyond end of device
[  349.114717][T11091] nbd0: rw=4096, sector=2, nr_sectors = 2 limit=0
[  349.118831][T11091] EXT4-fs (nbd0): unable to read superblock
[  349.156845][T11099] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1440'.
[  350.092203][T11113] FAULT_INJECTION: forcing a failure.
[  350.092203][T11113] name failslab, interval 1, probability 0, space 0, times 0
[  350.095654][T11113] CPU: 2 UID: 0 PID: 11113 Comm: syz.0.1443 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  350.099142][T11113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  350.102754][T11113] Call Trace:
[  350.103771][T11113]  <TASK>
[  350.104561][T11113]  dump_stack_lvl+0x16c/0x1f0
[  350.106256][T11113]  should_fail_ex+0x497/0x5b0
[  350.107924][T11113]  ? fs_reclaim_acquire+0xae/0x150
[  350.109791][T11113]  should_failslab+0xc2/0x120
[  350.111511][T11113]  __kmalloc_noprof+0xcb/0x400
[  350.113257][T11113]  ? find_held_lock+0x2d/0x110
[  350.115015][T11113]  memcg_list_lru_alloc+0x24d/0xa90
[  350.116894][T11113]  ? rcu_read_unlock+0x17/0x60
[  350.118645][T11113]  ? __pfx_memcg_list_lru_alloc+0x10/0x10
[  350.120729][T11113]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[  350.122660][T11113]  __memcg_slab_post_alloc_hook+0x12c/0x9b0
[  350.124174][T11113]  ? kasan_save_track+0x14/0x30
[  350.125465][T11113]  kmem_cache_alloc_lru_noprof+0x2c1/0x2f0
[  350.127007][T11113]  ? __d_alloc+0x31/0xaa0
[  350.128169][T11113]  __d_alloc+0x31/0xaa0
[  350.129280][T11113]  ? hugetlb_vma_lock_alloc+0xc/0x1f0
[  350.130690][T11113]  d_alloc_pseudo+0x1c/0xc0
[  350.131877][T11113]  alloc_file_pseudo+0xdc/0x210
[  350.133129][T11113]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  350.134568][T11113]  ? lockdep_annotate_inode_mutex_key+0x4b/0x200
[  350.136218][T11113]  ? hugetlbfs_get_inode+0x32d/0x530
[  350.137900][T11113]  hugetlb_file_setup+0x4cd/0x620
[  350.139282][T11113]  ksys_mmap_pgoff+0x189/0x5c0
[  350.140529][T11113]  __x64_sys_mmap+0x125/0x190
[  350.141757][T11113]  do_syscall_64+0xcd/0x250
[  350.142965][T11113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.144610][T11113] RIP: 0033:0x7faf8af7dff9
[  350.145985][T11113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.150887][T11113] RSP: 002b:00007faf8bdec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  350.153030][T11113] RAX: ffffffffffffffda RBX: 00007faf8b135f80 RCX: 00007faf8af7dff9
[  350.155236][T11113] RDX: 0000000000000000 RSI: 0000000000ff5000 RDI: 0000000020000000
[  350.158110][T11113] RBP: 00007faf8bdec090 R08: ffffffffffffffff R09: 0000000000000000
[  350.160229][T11113] R10: 000200000005c831 R11: 0000000000000246 R12: 0000000000000001
[  350.162431][T11113] R13: 0000000000000000 R14: 00007faf8b135f80 R15: 00007ffc00f12aa8
[  350.164531][T11113]  </TASK>
[  351.047703][T11124] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  351.053753][T11124] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  353.131162][   T39] audit: type=1400 audit(1729322251.469:712): avc:  denied  { name_connect } for  pid=11163 comm="syz.2.1454" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  353.197311][T11170] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=11170 comm=syz.3.1456
[  356.127459][ T5348] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  356.132669][ T5348] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  356.135277][ T5348] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  356.324000][ T5348] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  356.326530][ T5348] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  356.328610][ T5348] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  356.400378][T11222] chnl_net:caif_netlink_parms(): no params data found
[  356.466286][T11045] platform vkms: [drm] *ERROR* flip_done timed out
[  356.468035][T11045] platform vkms: [drm] *ERROR* [CRTC:38:crtc-0] commit wait timed out
[  356.476821][T11222] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.478734][T11222] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.480595][T11222] bridge_slave_0: entered allmulticast mode
[  356.482566][T11222] bridge_slave_0: entered promiscuous mode
[  356.485150][T11222] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.489896][T11222] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.491824][T11222] bridge_slave_1: entered allmulticast mode
[  356.493793][T11222] bridge_slave_1: entered promiscuous mode
[  356.514310][T11222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  356.518053][T11222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  356.524906][T11234] overlayfs: missing 'lowerdir'
[  356.551113][T11222] team0: Port device team_slave_0 added
[  356.558169][T11222] team0: Port device team_slave_1 added
[  356.575993][T11222] batman_adv: batadv0: Adding interface: batadv_slave_0
[  356.578782][T11222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.586678][T11222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  356.591829][T11222] batman_adv: batadv0: Adding interface: batadv_slave_1
[  356.594366][T11222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.609416][T11222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  356.638303][T11222] hsr_slave_0: entered promiscuous mode
[  356.640487][T11222] hsr_slave_1: entered promiscuous mode
[  356.733344][T11222] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.821596][T11222] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.910520][T11222] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.016505][T11222] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.106488][T11222] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  357.109502][T11222] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  357.113225][T11222] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  357.123055][T11222] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  357.132171][T11222] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.134066][T11222] bridge0: port 2(bridge_slave_1) entered forwarding state
[  357.136002][T11222] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.137826][T11222] bridge0: port 1(bridge_slave_0) entered forwarding state
[  357.165009][T11222] 8021q: adding VLAN 0 to HW filter on device bond0
[  357.184505][ T1103] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.191448][ T1103] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.222975][T11222] 8021q: adding VLAN 0 to HW filter on device team0
[  357.231774][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.233608][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  357.237726][ T1103] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.239549][ T1103] bridge0: port 2(bridge_slave_1) entered forwarding state
[  357.264334][T11222] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  357.269349][T11222] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  357.364044][T11222] 8021q: adding VLAN 0 to HW filter on device batadv0
[  357.382315][T11222] veth0_vlan: entered promiscuous mode
[  357.387629][T11222] veth1_vlan: entered promiscuous mode
[  357.408461][T11222] veth0_macvtap: entered promiscuous mode
[  357.413850][T11222] veth1_macvtap: entered promiscuous mode
[  357.420833][T11222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.423536][T11222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.426010][T11222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.430569][T11222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.433066][T11222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.435861][T11222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.438808][T11222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.441516][T11222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.444788][T11222] batman_adv: batadv0: Interface activated: batadv_slave_0
[  357.451675][T11222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.454500][T11222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.457956][T11222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.460722][T11222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.463225][T11222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.465868][T11222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.469630][T11222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.472303][T11222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.475624][T11222] batman_adv: batadv0: Interface activated: batadv_slave_1
[  357.481274][T11222] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  357.483662][T11222] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  357.485912][T11222] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.489580][T11222] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  357.520037][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  357.523517][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  357.536581][ T1109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  357.539390][ T1109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  357.683925][T11252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  357.693234][T11252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  358.376488][ T5352] Bluetooth: hci1: command tx timeout
[  358.741791][ T5352] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci6/hci6:201'
[  358.744548][ T5352] CPU: 3 UID: 0 PID: 5352 Comm: kworker/u33:6 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  358.747448][ T5352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.750199][ T5352] Workqueue: hci6 hci_rx_work
[  358.751452][ T5352] Call Trace:
[  358.752329][ T5352]  <TASK>
[  358.753101][ T5352]  dump_stack_lvl+0x16c/0x1f0
[  358.754350][ T5352]  sysfs_warn_dup+0x7f/0xa0
[  358.755547][ T5352]  sysfs_create_dir_ns+0x24d/0x2b0
[  358.756881][ T5352]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  358.758334][ T5352]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  358.759736][ T5352]  ? kobject_add_internal+0x12d/0x990
[  358.761118][ T5352]  ? do_raw_spin_unlock+0x172/0x230
[  358.762577][ T5352]  kobject_add_internal+0x2c8/0x990
[  358.763946][ T5352]  kobject_add+0x16f/0x240
[  358.765132][ T5352]  ? __pfx_kobject_add+0x10/0x10
[  358.766541][ T5352]  ? class_to_subsys+0x3e/0x160
[  358.767891][ T5352]  ? do_raw_spin_unlock+0x172/0x230
[  358.769304][ T5352]  ? kobject_put+0xab/0x5a0
[  358.770503][ T5352]  device_add+0x289/0x1a70
[  358.771650][ T5352]  ? __pfx_dev_set_name+0x10/0x10
[  358.772894][ T5352]  ? __pfx_device_add+0x10/0x10
[  358.774161][ T5352]  ? mgmt_send_event_skb+0x2f2/0x460
[  358.775458][ T5352]  hci_conn_add_sysfs+0x17e/0x230
[  358.776744][ T5352]  le_conn_complete_evt+0x1078/0x1d80
[  358.778100][ T5352]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  358.779527][ T5352]  ? trace_contention_end+0xea/0x140
[  358.780862][ T5352]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  358.782499][ T5352]  ? skb_pull_data+0x166/0x210
[  358.783753][ T5352]  hci_le_meta_evt+0x2e2/0x5d0
[  358.784992][ T5352]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  358.786741][ T5352]  hci_event_packet+0x666/0x1180
[  358.787994][ T5352]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  358.789335][ T5352]  ? __pfx_hci_event_packet+0x10/0x10
[  358.790698][ T5352]  ? mark_held_locks+0x9f/0xe0
[  358.791928][ T5352]  ? kcov_remote_start+0x3cf/0x6e0
[  358.793236][ T5352]  ? lockdep_hardirqs_on+0x7c/0x110
[  358.794644][ T5352]  hci_rx_work+0x2c6/0x16c0
[  358.795860][ T5352]  ? lock_acquire+0x2f/0xb0
[  358.797075][ T5352]  ? process_one_work+0x921/0x1ba0
[  358.798444][ T5352]  process_one_work+0x9c5/0x1ba0
[  358.799765][ T5352]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  358.801242][ T5352]  ? __pfx_process_one_work+0x10/0x10
[  358.802678][ T5352]  ? assign_work+0x1a0/0x250
[  358.803907][ T5352]  worker_thread+0x6c8/0xf00
[  358.805141][ T5352]  ? __pfx_worker_thread+0x10/0x10
[  358.806626][ T5352]  kthread+0x2c1/0x3a0
[  358.807787][ T5352]  ? _raw_spin_unlock_irq+0x23/0x50
[  358.809234][ T5352]  ? __pfx_kthread+0x10/0x10
[  358.810530][ T5352]  ret_from_fork+0x45/0x80
[  358.811716][ T5352]  ? __pfx_kthread+0x10/0x10
[  358.812941][ T5352]  ret_from_fork_asm+0x1a/0x30
[  358.814231][ T5352]  </TASK>
[  358.815708][ T5352] kobject: kobject_add_internal failed for hci6:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  358.819672][ T5352] Bluetooth: hci6: failed to register connection device
[  359.621202][T11297] 9pnet: Unknown protocol version 9p20\++}
[  359.824182][T11292] IPv6: NLM_F_CREATE should be specified when creating new route
[  360.456276][ T5352] Bluetooth: hci1: command tx timeout
[  360.639441][   T39] audit: type=1400 audit(1729322258.979:713): avc:  denied  { create } for  pid=11328 comm="syz.2.1487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  360.748303][T11341] FAULT_INJECTION: forcing a failure.
[  360.748303][T11341] name failslab, interval 1, probability 0, space 0, times 0
[  360.751765][T11341] CPU: 3 UID: 0 PID: 11341 Comm: syz.1.1490 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  360.755090][T11341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  360.758644][T11341] Call Trace:
[  360.759758][T11341]  <TASK>
[  360.760751][T11341]  dump_stack_lvl+0x16c/0x1f0
[  360.762332][T11341]  should_fail_ex+0x497/0x5b0
[  360.763924][T11341]  ? fs_reclaim_acquire+0xae/0x150
[  360.765633][T11341]  should_failslab+0xc2/0x120
[  360.767214][T11341]  __kmalloc_cache_noprof+0x6b/0x300
[  360.768978][T11341]  ? register_netdevice+0x504/0x1e90
[  360.770746][T11341]  register_netdevice+0x504/0x1e90
[  360.772440][T11341]  ? netlink_rcv_skb+0x16b/0x440
[  360.774083][T11341]  ? netlink_unicast+0x53c/0x7f0
[  360.775760][T11341]  ? netlink_sendmsg+0x8b8/0xd70
[  360.777446][T11341]  ? ____sys_sendmsg+0xaaf/0xc90
[  360.779123][T11341]  ? __pfx_register_netdevice+0x10/0x10
[  360.780968][T11341]  macsec_newlink+0x4ba/0x1bd0
[  360.782591][T11341]  ? __pfx_macsec_newlink+0x10/0x10
[  360.784324][T11341]  ? read_word_at_a_time+0xe/0x20
[  360.786009][T11341]  ? sized_strscpy+0xae/0x290
[  360.787579][T11341]  ? kasan_save_track+0x14/0x30
[  360.789194][T11341]  ? alloc_netdev_mqs+0xe3e/0x1420
[  360.790897][T11341]  ? validate_linkmsg+0x6d2/0x9a0
[  360.792584][T11341]  ? rtnl_create_link+0xa51/0xfa0
[  360.794268][T11341]  ? __pfx_macsec_newlink+0x10/0x10
[  360.796018][T11341]  __rtnl_newlink+0x1197/0x1920
[  360.797650][T11341]  ? __pfx___rtnl_newlink+0x10/0x10
[  360.799343][T11341]  rtnl_newlink+0x67/0xa0
[  360.800467][T11341]  ? __pfx_rtnl_newlink+0x10/0x10
[  360.801765][T11341]  rtnetlink_rcv_msg+0x3c7/0xea0
[  360.803073][T11341]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  360.804485][T11341]  netlink_rcv_skb+0x16b/0x440
[  360.805724][T11341]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  360.807149][T11341]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  360.808525][T11341]  ? netlink_deliver_tap+0x1ae/0xd90
[  360.810284][T11341]  netlink_unicast+0x53c/0x7f0
[  360.811582][T11341]  ? __pfx_netlink_unicast+0x10/0x10
[  360.813406][T11341]  netlink_sendmsg+0x8b8/0xd70
[  360.814763][T11341]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.816083][T11341]  ? __import_iovec+0x1fd/0x6e0
[  360.817344][T11341]  ____sys_sendmsg+0xaaf/0xc90
[  360.818591][T11341]  ? copy_msghdr_from_user+0x10b/0x160
[  360.819983][T11341]  ? __pfx_____sys_sendmsg+0x10/0x10
[  360.821348][T11341]  ? __pfx___lock_acquire+0x10/0x10
[  360.822706][T11341]  ___sys_sendmsg+0x135/0x1e0
[  360.823919][T11341]  ? __pfx____sys_sendmsg+0x10/0x10
[  360.825268][T11341]  ? lock_acquire+0x2f/0xb0
[  360.827298][T11341]  ? __fget_files+0x40/0x3f0
[  360.827322][T11341]  ? fdget+0x176/0x210
[  360.827337][T11341]  __sys_sendmsg+0x117/0x1f0
[  360.827348][T11341]  ? __pfx___sys_sendmsg+0x10/0x10
[  360.827357][T11341]  ? __fget_files+0x244/0x3f0
[  360.827379][T11341]  do_syscall_64+0xcd/0x250
[  360.827394][T11341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.827408][T11341] RIP: 0033:0x7fb4d537dff9
[  360.827418][T11341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.827428][T11341] RSP: 002b:00007fb4d6096038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  360.827440][T11341] RAX: ffffffffffffffda RBX: 00007fb4d5535f80 RCX: 00007fb4d537dff9
[  360.827446][T11341] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 000000000000000e
[  360.827453][T11341] RBP: 00007fb4d6096090 R08: 0000000000000000 R09: 0000000000000000
[  360.827459][T11341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  360.827465][T11341] R13: 0000000000000000 R14: 00007fb4d5535f80 R15: 00007ffd72f9e238
[  360.827477][T11341]  </TASK>
[  360.881509][ T5352] Bluetooth: hci6: command tx timeout
[  360.948381][   T39] audit: type=1400 audit(1729322259.279:714): avc:  denied  { getopt } for  pid=11350 comm="syz.3.1493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  361.900017][T11361] netlink: 4072 bytes leftover after parsing attributes in process `syz.3.1495'.
[  361.902602][T11361] openvswitch: netlink: Actions may not be safe on all matching packets
[  362.056208][ T1413] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  362.084664][ T5352] Bluetooth: hci6: unknown advertising packet type: 0x7a
[  362.084683][ T5352] Bluetooth: hci6: Malformed LE Event: 0x02
[  362.206141][ T1413] usb 6-1: Using ep0 maxpacket: 8
[  362.208783][ T1413] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  362.210947][ T1413] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  362.213598][ T1413] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  362.216175][ T1413] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  362.218722][ T1413] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  362.222047][ T1413] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  362.224469][ T1413] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.288348][   T39] audit: type=1400 audit(1729322260.629:715): avc:  denied  { mount } for  pid=11376 comm="syz.3.1500" name="/" dev="autofs" ino=50411 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  362.308626][   T39] audit: type=1400 audit(1729322260.649:716): avc:  denied  { mounton } for  pid=11376 comm="syz.3.1500" path="/47/file1/file0" dev="autofs" ino=48613 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  362.382935][T11373] kvm: emulating exchange as write
[  362.430497][   T39] audit: type=1400 audit(1729322260.769:717): avc:  denied  { module_request } for  pid=11371 comm="syz.2.1499" kmod="net-pf-2-proto-0-type-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  362.440774][ T1413] usb 6-1: GET_CAPABILITIES returned 0
[  362.442243][ T1413] usbtmc 6-1:16.0: can't read capabilities
[  362.536407][ T5352] Bluetooth: hci1: command tx timeout
[  362.540533][   T39] audit: type=1400 audit(1729322260.879:718): avc:  denied  { unmount } for  pid=10666 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  362.648898][   T35] usb 6-1: USB disconnect, device number 33
[  362.810706][   T45] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.884551][   T45] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.907705][ T5348] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  362.912230][ T5348] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  362.914758][ T5348] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  362.918894][ T5348] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  362.921127][ T5348] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  362.923731][ T5348] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  362.972429][   T45] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.029027][T11385] chnl_net:caif_netlink_parms(): no params data found
[  363.047392][   T45] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.103392][T11385] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.105336][T11385] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.107501][T11385] bridge_slave_0: entered allmulticast mode
[  363.109540][T11385] bridge_slave_0: entered promiscuous mode
[  363.113823][T11385] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.115714][T11385] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.120312][T11385] bridge_slave_1: entered allmulticast mode
[  363.122421][T11385] bridge_slave_1: entered promiscuous mode
[  363.141909][ T5929] libceph: connect (1)[c::]:6789 error -101
[  363.144154][ T5929] libceph: mon0 (1)[c::]:6789 connect error
[  363.160967][T11385] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  363.170650][T11385] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  363.222708][T11385] team0: Port device team_slave_0 added
[  363.224581][   T45] bridge_slave_1: left allmulticast mode
[  363.226357][   T45] bridge_slave_1: left promiscuous mode
[  363.227943][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.230674][   T45] bridge_slave_0: left allmulticast mode
[  363.232176][   T45] bridge_slave_0: left promiscuous mode
[  363.233687][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.246220][   T39] audit: type=1400 audit(1729322261.579:719): avc:  denied  { connect } for  pid=11400 comm="syz.2.1506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  363.416147][ T9938] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  363.416374][ T5929] libceph: connect (1)[c::]:6789 error -101
[  363.419881][ T5929] libceph: mon0 (1)[c::]:6789 connect error
[  363.541737][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  363.545480][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  363.549345][   T45] bond0 (unregistering): Released all slaves
[  363.555303][T11385] team0: Port device team_slave_1 added
[  363.566112][ T9938] usb 6-1: Using ep0 maxpacket: 8
[  363.569193][ T9938] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  363.571386][ T9938] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  363.574030][ T9938] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  363.576915][ T9938] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  363.579735][ T9938] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  363.583247][ T9938] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  363.585732][ T9938] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  363.606927][T11385] batman_adv: batadv0: Adding interface: batadv_slave_0
[  363.609269][T11385] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.624266][T11385] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  363.628205][T11385] batman_adv: batadv0: Adding interface: batadv_slave_1
[  363.630004][T11385] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.636669][T11385] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  363.697935][T11385] hsr_slave_0: entered promiscuous mode
[  363.700568][T11385] hsr_slave_1: entered promiscuous mode
[  363.702978][T11385] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  363.705099][T11385] Cannot create hsr debugfs directory
[  363.795047][ T9938] usb 6-1: GET_CAPABILITIES returned 0
[  363.797389][ T9938] usbtmc 6-1:16.0: can't read capabilities
[  363.845836][   T45] hsr_slave_0: left promiscuous mode
[  363.847727][   T45] hsr_slave_1: left promiscuous mode
[  363.850982][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  363.852941][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  363.855966][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  363.858926][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  363.891051][   T45] veth1_macvtap: left promiscuous mode
[  363.892593][   T45] veth0_macvtap: left promiscuous mode
[  363.894188][   T45] veth1_vlan: left promiscuous mode
[  363.895638][   T45] veth0_vlan: left promiscuous mode
[  363.936331][ T5929] libceph: connect (1)[c::]:6789 error -101
[  363.937974][ T5929] libceph: mon0 (1)[c::]:6789 connect error
[  363.972906][T11394] ceph: No mds server is up or the cluster is laggy
[  364.012602][ T6029] usb 6-1: USB disconnect, device number 34
[  364.177938][T11417] ALSA: seq fatal error: cannot create timer (-22)
[  364.270106][ T5352] Bluetooth: hci2: unknown advertising packet type: 0x7a
[  364.270132][ T5352] Bluetooth: hci2: Malformed LE Event: 0x02
[  364.605958][   T45] team0 (unregistering): Port device team_slave_1 removed
[  364.616165][ T5352] Bluetooth: hci1: command tx timeout
[  364.704033][   T45] team0 (unregistering): Port device team_slave_0 removed
[  364.938715][ T5352] Bluetooth: hci3: command tx timeout
[  365.365348][T11417] netlink: 'syz.2.1508': attribute type 16 has an invalid length.
[  365.368047][T11417] netlink: 'syz.2.1508': attribute type 17 has an invalid length.
[  365.398870][T11435] FAULT_INJECTION: forcing a failure.
[  365.398870][T11435] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  365.402335][T11435] CPU: 1 UID: 0 PID: 11435 Comm: syz.0.1512 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  365.405071][T11435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  365.407838][T11435] Call Trace:
[  365.408715][T11435]  <TASK>
[  365.409493][T11435]  dump_stack_lvl+0x16c/0x1f0
[  365.410749][T11435]  should_fail_ex+0x497/0x5b0
[  365.411974][T11435]  _copy_from_user+0x30/0xf0
[  365.413180][T11435]  video_usercopy+0xed4/0x1600
[  365.414459][T11435]  ? __pfx___video_do_ioctl+0x10/0x10
[  365.415896][T11435]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  365.417800][T11435]  ? __pfx_video_usercopy+0x10/0x10
[  365.419174][T11435]  v4l2_ioctl+0x1ba/0x250
[  365.420296][T11435]  ? __pfx_v4l2_ioctl+0x10/0x10
[  365.421560][T11435]  __x64_sys_ioctl+0x18f/0x220
[  365.422799][T11435]  do_syscall_64+0xcd/0x250
[  365.423981][T11435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.425508][T11435] RIP: 0033:0x7faf8af7dff9
[  365.426677][T11435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.431580][T11435] RSP: 002b:00007faf8bdec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  365.433721][T11435] RAX: ffffffffffffffda RBX: 00007faf8b135f80 RCX: 00007faf8af7dff9
[  365.435777][T11435] RDX: 0000000020000000 RSI: 00000000c040565f RDI: 0000000000000003
[  365.437808][T11435] RBP: 00007faf8bdec090 R08: 0000000000000000 R09: 0000000000000000
[  365.439750][T11435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.441710][T11435] R13: 0000000000000000 R14: 00007faf8b135f80 R15: 00007ffc00f12aa8
[  365.443687][T11435]  </TASK>
[  365.450436][T11417] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.452330][T11417] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.508238][T11417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  365.514249][T11417] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  365.547835][T11417] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  365.550150][T11417] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  365.552400][T11417] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  365.554656][T11417] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  365.588446][T11417] bond1: left allmulticast mode
[  365.590514][T11417] bond2: left allmulticast mode
[  365.592444][T11417] bond3: left allmulticast mode
[  365.594521][T11417] team0: left allmulticast mode
[  365.595857][T11417] team_slave_0: left allmulticast mode
[  365.598594][T11417] team_slave_1: left allmulticast mode
[  365.600003][T11417] veth1_to_team: left allmulticast mode
[  365.601428][T11417] team0: left promiscuous mode
[  365.602668][T11417] team_slave_0: left promiscuous mode
[  365.604101][T11417] team_slave_1: left promiscuous mode
[  365.605524][T11417] veth1_to_team: left promiscuous mode
[  365.607150][T11417] macsec1: left promiscuous mode
[  365.608441][T11417] macsec1: left allmulticast mode
[  365.610791][T11417] bond4: left allmulticast mode
[  365.612970][T11417] bond5: left allmulticast mode
[  365.614995][T11417] bond6: left allmulticast mode
[  365.617349][T11417] bond7: left allmulticast mode
[  365.619288][T11417] bond8: left allmulticast mode
[  365.621315][T11417] bond9: left allmulticast mode
[  365.623277][T11417] bond10: left allmulticast mode
[  365.625245][T11417] bond11: left allmulticast mode
[  365.627348][T11417] bond12: left allmulticast mode
[  365.629315][T11417] bond13: left allmulticast mode
[  365.631291][T11417] bond14: left allmulticast mode
[  365.633269][T11417] bond15: left allmulticast mode
[  365.635290][T11417] bond16: left allmulticast mode
[  365.637926][T11417] bond17: left allmulticast mode
[  365.639996][T11417] bond18: left allmulticast mode
[  365.914487][T11466] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11466 comm=syz.2.1518
[  365.986171][ T5929] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  366.067915][T11385] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  366.074450][T11385] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  366.081366][T11385] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  366.087909][T11385] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  366.136224][ T5929] usb 5-1: Using ep0 maxpacket: 8
[  366.138784][ T5929] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  366.140782][ T5929] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  366.143111][ T5929] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  366.145446][ T5929] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  366.152663][ T5929] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  366.156016][ T5929] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  366.156137][ T5379] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  366.176534][ T5929] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.190017][T11385] 8021q: adding VLAN 0 to HW filter on device bond0
[  366.200614][T11385] 8021q: adding VLAN 0 to HW filter on device team0
[  366.207047][ T1109] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.208884][ T1109] bridge0: port 1(bridge_slave_0) entered forwarding state
[  366.217689][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.219580][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  366.255775][T11385] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  366.316208][ T5379] usb 7-1: Using ep0 maxpacket: 8
[  366.318801][ T5379] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  366.321328][ T5379] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  366.323850][ T5379] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  366.326565][ T5379] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  366.330033][ T5379] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  366.332340][ T5379] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.333700][T11385] 8021q: adding VLAN 0 to HW filter on device batadv0
[  366.360687][T11385] veth0_vlan: entered promiscuous mode
[  366.372015][T11385] veth1_vlan: entered promiscuous mode
[  366.386973][ T5929] usb 5-1: GET_CAPABILITIES returned 0
[  366.388487][ T5929] usbtmc 5-1:16.0: can't read capabilities
[  366.403197][T11385] veth0_macvtap: entered promiscuous mode
[  366.406870][T11385] veth1_macvtap: entered promiscuous mode
[  366.414035][T11385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  366.416978][T11385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.419676][T11385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  366.422465][T11385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.425016][T11385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  366.428504][T11385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.432207][T11385] batman_adv: batadv0: Interface activated: batadv_slave_0
[  366.438073][T11385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  366.440901][T11385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.443668][T11385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  366.447098][T11385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.449616][T11385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  366.452288][T11385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.455521][T11385] batman_adv: batadv0: Interface activated: batadv_slave_1
[  366.461983][T11385] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  366.464291][T11385] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  366.466846][T11385] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  366.469172][T11385] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  366.510470][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  366.512681][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  366.526748][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  366.528823][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  366.543506][ T5379] usb 7-1: GET_CAPABILITIES returned 0
[  366.545112][ T5379] usbtmc 7-1:16.0: can't read capabilities
[  366.599348][ T5379] usb 5-1: USB disconnect, device number 23
[  366.699820][T11045] platform vkms: [drm] *ERROR* flip_done timed out
[  366.701548][T11045] platform vkms: [drm] *ERROR* [CONNECTOR:39:Virtual-1] commit wait timed out
[  366.758510][ T5403] usb 7-1: USB disconnect, device number 29
[  367.016238][ T5352] Bluetooth: hci3: command tx timeout
[  367.386216][ T5383] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  367.536777][T11507] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1521'.
[  367.543810][   T39] audit: type=1400 audit(1729322265.879:720): avc:  denied  { setopt } for  pid=11497 comm="syz.2.1521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  367.559444][ T5383] usb 5-1: Using ep0 maxpacket: 8
[  367.582786][ T5383] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  367.585933][ T5383] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  367.590675][ T5383] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  367.594520][ T5383] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  367.602492][ T5383] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  367.610912][ T5383] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  367.616501][ T5383] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.837342][ T5383] usb 5-1: GET_CAPABILITIES returned 0
[  367.839130][ T5383] usbtmc 5-1:16.0: can't read capabilities
[  368.044300][ T5383] usb 5-1: USB disconnect, device number 24
[  368.600794][   T39] audit: type=1326 audit(1729322266.939:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1530" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094377dff9 code=0x7ffc0000
[  368.607300][   T39] audit: type=1326 audit(1729322266.949:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1530" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094377dff9 code=0x7ffc0000
[  368.614110][   T39] audit: type=1326 audit(1729322266.949:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1530" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f094377dff9 code=0x7ffc0000
[  368.621067][   T39] audit: type=1326 audit(1729322266.949:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1530" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094377dff9 code=0x7ffc0000
[  368.627749][   T39] audit: type=1326 audit(1729322266.949:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1530" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094377dff9 code=0x7ffc0000
[  368.633713][   T39] audit: type=1326 audit(1729322266.959:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1530" exe="/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f094377dff9 code=0x7ffc0000
[  368.646160][   T39] audit: type=1326 audit(1729322266.959:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1530" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094377dff9 code=0x7ffc0000
[  368.653078][   T39] audit: type=1326 audit(1729322266.959:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1530" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094377dff9 code=0x7ffc0000
[  368.660565][   T39] audit: type=1326 audit(1729322266.959:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1530" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f094377dff9 code=0x7ffc0000
[  369.096321][ T5352] Bluetooth: hci3: command tx timeout
[  369.149219][T11531] FAULT_INJECTION: forcing a failure.
[  369.149219][T11531] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  369.154840][T11531] CPU: 2 UID: 0 PID: 11531 Comm: syz.1.1531 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  369.157610][T11531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  369.160323][T11531] Call Trace:
[  369.161185][T11531]  <TASK>
[  369.161954][T11531]  dump_stack_lvl+0x16c/0x1f0
[  369.163139][T11531]  should_fail_ex+0x497/0x5b0
[  369.164539][T11531]  _copy_from_user+0x30/0xf0
[  369.165959][T11531]  vcs_write+0x2f2/0xdb0
[  369.167108][T11531]  ? inode_security+0x101/0x130
[  369.168388][T11531]  ? __pfx_vcs_write+0x10/0x10
[  369.169650][T11531]  ? bpf_lsm_file_permission+0x9/0x10
[  369.171056][T11531]  ? security_file_permission+0x71/0x210
[  369.172509][T11531]  ? __pfx_vcs_write+0x10/0x10
[  369.173760][T11531]  vfs_writev+0x6da/0xdd0
[  369.174925][T11531]  ? find_held_lock+0x2d/0x110
[  369.176195][T11531]  ? __pfx_vfs_writev+0x10/0x10
[  369.177478][T11531]  ? find_held_lock+0x2d/0x110
[  369.178770][T11531]  ? __pfx_lock_release+0x10/0x10
[  369.180098][T11531]  ? trace_lock_acquire+0x14a/0x1d0
[  369.181464][T11531]  ? __fget_files+0x244/0x3f0
[  369.182711][T11531]  ? do_writev+0x137/0x370
[  369.183884][T11531]  do_writev+0x137/0x370
[  369.185007][T11531]  ? __pfx_do_writev+0x10/0x10
[  369.186286][T11531]  do_syscall_64+0xcd/0x250
[  369.187486][T11531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.189008][T11531] RIP: 0033:0x7fb4d537dff9
[  369.190509][T11531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.195438][T11531] RSP: 002b:00007fb4d6096038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  369.197634][T11531] RAX: ffffffffffffffda RBX: 00007fb4d5535f80 RCX: 00007fb4d537dff9
[  369.199678][T11531] RDX: 0000000000000004 RSI: 0000000020000a40 RDI: 0000000000000003
[  369.201714][T11531] RBP: 00007fb4d6096090 R08: 0000000000000000 R09: 0000000000000000
[  369.203834][T11531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.206435][T11531] R13: 0000000000000000 R14: 00007fb4d5535f80 R15: 00007ffd72f9e238
[  369.209046][T11531]  </TASK>
[  369.294459][T11538] hub 9-0:1.0: USB hub found
[  369.296951][T11538] hub 9-0:1.0: 1 port detected
[  369.326358][T11540] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1534'.
[  369.328781][T11540] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1534'.
[  369.341498][T11540] bond1: entered allmulticast mode
[  369.343120][T11540] 8021q: adding VLAN 0 to HW filter on device bond1
[  369.525768][T11544] FAULT_INJECTION: forcing a failure.
[  369.525768][T11544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  369.529657][T11544] CPU: 1 UID: 0 PID: 11544 Comm: syz.0.1535 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  369.532398][T11544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  369.535169][T11544] Call Trace:
[  369.536040][T11544]  <TASK>
[  369.536813][T11544]  dump_stack_lvl+0x16c/0x1f0
[  369.538045][T11544]  should_fail_ex+0x497/0x5b0
[  369.539278][T11544]  _copy_from_user+0x30/0xf0
[  369.540488][T11544]  wext_handle_ioctl+0xc5/0x2c0
[  369.541755][T11544]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  369.543171][T11544]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  369.544841][T11544]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  369.546579][T11544]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  369.548360][T11544]  sock_ioctl+0x3a6/0x6c0
[  369.549512][T11544]  ? __pfx_sock_ioctl+0x10/0x10
[  369.550802][T11544]  ? selinux_file_ioctl+0x180/0x270
[  369.552160][T11544]  ? selinux_file_ioctl+0xb4/0x270
[  369.553506][T11544]  ? __pfx_sock_ioctl+0x10/0x10
[  369.554796][T11544]  __x64_sys_ioctl+0x18f/0x220
[  369.556062][T11544]  do_syscall_64+0xcd/0x250
[  369.557265][T11544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.558812][T11544] RIP: 0033:0x7faf8af7dff9
[  369.559982][T11544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.564945][T11544] RSP: 002b:00007faf8bdec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  369.567114][T11544] RAX: ffffffffffffffda RBX: 00007faf8b135f80 RCX: 00007faf8af7dff9
[  369.569159][T11544] RDX: 0000000020000000 RSI: 0000000000008b18 RDI: 0000000000000006
[  369.571206][T11544] RBP: 00007faf8bdec090 R08: 0000000000000000 R09: 0000000000000000
[  369.573250][T11544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.575316][T11544] R13: 0000000000000000 R14: 00007faf8b135f80 R15: 00007ffc00f12aa8
[  369.577393][T11544]  </TASK>
[  371.186765][ T5352] Bluetooth: hci3: command tx timeout
[  371.757509][T11602] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1548'.
[  371.760034][T11602] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1548'.
[  371.783472][T11602] bond19: entered allmulticast mode
[  371.785196][T11602] 8021q: adding VLAN 0 to HW filter on device bond19
[  372.614580][T11618] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.619442][T11618] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.665919][T11618] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1553'.
[  372.974355][   T39] kauditd_printk_skb: 13 callbacks suppressed
[  372.974366][   T39] audit: type=1400 audit(1729322271.309:743): avc:  denied  { mount } for  pid=11638 comm="syz.0.1558" name="/" dev="ramfs" ino=48972 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  372.983888][   T39] audit: type=1400 audit(1729322271.309:744): avc:  denied  { execute } for  pid=11638 comm="syz.0.1558" name="file0" dev="ramfs" ino=48973 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  372.990426][   T39] audit: type=1400 audit(1729322271.309:745): avc:  denied  { execute_no_trans } for  pid=11638 comm="syz.0.1558" path="/file0" dev="ramfs" ino=48973 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  373.003177][T11635] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1557'.
[  373.019397][T11635] vivid-002: disconnect
[  373.022982][   T39] audit: type=1400 audit(1729322271.359:746): avc:  denied  { map } for  pid=11634 comm="syz.1.1557" path="socket:[51216]" dev="sockfs" ino=51216 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  373.029672][T11634] vivid-002: reconnect
[  373.688262][T11658] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1561'.
[  373.690654][T11658] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1561'.
[  373.702727][T11658] bond1: entered allmulticast mode
[  373.704879][T11658] 8021q: adding VLAN 0 to HW filter on device bond1
[  373.980628][   T39] audit: type=1400 audit(1729322272.319:747): avc:  denied  { bind } for  pid=11664 comm="syz.0.1563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  374.459074][T11669] xt_hashlimit: size too large, truncated to 1048576
[  376.410037][T11703] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1574'.
[  376.412521][T11703] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1574'.
[  376.419834][T11703] bond2: entered allmulticast mode
[  376.421347][T11703] 8021q: adding VLAN 0 to HW filter on device bond2
[  376.936464][T11045] platform vkms: [drm] *ERROR* flip_done timed out
[  376.938260][T11045] platform vkms: [drm] *ERROR* [PLANE:32:plane-0] commit wait timed out
[  377.146910][   T11] bridge_slave_1: left allmulticast mode
[  377.148503][   T11] bridge_slave_1: left promiscuous mode
[  377.150060][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.153943][   T11] bridge_slave_0: left allmulticast mode
[  377.155480][   T11] bridge_slave_0: left promiscuous mode
[  377.157381][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.528097][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.533767][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  377.538031][   T11] bond0 (unregistering): Released all slaves
[  377.567313][   T39] audit: type=1326 audit(1729322275.899:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.1.1579" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d537dff9 code=0x7ffc0000
[  377.583925][   T39] audit: type=1326 audit(1729322275.899:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.1.1579" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d537dff9 code=0x7ffc0000
[  377.591233][   T39] audit: type=1326 audit(1729322275.919:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.1.1579" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb4d537dff9 code=0x7ffc0000
[  377.598069][   T39] audit: type=1326 audit(1729322275.919:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.1.1579" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d537dff9 code=0x7ffc0000
[  377.604956][   T39] audit: type=1326 audit(1729322275.919:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.1.1579" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d537dff9 code=0x7ffc0000
[  377.660217][   T11] bond1 (unregistering): Released all slaves
[  377.692706][T11731] netlink: 'syz.1.1579': attribute type 21 has an invalid length.
[  377.694846][T11731] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1579'.
[  377.697902][T11731] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1579'.
[  378.030095][   T11] hsr_slave_0: left promiscuous mode
[  378.032101][   T11] hsr_slave_1: left promiscuous mode
[  378.034420][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  378.038229][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  378.040682][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  378.042759][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  378.079826][   T11] veth1_macvtap: left promiscuous mode
[  378.081349][   T11] veth0_macvtap: left promiscuous mode
[  378.082963][   T11] veth1_vlan: left promiscuous mode
[  378.084476][   T11] veth0_vlan: left promiscuous mode
[  378.227421][ T1378] ieee802154 phy0 wpan0: encryption failed: -22
[  378.229263][ T1378] ieee802154 phy1 wpan1: encryption failed: -22
[  379.252325][   T11] team0 (unregistering): Port device team_slave_1 removed
[  379.331405][   T11] team0 (unregistering): Port device team_slave_0 removed
[  379.536259][ T6030] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  379.699741][ T6030] usb 6-1: Using ep0 maxpacket: 8
[  379.703125][ T6030] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  379.706145][ T6030] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  379.709451][ T6030] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  379.712884][ T6030] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  379.716307][ T6030] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  379.719911][ T6030] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  379.722476][ T6030] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.931246][ T6030] usb 6-1: GET_CAPABILITIES returned 0
[  379.932720][ T6030] usbtmc 6-1:16.0: can't read capabilities
[  379.943789][T11770] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1589'.
[  379.962690][T11775] FAULT_INJECTION: forcing a failure.
[  379.962690][T11775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  379.966350][T11775] CPU: 3 UID: 0 PID: 11775 Comm: syz.0.1591 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  379.969105][T11775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  379.972011][T11775] Call Trace:
[  379.972905][T11775]  <TASK>
[  379.973691][T11775]  dump_stack_lvl+0x16c/0x1f0
[  379.974957][T11775]  should_fail_ex+0x497/0x5b0
[  379.976195][T11775]  _copy_from_user+0x30/0xf0
[  379.977414][T11775]  vt_ioctl+0x450/0x2f80
[  379.978533][T11775]  ? __pfx_vt_ioctl+0x10/0x10
[  379.979767][T11775]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  379.981313][T11775]  ? do_vfs_ioctl+0x513/0x1990
[  379.982577][T11775]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  379.984108][T11775]  ? tty_jobctrl_ioctl+0x152/0xe00
[  379.985433][T11775]  ? __pfx_vt_ioctl+0x10/0x10
[  379.986664][T11775]  tty_ioctl+0x651/0x15d0
[  379.987795][T11775]  ? __pfx_tty_ioctl+0x10/0x10
[  379.989046][T11775]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  379.990801][T11775]  ? trace_lock_acquire+0x14a/0x1d0
[  379.992161][T11775]  ? selinux_file_ioctl+0x180/0x270
[  379.993509][T11775]  ? selinux_file_ioctl+0xb4/0x270
[  379.994944][T11775]  ? __pfx_tty_ioctl+0x10/0x10
[  379.996206][T11775]  __x64_sys_ioctl+0x18f/0x220
[  379.997448][T11775]  do_syscall_64+0xcd/0x250
[  379.998674][T11775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.000191][T11775] RIP: 0033:0x7faf8af7dff9
[  380.001351][T11775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.006244][T11775] RSP: 002b:00007faf8bdec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  380.008357][T11775] RAX: ffffffffffffffda RBX: 00007faf8b135f80 RCX: 00007faf8af7dff9
[  380.010392][T11775] RDX: 0000000000000000 RSI: 0000000000004b72 RDI: 0000000000000003
[  380.012419][T11775] RBP: 00007faf8bdec090 R08: 0000000000000000 R09: 0000000000000000
[  380.014448][T11775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  380.016499][T11775] R13: 0000000000000000 R14: 00007faf8b135f80 R15: 00007ffc00f12aa8
[  380.018520][T11775]  </TASK>
[  380.135358][ T5379] usb 6-1: USB disconnect, device number 35
[  380.484868][T11793] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1596'.
[  380.490090][T11793] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1596'.
[  380.636169][   T39] kauditd_printk_skb: 43 callbacks suppressed
[  380.636187][   T39] audit: type=1326 audit(1729322278.959:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz.0.1597" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faf8af7dff9 code=0x0
[  380.678690][T11797] fuse: Bad value for 'rootmode'
[  380.945291][   T39] audit: type=1400 audit(1729322279.279:797): avc:  denied  { read } for  pid=11807 comm="syz.3.1601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  381.476350][   T39] audit: type=1400 audit(1729322279.819:798): avc:  denied  { accept } for  pid=11822 comm="syz.0.1604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  381.667967][ T5352] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  381.670394][ T5352] Bluetooth: hci1: Injecting HCI hardware error event
[  381.673375][ T5348] Bluetooth: hci1: hardware error 0x00
[  381.826818][T11827] netlink: 'syz.2.1605': attribute type 1 has an invalid length.
[  381.829416][T11827] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1605'.
[  382.096107][ T6029] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  382.246184][ T6029] usb 8-1: Using ep0 maxpacket: 8
[  382.250422][ T6029] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  382.252683][ T6029] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  382.255458][ T6029] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  382.258355][ T6029] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  382.261512][ T6029] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  382.266364][ T6029] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  382.269638][ T6029] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.490735][ T6029] usb 8-1: GET_CAPABILITIES returned 0
[  382.514119][ T6029] usbtmc 8-1:16.0: can't read capabilities
[  382.699059][ T5379] usb 8-1: USB disconnect, device number 27
[  382.817779][T11847] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11847 comm=syz.2.1612
[  383.056111][   T35] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  383.206119][   T35] usb 7-1: Using ep0 maxpacket: 8
[  383.209171][   T35] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  383.211981][   T35] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  383.214717][   T35] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  383.218187][   T35] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  383.222002][   T35] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  383.224925][   T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.432795][   T35] usb 7-1: GET_CAPABILITIES returned 0
[  383.441410][   T35] usbtmc 7-1:16.0: can't read capabilities
[  383.519905][T11865] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1615'.
[  383.522335][T11865] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1615'.
[  383.532114][T11865] bond2: entered allmulticast mode
[  383.533688][T11865] 8021q: adding VLAN 0 to HW filter on device bond2
[  383.635710][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.639628][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.641958][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.644372][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.646684][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.648975][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.651278][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.654068][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.656403][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.658702][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.660915][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.663197][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.665848][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.668188][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.670486][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.672772][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  383.678224][   T73] usb 7-1: USB disconnect, device number 30
[  383.736192][ T5348] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  384.430375][T11886] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1623'.
[  384.586233][ T9938] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  384.856114][ T9938] usb 8-1: Using ep0 maxpacket: 8
[  384.859170][ T9938] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  384.861317][ T9938] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  384.864005][ T9938] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  384.866616][ T9938] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  384.869128][ T9938] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  384.872650][ T9938] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  384.875277][ T9938] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.086686][ T9938] usb 8-1: GET_CAPABILITIES returned 0
[  385.088179][ T9938] usbtmc 8-1:16.0: can't read capabilities
[  385.209767][   T39] audit: type=1400 audit(1729322283.549:799): avc:  denied  { write } for  pid=11911 comm="syz.2.1629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  385.308999][ T6029] usb 8-1: USB disconnect, device number 28
[  385.335067][T11920] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1630'.
[  385.336319][   T39] audit: type=1400 audit(1729322283.679:800): avc:  denied  { getopt } for  pid=11919 comm="syz.0.1631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  385.338061][T11920] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1630'.
[  385.368617][T11920] bond20: entered allmulticast mode
[  385.370290][T11920] 8021q: adding VLAN 0 to HW filter on device bond20
[  385.448362][T11926] FAULT_INJECTION: forcing a failure.
[  385.448362][T11926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  385.451803][T11926] CPU: 2 UID: 0 PID: 11926 Comm: syz.0.1633 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  385.454580][T11926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  385.457465][T11926] Call Trace:
[  385.458437][T11926]  <TASK>
[  385.459223][T11926]  dump_stack_lvl+0x16c/0x1f0
[  385.460460][T11926]  should_fail_ex+0x497/0x5b0
[  385.461696][T11926]  _copy_from_user+0x30/0xf0
[  385.462926][T11926]  do_sock_getsockopt+0x5f6/0x800
[  385.464244][T11926]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  385.465684][T11926]  ? __fget_files+0x244/0x3f0
[  385.466923][T11926]  __sys_getsockopt+0x1a1/0x270
[  385.468205][T11926]  ? __pfx___sys_getsockopt+0x10/0x10
[  385.469606][T11926]  ? fput+0x30/0x390
[  385.470648][T11926]  ? ksys_write+0x1ad/0x260
[  385.471843][T11926]  ? __pfx_ksys_write+0x10/0x10
[  385.473105][T11926]  __x64_sys_getsockopt+0xbd/0x160
[  385.474410][T11926]  ? do_syscall_64+0x91/0x250
[  385.475619][T11926]  ? lockdep_hardirqs_on+0x7c/0x110
[  385.476981][T11926]  do_syscall_64+0xcd/0x250
[  385.478192][T11926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.479745][T11926] RIP: 0033:0x7faf8af7dff9
[  385.480925][T11926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.485906][T11926] RSP: 002b:00007faf8bdec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  385.488036][T11926] RAX: ffffffffffffffda RBX: 00007faf8b135f80 RCX: 00007faf8af7dff9
[  385.490091][T11926] RDX: 0000000000002721 RSI: 0000200000000114 RDI: 0000000000000003
[  385.492149][T11926] RBP: 00007faf8bdec090 R08: 0000000020000040 R09: 0000000000000000
[  385.494164][T11926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  385.496125][T11926] R13: 0000000000000000 R14: 00007faf8b135f80 R15: 00007ffc00f12aa8
[  385.498173][T11926]  </TASK>
[  385.747132][   T39] audit: type=1400 audit(1729322284.089:801): avc:  denied  { watch watch_reads } for  pid=11929 comm="syz.0.1635" path="/106" dev="tmpfs" ino=567 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  385.748576][T11930] xt_hashlimit: size too large, truncated to 1048576
[  386.110619][   T39] audit: type=1400 audit(1729322284.449:802): avc:  denied  { getattr } for  pid=11947 comm="syz.1.1640" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=52733 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  386.132131][T11952] FAULT_INJECTION: forcing a failure.
[  386.132131][T11952] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.135745][T11952] CPU: 0 UID: 0 PID: 11952 Comm: syz.1.1642 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  386.138480][T11952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  386.141219][T11952] Call Trace:
[  386.142095][T11952]  <TASK>
[  386.142884][T11952]  dump_stack_lvl+0x16c/0x1f0
[  386.144126][T11952]  should_fail_ex+0x497/0x5b0
[  386.145360][T11952]  _copy_from_user+0x30/0xf0
[  386.146576][T11952]  input_event_from_user+0x134/0x3b0
[  386.147939][T11952]  ? __pfx_input_event_from_user+0x10/0x10
[  386.149434][T11952]  ? __pfx___might_resched+0x10/0x10
[  386.150814][T11952]  ? input_inject_event+0x193/0x370
[  386.152164][T11952]  evdev_write+0x377/0x750
[  386.153331][T11952]  ? __pfx_evdev_write+0x10/0x10
[  386.154639][T11952]  ? bpf_lsm_file_permission+0x9/0x10
[  386.156029][T11952]  ? security_file_permission+0x71/0x210
[  386.157496][T11952]  ? __pfx_evdev_write+0x10/0x10
[  386.158785][T11952]  vfs_write+0x28e/0x1140
[  386.159920][T11952]  ? __fget_files+0x23a/0x3f0
[  386.161147][T11952]  ? __pfx_lock_release+0x10/0x10
[  386.162463][T11952]  ? trace_lock_acquire+0x14a/0x1d0
[  386.163812][T11952]  ? __pfx_vfs_write+0x10/0x10
[  386.165058][T11952]  ? lock_acquire+0x2f/0xb0
[  386.166252][T11952]  ? __fget_files+0x40/0x3f0
[  386.167487][T11952]  ? __fget_files+0x244/0x3f0
[  386.168703][T11952]  ksys_write+0x1fa/0x260
[  386.169816][T11952]  ? __pfx_ksys_write+0x10/0x10
[  386.171084][T11952]  do_syscall_64+0xcd/0x250
[  386.172262][T11952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.173775][T11952] RIP: 0033:0x7fb4d537dff9
[  386.174946][T11952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  386.179789][T11952] RSP: 002b:00007fb4d6096038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  386.181910][T11952] RAX: ffffffffffffffda RBX: 00007fb4d5535f80 RCX: 00007fb4d537dff9
[  386.183935][T11952] RDX: 0000000000000078 RSI: 0000000020000000 RDI: 0000000000000004
[  386.185953][T11952] RBP: 00007fb4d6096090 R08: 0000000000000000 R09: 0000000000000000
[  386.187966][T11952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.189971][T11952] R13: 0000000000000000 R14: 00007fb4d5535f80 R15: 00007ffd72f9e238
[  386.191999][T11952]  </TASK>
[  386.297104][T11959] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1643'.
[  386.300133][T11959] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1643'.
[  386.311049][T11959] bond3: entered allmulticast mode
[  386.312930][T11959] 8021q: adding VLAN 0 to HW filter on device bond3
[  386.856229][ T5383] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  387.007797][ T5383] usb 5-1: Using ep0 maxpacket: 8
[  387.010311][ T5383] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  387.012479][ T5383] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  387.015120][ T5383] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  387.017950][ T5383] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  387.020546][ T5383] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  387.023859][ T5383] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  387.026277][ T5383] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.169854][   T39] audit: type=1400 audit(1729322285.509:803): avc:  denied  { write } for  pid=11977 comm="syz.1.1648" name="uhid" dev="devtmpfs" ino=1110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  387.215249][   T73] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  387.221917][   T73] hid-generic 0000:0000:0000.0015: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  387.231667][ T5383] usb 5-1: GET_CAPABILITIES returned 0
[  387.233121][ T5383] usbtmc 5-1:16.0: can't read capabilities
[  387.348168][   T39] audit: type=1400 audit(1729322285.689:804): avc:  denied  { map } for  pid=11985 comm="syz.3.1650" path="socket:[52200]" dev="sockfs" ino=52200 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  387.480347][ T5379] usb 5-1: USB disconnect, device number 25
[  387.506349][   T73] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  387.656129][   T73] usb 6-1: Using ep0 maxpacket: 8
[  387.659067][   T73] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  387.661807][   T73] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  387.665013][   T73] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  387.667590][   T73] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  387.670027][   T73] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  387.673096][   T73] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  387.675328][   T73] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.880692][   T73] usb 6-1: usb_control_msg returned -32
[  387.883703][   T73] usbtmc 6-1:16.0: can't read capabilities
[  388.039068][T11999] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11999 comm=syz.0.1654
[  388.466138][ T5383] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  388.616289][ T5383] usb 5-1: Using ep0 maxpacket: 8
[  388.621581][ T5383] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  388.624933][ T5383] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  388.628324][ T5383] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  388.631758][ T5383] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  388.636217][ T5383] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  388.639360][ T5383] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.673481][   T73] usb 6-1: USB disconnect, device number 36
[  388.849879][ T5383] usb 5-1: GET_CAPABILITIES returned 0
[  388.851457][ T5383] usbtmc 5-1:16.0: can't read capabilities
[  389.051328][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.053771][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.056119][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.058455][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.060774][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.063120][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.065431][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.067764][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.070069][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.072385][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.076649][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.078999][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.081543][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.083870][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.086772][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.089093][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  389.100156][    T9] usb 5-1: USB disconnect, device number 26
[  389.185635][   T39] audit: type=1400 audit(1729322287.519:805): avc:  denied  { mount } for  pid=12014 comm="syz.2.1658" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  389.289294][   T39] audit: type=1400 audit(1729322287.629:806): avc:  denied  { mount } for  pid=12014 comm="syz.2.1658" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  389.675106][T12039] sch_tbf: peakrate 1023 is lower than or equals to rate 52123 !
[  389.781521][   T39] audit: type=1400 audit(1729322288.119:807): avc:  denied  { unmount } for  pid=5341 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  389.852860][T12044] FAULT_INJECTION: forcing a failure.
[  389.852860][T12044] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.856225][T12044] CPU: 2 UID: 0 PID: 12044 Comm: syz.1.1665 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  389.858923][T12044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  389.861664][T12044] Call Trace:
[  389.862556][T12044]  <TASK>
[  389.863335][T12044]  dump_stack_lvl+0x16c/0x1f0
[  389.864572][T12044]  should_fail_ex+0x497/0x5b0
[  389.865785][T12044]  strncpy_from_user+0x3b/0x2a0
[  389.867090][T12044]  getname_flags.part.0+0x8f/0x550
[  389.868440][T12044]  getname+0x8d/0xe0
[  389.869522][T12044]  do_sys_openat2+0x104/0x1e0
[  389.870760][T12044]  ? __pfx_do_sys_openat2+0x10/0x10
[  389.872133][T12044]  ? __fget_files+0x244/0x3f0
[  389.873430][T12044]  __x64_sys_open+0x154/0x1e0
[  389.874893][T12044]  ? __pfx___x64_sys_open+0x10/0x10
[  389.876254][T12044]  do_syscall_64+0xcd/0x250
[  389.877441][T12044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.878995][T12044] RIP: 0033:0x7fb4d537dff9
[  389.880160][T12044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.885627][T12044] RSP: 002b:00007fb4d6096038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  389.887817][T12044] RAX: ffffffffffffffda RBX: 00007fb4d5535f80 RCX: 00007fb4d537dff9
[  389.889842][T12044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001640
[  389.891965][T12044] RBP: 00007fb4d6096090 R08: 0000000000000000 R09: 0000000000000000
[  389.894025][T12044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.896132][T12044] R13: 0000000000000000 R14: 00007fb4d5535f80 R15: 00007ffd72f9e238
[  389.898294][T12044]  </TASK>
[  390.426351][   T39] audit: type=1400 audit(1729322288.759:808): avc:  denied  { append } for  pid=12054 comm="syz.2.1668" name="rtc0" dev="devtmpfs" ino=865 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  390.571616][T12055] input: syz1 as /devices/virtual/input/input23
[  390.629666][T12061] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12061 comm=syz.0.1670
[  390.648855][T12063] warning: `syz.2.1671' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  390.657777][T12063] ALSA: mixer_oss: invalid OSS volume 'DIGIT'
[  390.683488][T12065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12065 comm=syz.3.1672
[  390.705083][   T39] audit: type=1400 audit(1729322289.039:809): avc:  denied  { mounton } for  pid=12066 comm="syz.2.1673" path="/syzcgroup/cpu/syz2/syz0/file0" dev="cgroup" ino=467 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  390.722257][T12067] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[  390.749393][T12069] xt_hashlimit: size too large, truncated to 1048576
[  390.866153][   T73] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  390.926125][ T6029] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  391.018845][   T73] usb 5-1: Using ep0 maxpacket: 8
[  391.022199][   T73] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  391.025586][   T73] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  391.029475][   T73] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  391.033062][   T73] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  391.038125][   T73] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  391.041345][   T73] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.076353][ T6029] usb 8-1: Using ep0 maxpacket: 8
[  391.159750][ T6029] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  391.162349][ T6029] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  391.164900][ T6029] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  391.167594][ T6029] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  391.171863][ T6029] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  391.174276][ T6029] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.249307][   T73] usb 5-1: GET_CAPABILITIES returned 0
[  391.250778][   T73] usbtmc 5-1:16.0: can't read capabilities
[  391.381590][T12078] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  391.381590][T12078] The task syz.2.1676 (12078) triggered the difference, watch for misbehavior.
[  391.451232][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.453613][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.456006][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.458357][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.460682][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.463032][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.465364][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.467710][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.470037][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.472392][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.474760][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.477312][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.479886][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.482241][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.484553][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.486974][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.491583][    T9] usb 5-1: USB disconnect, device number 27
[  391.520850][ T6029] usb 8-1: GET_CAPABILITIES returned 0
[  391.522390][ T6029] usbtmc 8-1:16.0: can't read capabilities
[  391.722872][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.725283][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.727640][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.730108][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.732435][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.734744][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.737198][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.739651][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.741984][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.744318][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.746646][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.748964][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.751283][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.754307][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.756659][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.758978][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  391.762484][ T5379] usb 8-1: USB disconnect, device number 29
[  391.775310][   T39] audit: type=1400 audit(1729322290.109:810): avc:  denied  { listen } for  pid=12086 comm="syz.1.1678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  392.164595][   T39] audit: type=1400 audit(1729322290.499:811): avc:  denied  { write } for  pid=12099 comm="syz.2.1681" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  393.179446][   T39] audit: type=1400 audit(1729322291.519:812): avc:  denied  { shutdown } for  pid=12112 comm="syz.3.1687" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  393.500421][T12120] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12120 comm=syz.1.1688
[  393.746161][    T9] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  393.896170][    T9] usb 6-1: Using ep0 maxpacket: 8
[  393.899939][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  393.902909][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  393.905641][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  393.908371][    T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  393.911739][    T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  393.914074][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.134956][    T9] usb 6-1: GET_CAPABILITIES returned 0
[  394.136142][   T39] audit: type=1804 audit(1729322292.469:813): pid=12131 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.1691" name="/newroot/35/bus/bus" dev="overlay" ino=206 res=1 errno=0
[  394.142902][    T9] usbtmc 6-1:16.0: can't read capabilities
[  394.151283][T12128] FAULT_INJECTION: forcing a failure.
[  394.151283][T12128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  394.154894][T12128] CPU: 1 UID: 0 PID: 12128 Comm: syz.2.1690 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  394.157809][T12128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  394.160712][T12128] Call Trace:
[  394.161654][T12128]  <TASK>
[  394.162527][T12128]  dump_stack_lvl+0x16c/0x1f0
[  394.163843][T12128]  should_fail_ex+0x497/0x5b0
[  394.165135][T12128]  _copy_to_user+0x30/0xc0
[  394.166350][T12128]  simple_read_from_buffer+0xd0/0x160
[  394.167766][T12128]  proc_fail_nth_read+0x198/0x270
[  394.169139][T12128]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  394.170669][T12128]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  394.172170][T12128]  vfs_read+0x1ce/0xbd0
[  394.173320][T12128]  ? __fget_files+0x23a/0x3f0
[  394.174658][T12128]  ? fdget_pos+0x24c/0x360
[  394.175919][T12128]  ? __pfx_lock_release+0x10/0x10
[  394.177283][T12128]  ? trace_lock_acquire+0x14a/0x1d0
[  394.178770][T12128]  ? __pfx_vfs_read+0x10/0x10
[  394.180080][T12128]  ? __pfx___mutex_lock+0x10/0x10
[  394.181466][T12128]  ? __fget_files+0x244/0x3f0
[  394.182745][T12128]  ksys_read+0x12f/0x260
[  394.183937][T12128]  ? __pfx_ksys_read+0x10/0x10
[  394.185266][T12128]  do_syscall_64+0xcd/0x250
[  394.186593][T12128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.188177][T12128] RIP: 0033:0x7effd897ca3c
[  394.189868][T12128] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  394.195007][T12128] RSP: 002b:00007effd9791030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  394.197414][T12128] RAX: ffffffffffffffda RBX: 00007effd8b35f80 RCX: 00007effd897ca3c
[  394.199637][T12128] RDX: 000000000000000f RSI: 00007effd97910a0 RDI: 0000000000000004
[  394.201775][T12128] RBP: 00007effd9791090 R08: 0000000000000000 R09: 0000000000000000
[  394.203955][T12128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  394.206128][T12128] R13: 0000000000000000 R14: 00007effd8b35f80 R15: 00007ffe828fef58
[  394.208391][T12128]  </TASK>
[  394.326994][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.330357][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.333857][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.337331][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.340755][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.344223][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.347638][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.351851][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.355255][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.358583][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.361784][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.365216][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.368563][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.373949][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.377552][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.380897][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  394.413049][ T5389] usb 6-1: USB disconnect, device number 37
[  394.935379][T12146] netlink: ct family unspecified
[  394.936941][T12146] openvswitch: netlink: Actions may not be safe on all matching packets
[  394.969693][T12148] Cannot find set identified by id 0 to match
[  394.978779][   T39] audit: type=1400 audit(1729322293.319:814): avc:  denied  { getopt } for  pid=12147 comm="syz.1.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  395.027807][   T39] audit: type=1400 audit(1729322293.319:815): avc:  denied  { accept } for  pid=12147 comm="syz.1.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  395.179876][ T5352] Bluetooth: hci3: command 0x0405 tx timeout
[  395.532030][   T39] audit: type=1400 audit(1729322293.869:816): avc:  denied  { read write } for  pid=12156 comm="syz.2.1700" name="nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  395.538678][   T39] audit: type=1400 audit(1729322293.869:817): avc:  denied  { open } for  pid=12156 comm="syz.2.1700" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  395.911799][T12170] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12170 comm=syz.1.1703
[  395.946922][T12172] FAULT_INJECTION: forcing a failure.
[  395.946922][T12172] name failslab, interval 1, probability 0, space 0, times 0
[  395.950510][T12172] CPU: 1 UID: 0 PID: 12172 Comm: syz.3.1704 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  395.953265][T12172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  395.956062][T12172] Call Trace:
[  395.956942][T12172]  <TASK>
[  395.957715][T12172]  dump_stack_lvl+0x16c/0x1f0
[  395.958961][T12172]  should_fail_ex+0x497/0x5b0
[  395.960180][T12172]  ? fs_reclaim_acquire+0xae/0x150
[  395.961505][T12172]  should_failslab+0xc2/0x120
[  395.962735][T12172]  __kmalloc_noprof+0xcb/0x400
[  395.963986][T12172]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  395.965450][T12172]  tomoyo_realpath_from_path+0xb9/0x720
[  395.966905][T12172]  ? tomoyo_path_number_perm+0x232/0x590
[  395.968359][T12172]  tomoyo_path_number_perm+0x245/0x590
[  395.969776][T12172]  ? tomoyo_path_number_perm+0x232/0x590
[  395.971246][T12172]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  395.972748][T12172]  ? trace_lock_acquire+0x14a/0x1d0
[  395.974002][T12172]  ? lock_acquire+0x2f/0xb0
[  395.975199][T12172]  ? __fget_files+0x40/0x3f0
[  395.976416][T12172]  ? __fget_files+0x244/0x3f0
[  395.977645][T12172]  security_file_ioctl+0x9b/0x240
[  395.978970][T12172]  __x64_sys_ioctl+0xbb/0x220
[  395.980207][T12172]  do_syscall_64+0xcd/0x250
[  395.981443][T12172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.983000][T12172] RIP: 0033:0x7f094377dff9
[  395.984154][T12172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.989055][T12172] RSP: 002b:00007f0944525038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  395.991206][T12172] RAX: ffffffffffffffda RBX: 00007f0943935f80 RCX: 00007f094377dff9
[  395.993199][T12172] RDX: 0000000020000100 RSI: 00000000c0205648 RDI: 0000000000000003
[  395.995247][T12172] RBP: 00007f0944525090 R08: 0000000000000000 R09: 0000000000000000
[  395.997283][T12172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.999313][T12172] R13: 0000000000000000 R14: 00007f0943935f80 R15: 00007fffe45f9498
[  396.001342][T12172]  </TASK>
[  396.004664][T12172] ERROR: Out of memory at tomoyo_realpath_from_path.
[  396.176169][T12006] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  396.286779][T12178] netlink: 4560 bytes leftover after parsing attributes in process `syz.2.1706'.
[  396.289249][T12178] netlink: 4560 bytes leftover after parsing attributes in process `syz.2.1706'.
[  396.291543][T12178] netlink: 69 bytes leftover after parsing attributes in process `syz.2.1706'.
[  396.326127][T12006] usb 6-1: Using ep0 maxpacket: 8
[  396.332346][T12006] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  396.334987][T12006] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  396.337866][T12006] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  396.340415][T12006] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  396.343726][T12006] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  396.347805][T12006] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.387003][T12190] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1709'.
[  396.389319][T12190] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1709'.
[  396.399385][T12190] bond21: entered allmulticast mode
[  396.400927][T12190] 8021q: adding VLAN 0 to HW filter on device bond21
[  396.411119][   T39] audit: type=1400 audit(1729322294.749:818): avc:  denied  { listen } for  pid=12182 comm="syz.0.1708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  396.420205][   T39] audit: type=1400 audit(1729322294.759:819): avc:  denied  { accept } for  pid=12182 comm="syz.0.1708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  396.554691][T12006] usb 6-1: GET_CAPABILITIES returned 0
[  396.556221][T12006] usbtmc 6-1:16.0: can't read capabilities
[  396.756291][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.758971][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.761391][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.763764][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.766131][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.768523][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.771013][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.773372][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.775756][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.778196][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.781355][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.784619][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.787861][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.792893][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.796178][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.798999][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  396.802541][   T73] usb 6-1: USB disconnect, device number 38
[  397.217819][T12204] binder: BINDER_SET_CONTEXT_MGR already set
[  397.219577][   T39] audit: type=1400 audit(1729322295.559:820): avc:  denied  { setopt } for  pid=12202 comm="syz.0.1713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  397.223364][T12204] binder: 12202:12204 ioctl 4018620d 20000100 returned -16
[  397.256223][ T5352] Bluetooth: hci3: command 0x0405 tx timeout
[  397.286125][   T39] audit: type=1400 audit(1729322295.619:821): avc:  denied  { listen } for  pid=12210 comm="syz.0.1715" lport=35675 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  397.316722][   T39] audit: type=1400 audit(1729322295.649:822): avc:  denied  { getopt } for  pid=12210 comm="syz.0.1715" lport=35675 faddr=::ffff:172.30.0.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  397.586116][ T5389] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  397.693896][   T39] audit: type=1400 audit(1729322296.029:823): avc:  denied  { bind } for  pid=12227 comm="syz.3.1718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  397.694802][T12229] RDS: rds_bind could not find a transport for 2001::1, load rds_tcp or rds_rdma?
[  397.736130][ T5389] usb 6-1: Using ep0 maxpacket: 16
[  397.740738][ T5389] usb 6-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  397.743412][ T5389] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.745570][ T5389] usb 6-1: Product: syz
[  397.746929][ T5389] usb 6-1: Manufacturer: syz
[  397.748241][ T5389] usb 6-1: SerialNumber: syz
[  397.750553][ T5389] usb 6-1: config 0 descriptor??
[  397.754101][ T5389] as10x_usb: device has been detected
[  397.755999][ T5389] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  397.766746][ T5389] usb 6-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  397.782361][ T5389] as10x_usb: error during firmware upload part1
[  397.784612][ T5389] Registered device Sky IT Digital Key (green led)
[  397.962100][T12219] random: crng reseeded on system resumption
[  397.969019][T12219] FAULT_INJECTION: forcing a failure.
[  397.969019][T12219] name failslab, interval 1, probability 0, space 0, times 0
[  397.973940][T12219] CPU: 2 UID: 0 PID: 12219 Comm: syz.1.1716 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  397.977526][T12219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  397.981103][T12219] Call Trace:
[  397.982236][T12219]  <TASK>
[  397.983232][T12219]  dump_stack_lvl+0x16c/0x1f0
[  397.984815][T12219]  should_fail_ex+0x497/0x5b0
[  397.986073][T12219]  should_failslab+0xc2/0x120
[  397.987655][T12219]  __kmalloc_cache_noprof+0x6b/0x300
[  397.989476][T12219]  ? async_schedule_node_domain+0x54/0x120
[  397.991446][T12219]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  397.993527][T12219]  async_schedule_node_domain+0x54/0x120
[  397.995435][T12219]  dev_cache_fw_image+0x38f/0x490
[  397.997138][T12219]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  397.999025][T12219]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  398.000878][T12219]  dpm_for_each_dev+0x5a/0xb0
[  398.002474][T12219]  fw_pm_notify+0x81/0x150
[  398.003987][T12219]  notifier_call_chain+0xb9/0x410
[  398.005678][T12219]  ? __pfx_fw_pm_notify+0x10/0x10
[  398.007403][T12219]  blocking_notifier_call_chain_robust+0xc9/0x170
[  398.009547][T12219]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  398.011906][T12219]  pm_notifier_call_chain_robust+0x27/0x60
[  398.013864][T12219]  snapshot_open+0x218/0x2b0
[  398.015545][T12219]  ? __pfx_snapshot_open+0x10/0x10
[  398.017280][T12219]  misc_open+0x35a/0x420
[  398.018727][T12219]  ? __pfx_misc_open+0x10/0x10
[  398.020336][T12219]  chrdev_open+0x237/0x6a0
[  398.021849][T12219]  ? __pfx_chrdev_open+0x10/0x10
[  398.023528][T12219]  ? security_file_open+0x62a/0x9d0
[  398.025280][T12219]  do_dentry_open+0x6ca/0x1530
[  398.026910][T12219]  ? __pfx_chrdev_open+0x10/0x10
[  398.028583][T12219]  ? inode_permission+0xdd/0x5f0
[  398.030256][T12219]  vfs_open+0x82/0x3f0
[  398.031636][T12219]  ? may_open+0x1f2/0x400
[  398.033094][T12219]  path_openat+0x1e6a/0x2d60
[  398.034852][T12219]  ? __pfx_path_openat+0x10/0x10
[  398.036164][T12219]  ? __pfx___lock_acquire+0x10/0x10
[  398.037535][T12219]  do_filp_open+0x1dc/0x430
[  398.038755][T12219]  ? __pfx_do_filp_open+0x10/0x10
[  398.040084][T12219]  ? find_held_lock+0x2d/0x110
[  398.041359][T12219]  ? _raw_spin_unlock+0x28/0x50
[  398.042651][T12219]  ? alloc_fd+0x2d7/0x6c0
[  398.043801][T12219]  do_sys_openat2+0x17a/0x1e0
[  398.045049][T12219]  ? __pfx_do_sys_openat2+0x10/0x10
[  398.046436][T12219]  ? __fget_files+0x244/0x3f0
[  398.047686][T12219]  __x64_sys_openat+0x175/0x210
[  398.048971][T12219]  ? __pfx___x64_sys_openat+0x10/0x10
[  398.050395][T12219]  ? ksys_write+0x1ad/0x260
[  398.051610][T12219]  do_syscall_64+0xcd/0x250
[  398.052822][T12219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.054402][T12219] RIP: 0033:0x7fb4d537dff9
[  398.055589][T12219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.060581][T12219] RSP: 002b:00007fb4d6096038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  398.062770][T12219] RAX: ffffffffffffffda RBX: 00007fb4d5535f80 RCX: 00007fb4d537dff9
[  398.064843][T12219] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[  398.066921][T12219] RBP: 00007fb4d6096090 R08: 0000000000000000 R09: 0000000000000000
[  398.068989][T12219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.071356][T12219] R13: 0000000000000000 R14: 00007fb4d5535f80 R15: 00007ffd72f9e238
[  398.073432][T12219]  </TASK>
[  398.079224][T12219] 
[  398.080074][T12219] ============================================
[  398.081723][T12219] WARNING: possible recursive locking detected
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  398.083352][T12219] 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0 Not tainted
[  398.086637][T12219] --------------------------------------------
[  398.089554][T12219] syz.1.1716/12219 is trying to acquire lock:
[  398.091637][T12219] ffffffff8f0ab368 (fw_lock){+.+.}-{3:3}, at: assign_fw+0x4e/0x600
[  398.094312][T12219] 
[  398.094312][T12219] but task is already holding lock:
[  398.096395][T12219] ffffffff8f0ab368 (fw_lock){+.+.}-{3:3}, at: fw_pm_notify+0x69/0x150
[  398.098361][T12219] 
[  398.098361][T12219] other info that might help us debug this:
[  398.100285][T12219]  Possible unsafe locking scenario:
[  398.100285][T12219] 
[  398.102101][T12219]        CPU0
[  398.102940][T12219]        ----
[  398.103752][T12219]   lock(fw_lock);
[  398.104693][T12219]   lock(fw_lock);
[  398.105615][T12219] 
[  398.105615][T12219]  *** DEADLOCK ***
[  398.105615][T12219] 
[  398.107613][T12219]  May be due to missing lock nesting notation
[  398.107613][T12219] 
[  398.109632][T12219] 5 locks held by syz.1.1716/12219:
[  398.110924][T12219]  #0: ffffffff8eea4b88 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x63/0x420
[  398.113010][T12219]  #1: ffffffff8e07e188 (system_transition_mutex){+.+.}-{3:3}, at: lock_system_sleep+0x87/0xa0
[  398.115591][T12219]  #2: ffffffff8e0bbf50 ((pm_chain_head).rwsem){++++}-{3:3}, at: blocking_notifier_call_chain_robust+0xa9/0x170
[  398.118485][T12219]  #3: ffffffff8f0ab368 (fw_lock){+.+.}-{3:3}, at: fw_pm_notify+0x69/0x150
[  398.120619][T12219]  #4: ffffffff8f0a5ee8 (dpm_list_mtx){+.+.}-{3:3}, at: dpm_for_each_dev+0x2d/0xb0
[  398.122906][T12219] 
[  398.122906][T12219] stack backtrace:
[  398.124384][T12219] CPU: 3 UID: 0 PID: 12219 Comm: syz.1.1716 Not tainted 6.12.0-rc3-syzkaller-00319-gb04ae0f45168 #0
[  398.127006][T12219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  398.130293][T12219] Call Trace:
[  398.131485][T12219]  <TASK>
[  398.132497][T12219]  dump_stack_lvl+0x116/0x1f0
[  398.134132][T12219]  print_deadlock_bug+0x2e3/0x410
[  398.135875][T12219]  __lock_acquire+0x2185/0x3ce0
[  398.137541][T12219]  ? __pfx___lock_acquire+0x10/0x10
[  398.139304][T12219]  lock_acquire.part.0+0x11b/0x380
[  398.141120][T12219]  ? assign_fw+0x4e/0x600
[  398.142423][T12219]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  398.143833][T12219]  ? rcu_is_watching+0x12/0xc0
[  398.145003][T12219]  ? trace_lock_acquire+0x14a/0x1d0
[  398.146369][T12219]  ? assign_fw+0x4e/0x600
[  398.147824][T12219]  ? lock_acquire+0x2f/0xb0
[  398.149366][T12219]  ? assign_fw+0x4e/0x600
[  398.150847][T12219]  __mutex_lock+0x175/0x9c0
[  398.152391][T12219]  ? assign_fw+0x4e/0x600
[  398.154010][T12219]  ? assign_fw+0x4e/0x600
[  398.155159][T12219]  ? __pfx___mutex_lock+0x10/0x10
[  398.156450][T12219]  ? kasan_quarantine_put+0x10a/0x240
[  398.157807][T12219]  ? lockdep_hardirqs_on+0x7c/0x110
[  398.159047][T12219]  ? assign_fw+0x4e/0x600
[  398.160115][T12219]  ? _request_firmware+0x8f2/0x13d0
[  398.161381][T12219]  assign_fw+0x4e/0x600
[  398.162429][T12219]  _request_firmware+0x923/0x13d0
[  398.163677][T12219]  ? __pfx__request_firmware+0x10/0x10
[  398.165038][T12219]  ? lock_acquire.part.0+0x11b/0x380
[  398.166340][T12219]  ? find_held_lock+0x2d/0x110
[  398.167522][T12219]  __async_dev_cache_fw_image+0xb2/0x340
[  398.168906][T12219]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  398.170446][T12219]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  398.171823][T12219]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  398.173303][T12219]  async_schedule_node_domain+0xd1/0x120
[  398.174721][T12219]  dev_cache_fw_image+0x38f/0x490
[  398.176097][T12219]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  398.177430][T12219]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  398.178817][T12219]  dpm_for_each_dev+0x5a/0xb0
[  398.179985][T12219]  fw_pm_notify+0x81/0x150
[  398.181095][T12219]  notifier_call_chain+0xb9/0x410
[  398.182358][T12219]  ? __pfx_fw_pm_notify+0x10/0x10
[  398.183620][T12219]  blocking_notifier_call_chain_robust+0xc9/0x170
[  398.185277][T12219]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  398.187243][T12219]  pm_notifier_call_chain_robust+0x27/0x60
[  398.188733][T12219]  snapshot_open+0x218/0x2b0
[  398.189930][T12219]  ? __pfx_snapshot_open+0x10/0x10
[  398.191248][T12219]  misc_open+0x35a/0x420
[  398.192337][T12219]  ? __pfx_misc_open+0x10/0x10
[  398.193562][T12219]  chrdev_open+0x237/0x6a0
[  398.194729][T12219]  ? __pfx_chrdev_open+0x10/0x10
[  398.196003][T12219]  ? security_file_open+0x62a/0x9d0
[  398.197360][T12219]  do_dentry_open+0x6ca/0x1530
[  398.198606][T12219]  ? __pfx_chrdev_open+0x10/0x10
[  398.199870][T12219]  ? inode_permission+0xdd/0x5f0
[  398.201136][T12219]  vfs_open+0x82/0x3f0
[  398.202216][T12219]  ? may_open+0x1f2/0x400
[  398.203322][T12219]  path_openat+0x1e6a/0x2d60
[  398.204506][T12219]  ? __pfx_path_openat+0x10/0x10
[  398.205771][T12219]  ? __pfx___lock_acquire+0x10/0x10
[  398.207133][T12219]  do_filp_open+0x1dc/0x430
[  398.208294][T12219]  ? __pfx_do_filp_open+0x10/0x10
[  398.209574][T12219]  ? find_held_lock+0x2d/0x110
[  398.210816][T12219]  ? _raw_spin_unlock+0x28/0x50
[  398.212064][T12219]  ? alloc_fd+0x2d7/0x6c0
[  398.213173][T12219]  do_sys_openat2+0x17a/0x1e0
[  398.214402][T12219]  ? __pfx_do_sys_openat2+0x10/0x10
[  398.215728][T12219]  ? __fget_files+0x244/0x3f0
[  398.216956][T12219]  __x64_sys_openat+0x175/0x210
[  398.218204][T12219]  ? __pfx___x64_sys_openat+0x10/0x10
[  398.219566][T12219]  ? ksys_write+0x1ad/0x260
[  398.220733][T12219]  do_syscall_64+0xcd/0x250
[  398.221897][T12219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.223413][T12219] RIP: 0033:0x7fb4d537dff9
[  398.224555][T12219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.229454][T12219] RSP: 002b:00007fb4d6096038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  398.231571][T12219] RAX: ffffffffffffffda RBX: 00007fb4d5535f80 RCX: 00007fb4d537dff9
[  398.233578][T12219] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[  398.235594][T12219] RBP: 00007fb4d6096090 R08: 0000000000000000 R09: 0000000000000000
[  398.237690][T12219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.239701][T12219] R13: 0000000000000000 R14: 00007fb4d5535f80 R15: 00007ffd72f9e238
[  398.241696][T12219]  </TASK>
[  399.336409][ T5348] Bluetooth: hci3: command 0x0405 tx timeout

VM DIAGNOSIS:
07:18:16  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffea0001354480 RCX=ffffffff81dc6a30 RDX=ffff8880291da440
RSI=ffffffff81dc6a3e RDI=0000000000000007 RBP=ffffea0001354480 RSP=ffffc900033cf820
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=1ffffffff1c386b9
R12=ffffea000156c048 R13=0000000000000001 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff818d83c6 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f8d43867d60 CR3=0000000033984000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d42d0b6a3 00007f8d42d0b6a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc7561b70 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555872b8490
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555587334a85 0000555587334160
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555872c08b4 00005555872c08b0
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc7561ef0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000040c012ba005 0800039210000380 041180040f80040a 0148000200118803
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0112100001808080 801000000406012a d800100001080026 a0e210000410000f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fac080100000040c 012ba00508000392 1000038004118004 0f80040a01480002
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0011880300020011 86037a797301ffff fffffffffffff908 1180030072657375
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01ffffffffffffff fff5080f80030010 0008800401080006 0143f002080008e0
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff1c69bcf RBX=1ffff92000116178 RCX=ffffc900008b0bf0 RDX=ffffc900008b0c88
RSI=ffff88816da40000 RDI=ffffffff8df7c888 RBP=ffff88816da40000 RSP=ffffc900008b0bb8
R8 =ffffc900008b0c00 R9 =0000000000000000 R10=0000000000000000 R11=00000000000a4012
R12=ffffc900008b0c88 R13=dffffc0000000000 R14=0000000000000002 R15=0000000000000000
RIP=ffffffff813f5140 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555555ba500 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3ea04d CR3=000000005abb8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effd89f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effd89f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effd89f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effd89f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effd89f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effd89f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effd8b0b488 00007effd8b0b480 00007effd8b0b478 00007effd8b0b450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effd966d100 00007effd8b0b440 00007effd8b00004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effd8b0b498 00007effd8b0b490 00007effd8b0b488 00007effd8b0b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000040000000 RBX=ffff888029598000 RCX=ffffffff812fa73f RDX=ffff8880295e8000
RSI=ffffffff812fa74d RDI=ffff8880295e9940 RBP=ffff8880295e8000 RSP=ffffc900280ef600
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=ffff8880295e9940 R14=0000000000000002 R15=ffff8880295e9880
RIP=ffffffff813354f6 RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f642c583500 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fb4d4dffd58 CR3=00000000309b2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000005000001 Opmask01=0000000000000000 Opmask02=0000000040000000 Opmask03=0000000000000000
Opmask04=000000007fffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd61f64260 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e6f63007325 203a726f72726520 64656e7275746572 2072657672657300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40514b4a46005600 051f574a57574005 41404b5750514057 0557405357405600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a30303020303030 3030303020303030 3020303641345f47 3730302030343230
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000203020303020 3030203020203030 202030203034202e 3720302020303220
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3600323e2a3b3a2a 33322a3e3c2a326e 2a3d6c2a6c6c2a6c 6c2a6c6c2a326b2a
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a3a3a3a2a30594d 4b464c4f2a32393a 3c333a3c6e3e686c 3d3a3a3a3a306838
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000054 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850af3f5 RDI=ffffffff9aae6b80 RBP=ffffffff9aae6b40 RSP=ffffc90003916c20
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000054 R14=ffffffff850af390 R15=0000000000000000
RIP=ffffffff850af41f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fb4d60966c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b33a04ff8 CR3=0000000049ff4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000400001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a2a3 ffffffff8100a2bf
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a2bf ffffffff8100a2a3
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8100a2a3
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09437f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09437f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09437f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09437f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09437f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09437f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c696620706177 730074616d726f66 2079726100040008 000c00130014000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40494c4305554452 5600514448574a43 055c57444b4c4705 4b524a4b4e4b5000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000c 0000000000000000 0000000000000000 000000000001b2bc
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000