last executing test programs:

2.480969043s ago: executing program 0 (id=2562):
r0 = socket(0x10, 0x803, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x17, 0x5, &(0x7f0000000040)=@framed={{0x46, 0xa, 0x0, 0x0, 0x0, 0x63, 0x11, 0x4}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000001340)={{0x0, 0x7, 0xea, 0xffff, 0x1, 0x63d, 0x2, 0xcb, 0x9, 0x6, 0x0, 0x4, 0x7, 0x8, 0x7}})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$inet6(r3, &(0x7f0000001300)={&(0x7f00000000c0)={0xa, 0x4e21, 0x4, @empty, 0x1}, 0x1c, 0x0, 0x0, &(0x7f00000012c0)=[@flowinfo={{0x14, 0x29, 0xb, 0x5}}], 0x18}, 0x20040040)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x28, 0x13, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x28}}, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
clock_gettime(0x0, &(0x7f0000000200)={<r8=>0x0, <r9=>0x0})
ppoll(&(0x7f00000001c0)=[{r3, 0x8000}, {r3, 0x1000}, {r2, 0x2223}], 0x3, &(0x7f0000000280)={r8, r9+10000000}, &(0x7f00000002c0)={[0x46]}, 0x8)
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x90, 0x2c, 0xd2b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x64, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0xe, 0x1, 0x3, 0x1, 0x4, 0x2, 0x6, 0xfffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xffff, 0xa}}, @TCA_U32_INDEV={0x14, 0x8, 'xfrm0\x00'}]}}]}, 0x90}}, 0x24040084)

1.521612307s ago: executing program 0 (id=2575):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x1)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB, @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xb8}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.521351752s ago: executing program 1 (id=2576):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
r3 = accept4(0xffffffffffffffff, &(0x7f0000000200)=@qipcrtr, &(0x7f0000000280)=0x80, 0x80800)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x620020}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000000f14200026bd7000fcdbdf2508000300030000001100450069625f6d756c746963617b740000000008000300000000000a00450069706f69620000000800030001000000080045006d6164000b0045007576657262730000"], 0x5c}, 0x1, 0x0, 0x0, 0x20044005}, 0x40)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002000)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xd, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8c8}, 0x20004804)
r9 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r9, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0xe})
r10 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r10, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
close_range(r0, 0xffffffffffffffff, 0x0)

1.521146543s ago: executing program 0 (id=2577):
r0 = openat$ttyprintk(0xffffff9c, &(0x7f0000001b40), 0x101000, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000001b80))
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001400)=ANY=[@ANYBLOB="3c0000001000010800"/20, @ANYRES32=r4, @ANYBLOB="00410000000000001c002b8008000100", @ANYRES32, @ANYBLOB="0800030019000000080008"], 0x3c}}, 0x0)
read$FUSE(r1, &(0x7f0000000140)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_DIRENT(r1, &(0x7f0000002340)=ANY=[@ANYBLOB="e001000000000000", @ANYRES64=r5, @ANYBLOB="07000000000000140000000000000000b7010000000000007fb4e4a3e82449888c0a7daca90e9204bcd4badb080000005300bd75b93bcdeb1a4cec3f7f5c4ee14589c966d18a78f381044b4a0be919482bdfe3dba4324c68b8e46e4cfe31d560864363ddf26e0ea7f58603eeec38ad06a8d730baa9ae28c00633d5b669ebaee23e66a1c7e85fd9ae2c8db001f03cd65f65a44610c0c6103d17161ad98baf711e5fee20bb929f890a1bafa2444469e49b65676376a1e4458f738ec65b2e980f3bc34835fb0ee8b23c3e0deb9b0cf615f2c0264cec3bcac0a3b684c7689c9dfd55592d6f33ce00003390dc9f952cb2a50dcc98f500000000000000004af4a9d032530c5afbfc2021650e2febc5fae3f59e91ad4abd2b2d6eb4b86134bcdf1dd8c144ff7c4724f60df3ad354f7ea97109b4830a0666f0b3a604a7ecfd7af3da58c15341e478a1d96aaabd54bec794a8e5779711080cfce69a7811035281c9901f51f7ae2868d28f6a0970f856645930a8c67c4d3f324a03fffa499a76f65e0152ce40b4e5080021546fdb7ddd9d267c4c2b55b210ae6fe6f5cfb2b11084d02296a846737456b53ad78c45950e0c674abaee178bc2c13c4063c107170894b206fb8e340fca54e14d98064d7ca9b79a82f402"], 0x1e0)
openat$ttyprintk(0xffffff9c, &(0x7f0000001b40), 0x101000, 0x0) (async)
ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000001b80)) (async)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001400)=ANY=[@ANYBLOB="3c0000001000010800"/20, @ANYRES32=r4, @ANYBLOB="00410000000000001c002b8008000100", @ANYRES32, @ANYBLOB="0800030019000000080008"], 0x3c}}, 0x0) (async)
read$FUSE(r1, &(0x7f0000000140)={0x2020}, 0x2020) (async)
write$FUSE_DIRENT(r1, &(0x7f0000002340)=ANY=[@ANYBLOB="e001000000000000", @ANYRES64=r5, @ANYBLOB="07000000000000140000000000000000b7010000000000007fb4e4a3e82449888c0a7daca90e9204bcd4badb080000005300bd75b93bcdeb1a4cec3f7f5c4ee14589c966d18a78f381044b4a0be919482bdfe3dba4324c68b8e46e4cfe31d560864363ddf26e0ea7f58603eeec38ad06a8d730baa9ae28c00633d5b669ebaee23e66a1c7e85fd9ae2c8db001f03cd65f65a44610c0c6103d17161ad98baf711e5fee20bb929f890a1bafa2444469e49b65676376a1e4458f738ec65b2e980f3bc34835fb0ee8b23c3e0deb9b0cf615f2c0264cec3bcac0a3b684c7689c9dfd55592d6f33ce00003390dc9f952cb2a50dcc98f500000000000000004af4a9d032530c5afbfc2021650e2febc5fae3f59e91ad4abd2b2d6eb4b86134bcdf1dd8c144ff7c4724f60df3ad354f7ea97109b4830a0666f0b3a604a7ecfd7af3da58c15341e478a1d96aaabd54bec794a8e5779711080cfce69a7811035281c9901f51f7ae2868d28f6a0970f856645930a8c67c4d3f324a03fffa499a76f65e0152ce40b4e5080021546fdb7ddd9d267c4c2b55b210ae6fe6f5cfb2b11084d02296a846737456b53ad78c45950e0c674abaee178bc2c13c4063c107170894b206fb8e340fca54e14d98064d7ca9b79a82f402"], 0x1e0) (async)

1.430461656s ago: executing program 0 (id=2578):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
r1 = eventfd(0x985)
syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8)
socket(0x28, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$key(0xf, 0x3, 0x2)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
socket$inet(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x40000012})
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f0000000340)=[r4], &(0x7f0000000280)=[0x1], &(0x7f0000000200), &(0x7f0000000240), 0x0, 0x7f})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x1, r1, 0x3, 0x80000})
read$FUSE(r0, &(0x7f0000003400)={0x2020}, 0x2020)

1.426769861s ago: executing program 1 (id=2579):
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='\t\x00\x00\x00\f'], 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
vmsplice(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)='wi', 0x2}], 0x1, 0x1)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00', @ANYRES16=r4, @ANYBLOB="010100000000000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.405317493s ago: executing program 0 (id=2580):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000004c0)={<r1=>0x0, @in={{0x2, 0x4e22, @multicast1}}, [0x5, 0x7, 0x6, 0x8000, 0x3, 0x4d8, 0x100, 0x5, 0x6, 0x5, 0x5, 0x0, 0x3, 0xf]}, &(0x7f0000000140)=0x100)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000005c0)={<r2=>0x0})
r3 = syz_open_procfs(0x0, &(0x7f0000000580)='net/tcp6\x00')
preadv(r3, &(0x7f00000000c0)=[{&(0x7f0000000200)=""/146, 0x92}, {&(0x7f0000000380)=""/203, 0xcb}], 0x2, 0x7, 0x7fff)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f00000017c0)={0x0, r2, "e1b31f226dd0915004b3a6dd6eb55a7b30d0d15e30e7c7c1b9347776be592538f2321b2398268f3d3284ea447942ee0ae4d988c45c2024a885a546a3a537db88562486acae3c91a3d4e706b9edf89da5b6c06891c3975a5a8eb07d3937ae64abf50d40e1ce45565ece75238bd60a46e4cb81a1bf55d458d0241a6a8bab0c4ad11288ab70758bb8d94510371c2196164e7069e3a209e5f3e322807dabccb63c11c4141fe9e3165b471c7ca2a057ca006cc9885f3c94a5e8e07e153b2061eb7597d0676718a307d72997349f6d79e951af973ffae816204e02bdab21f48efd25650c404f240c7aee12e70ca1738cd15fc0e2d17cc20a7a50298fb162baba65404a", "ee02398d61f72d3b581c0c762dd153c48322bec191b751454730b610598bd25822ecc0354882eb3883e56b6f681eacaf8444e07326f196bc4692b16092d4d7673de365273e2ad8ef6c8c78670a7e91216a1e14f11b636ee8cca5830744465ee7b436252106bee5b42e929cd2f38f3264a7e2d051116d8487e6d09220d12e7b67f09684b9d0cea7407f658fbad20b11a2401bdf9456cc2e5642cd884e38de8bace6566953ac63b801f5dc9c2cd460c0471396d22baa36f55c5a8745f776719eae2cd1cfdff40b5982ced929c2ed66784ca8e6bd307e63cb8df472c270a3d72a0715f6ec00be868165e8552861b858e549d9d42afb3fa4bd353db571c9c978a6ec42b0dae67a7c37ec987f9f6ff4cdd46671e600ff8987b77cbe11024967f8556b4db439523b416824d1af7a444efe2cba534584b508c92f13401900fd1afad3ebf18167fd7058c176bd6741fefe497ff9cf0410cf743e7fe48384cba948bd9eb38f3ab064f6ce094b5681fffe381417bd179bfde6db3a365b7387b8d5c426ab55fdcd710e849658c90128be9d04abb63fc310bb2c3f75144be5b6411811f691be507cac83683ed2e7433b6a2d04f9471d707db0c4e15ce1f138a4414721e2a1a11658ec31f91f59803265ce2ac2f7125d03002a9f040e75e52edb23fbd47512e9c1339e97758e9ae7ae8a8910e00dbacc11fae9d0223f042d319e923926cc78ce2def2f7218bc475e8c08b5dd9351d7e381e798ba648fb8574e84f436405b34ed0a79bd2a96bd2625f6a762b2e1a7f33d826e023b10e7625db2cfd5df518f4e50c7cd34979c156ba3a01279c1e0ec7696f56cd2918c22ba7c3123a78b7d5fd36dfc089172c7a17ad70190fbf97b9b8221d64efb411c4714507b0c92598a0b6d39a9d7d14669c673b941def721f371d52f99de4198001a529f5bb2895172db12f4222937f957186481d75e1d4c96a218fcdc646ec8e6d6269e8dc742af7362e0fb53959fb682c7110f84d57735d753464984e6aafe9f7ea73f50c585a0583e5f02f388bafa6eac4ef54abd95f606e6175304a1c7f563a3e4ddb437d8c2ef6cbaa0227b4e9533da40f90acdca669ae7148b65001adaa90d18a2e5d2ff2c4e31ff03b451c78cc6be1286307746e29db8a7dcd4c7aa3b8d624b1a97b817068a0bae09336e6ec1c1924c4bb3db318d3736d92825f1c9743c5a4aa85812dc433986d9b846cf534c0ec40f52fbd0939c5952c64554fc081bf97f1e38e804d962f2d007d0d60fa03782846ce500f650e058b7c5c17f2e8dda1098dab4d342dc111bc75cc7b101dbb1f0c29110069db1879af1d5e1f833f9ab38d7fce805a308650a3455a8378cc96496f0227c1f8cc67bc48b20f897517c7af1b92284963caa3b5b82a94416f5f42e94f847a9680f638a4b0f7d2313aeb5f97083f834ac8cd6a7ed98a468cfb0243033358b28181f65dcbb36892a1ed33f2ff214cc799e4b15ec483b882ae4523214fa038d4b07b4fcc123618e0303def1cc9b3ca3406254731b58b0a16910735e1fca284af9a421c9f81344d7c0041d3e9000c5c07dea4515575ab00506175564e13083b8d7b00eef6f9410695aa0de8ab7dbc61b5dd7ef07d3f88d40d0bf11269ed81fa414df4bb6ba0ae60d8a3ed84ab11ee5e11eb5d5d5a270a6088c8fb3c52af07b3b7ac74d03bcfe925d5133839268d3ab3ec333ae292fe66e5fd1ea8aa5c04db2affd78019d83018d562cf633cee5acab409e88b1e6518632c5c9d06998e541657364628d5d9ead30b24223588ef449e697a35cf160d5665d03a04d4aa80c11d504d093c9d86c49069581cc3d790b0759d318f05bced83f9c31ddc0bd8ac2f60324504e1580ec3f8f840d108f50d193a142de108c5454008364818bbed95f79ea31eefef74a79026f03a60ad768c1c3af05ff307ce3b865cde5fa3b52b3726b41bfca4bb5acaf3f6f3b6a06322f0eef48259ea9b03a3ea094141eab686b5176ee4c4cd51ed1a48ca06a1497694db30123393ccdf75240c6b8f041f8ac9a0c436b3094f9e6630dd849cf2d7e582801843a24948ca3903c42d74ba32186cfa02ce3fe3994c74a8282acb3b3cef2a59e3f6beb970152649054095d2c3b976b506918914094d9923f084cf344f75d44a87d1b1a47a63e9f786509f86343fe097eb6dbf69e400d79fbc73b3ffcd446f6e0e40ebe0a749b2fe2a19faecc0e95a20ffc2ad6f3a5b6d693645f94c92e3c377c7b1987ba8df951dc6fe8d49b0205bee4cada4babee74179f637da6773040b74ae3711fde7bd49f3812a7d8d2572f089bf74ed71e1e95599feeeff803ce7b82a58738ba5d1561a1f5ebc7991fbc384729117d932c53a6725ea02e9718fd9c34078d1a2eaea0483929542e097a87f68917dc4b1ddd5d96f065859e79f45e373d9bd203e91bd90e3ebebdde50e782e33a58853d12d5a27c12254dac32eb82ab3eab664740d5289b9b4210c27c72c5f4917ebde480cbe3b80d6e7662939b05864889364b374616697b03e610d982f8bd873424b996e194a9fa9e0ac25a2be6d666dd2af49f2a4c693d6069270d2a877a074393930c370b111f316ff8cba400dd7a4ebb3cc85ea48b085dc529286532c62279e1ee7de948eb97fe0d212bf7f391fa07cb617da79d4f4a7dfd671ef3c2d84dc91fe741b2a85441e83ea729a410d03b10f5ca66c87aed6e983b20ccb8c1583d79a8ab890972964ee18470d5aaaf0d0adacb545ba4b9a7fa72e204b023d6d7fcadf2bf092da6ebc13c9957d41352f0b84cc6e14a4e5a414f56336a98b54711aaa9dc91ce34d086be7d2df9495719b1f129a1aadcbb85ddbbb2b962cadd53eefcb59ab39315f3fa4028e27bd714db12a892a2f7204ec235f9d32767a38c489f928cf567df302c7a77544db53e57da20be0c6f484d238425e63c7555667cb2b67692c0282e33f296ebbf0d1cdadc1d2d1947af7e2b0e8970a2733bcd24063b6b2de4674c7d5c3837cb10a9b86d20c2766fa094fc352428e864fc0705846ff6fd0fb0e3c100bdb4164a11b93d63f33ab8b831d8def2b64ed737e287ed73383ab2e0373accbe0c7f5180d2f8d0eafbf4f8d4b89230661602c372bdca590cd7af6df1d4b416ff4918d0475ef0887ce0638e21df1f119d84014524d4e4712a2b435b8caf9a9e0068e4b3e03e452b6e6730c9b632e197efe496727ba945c719068f60db03a634d72f61f73c5be1517ac77a88f58acfc862345d2d249456ecf65f0b642a84ddc0d57ee5b39b7e71a05b01c4853a658fde82b93f6b3934329d9cc03b1579444a811defa0964a33e8a741e827f162ddda00fd57cf8ed9fc82898f9fd0aeabd72b30490ec796de19d5ce692a8c84f4642f9e9294c6b33ab121823b66dd4aaa93592bddcacd22866fbe62306b465cdb3aa582ec4c27f276b338c767eb6d41fc4cc5e515fec76d09a7da52917415b4019b73022a639887ae45fc21351cc11771b6a7101aaf0199c17fdef6510068a975bc3632bd9c98624e44c60e7c3eb9b15841c761c345d8422e627b0d163afc7e6b827a01667a56534c1c5e11e42fbf6e425fdd6aa0627ae45300191a71c813993ba65702d990d65c691e609174519e7636e749d8f5091f1f69beec2bff494fc4b1f166280f2fbf3409cee90a56a2136e2e17f65d13533ffde8672e7cf4b5722d3e1aee263da2cd5b490395b38595d624a6fc906e16f0510fb6bb77599e6bb279414ece4c7e0c44c06a0580795bb1ca1f10eacb0fcfbf0e3d0888665fda16879c571adba64e61efb35ffcc524dee321bcef9c62d3b6dee213b183d013a384188688accaf0f39e6e6ae14474ff59cddf439968e7f15f639a639758fe6941f89331b706b2dd3442976596c985636547fd785a587e36f072b3e37407812a02b7f772e3301fb917111d0f25b550ef4650eddcb5a64e380de5cbd72645ec490cd9289427d5904481a325eda11d5925f22135056eefbc564cf1611dbb5aa7dc72d8dfc05555f9e65cf74f43f34d30175743a4db734c906790f3e3a0724efa5771866bcaa010aee642a9c5baa62d2e478284164d30e54fc6569f9a09b72a55107bff1eccae76c5f3a2741d76a40da76db8aad0dcfe1f0fa3cb63bfdf3fdba6db7a1f3705849fc84dc90e2a48723b250220152b00e0a29bf996eff839e748a4060d06d5839ac99d5f2a866cbb0f340d5fb37433c45db4dc14ffba354c83b713dd29e551d4a7c9077a852617d514b8db39d01f433ec4113290a702651ed5552bb5ceaca4d9b300db6a8217642a97adcfe9156ff8f4bea81634b7df7f26b7ff08e2635b05ef7729a9799ba56c7a1c22662266cef0994bcee5aaf3823de76d8013ab255bcaaac1a4227af3e554b0628169231b2b8937011cb6bd2c35397da66e5b465253c1105eee4df6e2e74630bcd160de8631f5ae297e7a4f48bc8e18bac0489f0f951e51f487e728572dfb042718bcc961197554b3f84ebafcc29387349139a7b6086e81ce65471ed38b97c9ae28e6fc7e8e8e661c7bfddca1080b12afa0b71ab893426a1acfc9d89c644a423d7dfb299ce42a7b802a38b34f7c952377868daccb65ed74122b015a20437b9f5203306e8ff40461be73d8d63994641f5d7a18b54f57bb9b58a0b881f297b6c51b9a790a99ef68937515d39249652a16ae67c0726d2df681a0899809d32649616b2bff61af429f9f585f1a08dc360804d31b8ca81bf900a7a0feab1aed8ae8d3b1f2e379f223d4250240db13eda7c8c8b7e3ab6bda139d6c6820d5cdcf49455e33f65ea1973f3076b6ac275bdcaebe6d76a91a6db7aec61c83bac2fbf36eaa2f3614e63ac0449a8c41b0de3419b84ab75ecef52ea140dacaa9addeabb24b0587d564a890ea5be4e2cd5eccd811b72b0a17a97f5883ea582f76cb613f8566c3b240dde7399ecee1734f69951f77366d026c928d7728bab0d9f1451eda276df23a301ff346579b42ec9422cfccbde023ba7bf8deab8dc6f9890186c1a1e464dcd65a837c39cb7b579c3df4994e70ebd19d0ebfa087106e73025d1274fe18b621394abcc773e6a1f153367c9d98c40873cc187f092947011647685fd9a02ef30b1cbdae555cc85e38c4b9d28e531c53a9bd28dca8b12596fc8725deaa5e2b51d15f7586cdc1dad3075c157e558dac4e70fc5e3bd8c1fd9d2fa7a05f25c3014928db8fdccb803ca84811ea6865b57e315517b04abf0b958bee5c31642bd2196d68ad39c7f2105a2b78dbe75f6a0ae1ebc9acf630abfae4ac6b42d01b55aebf58e8e7dc78880689789882adf11ba9fc137f7e73887df7cfbc20d5fa3792ec4c733b941a295cee909e0e64d140001a9cbbf427cb69c7aa4ec51c1051db40a35755a9d2e261f55d391c2d1504ff6362aaf0778b77119d34cc0e"})
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x1d}, {0x2, [{@any, 0x5, 0x4, "ead219", 0x2c, 0x8}, {@none, 0xc, 0x42, "28b4f6", 0x9, 0x7f}]}}}, 0x20)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=ANY=[@ANYBLOB="7c0000001800dd8d0000000000000000020000000100000600000000060015000500000058001680540001"], 0x7c}}, 0x20000810)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={r1, 0x20, 0x20}, 0x2a)
msgctl$IPC_STAT(0x0, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r5 = socket(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000080)={0x1000, 0x88f, 0x507df30b}, 0x10)
r6 = io_uring_setup(0x3ca9, &(0x7f00000000c0)={0x0, 0xc63b, 0x2, 0x0, 0x3})
io_uring_enter(r6, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18)
r7 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000001740), 0x2, 0x0)
ioctl$VIDIOC_STREAMON(r7, 0x40045612, &(0x7f0000001780)=0x5)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
write$UHID_INPUT(r9, &(0x7f0000001040)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b32326d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735d56d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80ea7662496bddbb42be6bfb2e17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe2e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf9fffffff3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d43341359bafffa45237f104b96210403b2de9efed496f42355bc78719357467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f1edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46e070000004e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6ef70011db4a5fade2a57c10238e204a67737c3b42aae511b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d768ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8c3a154704b0e51bc664a137b263e719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28064634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f8172aaaea1cc43a606cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb30a00acedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c78722f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7bee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000008d80a4fe654578376e599aff3565b1d531f09912b9945030b81ea9935fd46edb44a78f600255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdbb4530821a91f2305474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c5b2c74707000000000000fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r10 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_T2(r10, 0x103, 0x2, 0x0, &(0x7f0000002fc0))
write(r5, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000100000000000000080003000b000000", 0x24)
sendmmsg$sock(r0, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)=' ', 0x34000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="a6", 0x1}], 0x1}}], 0x2, 0x40000)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000380)="5c0000c4011c8c7c4d7753566c62f7be0da0e200000000000016b8757182e3c86e007e1a6e9f8564d53272074fa8ac33ce07158ade198241496f633987f77021d93a9568b1971a7c869bfa4e2d3a66183635160a821df2de7963102639b752099bd2cc00000a7d1444d8af03e1a0a8", 0x6f}], 0x1)

1.360668524s ago: executing program 1 (id=2581):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x25, &(0x7f0000000000)={&(0x7f000000c300)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
r1 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0x7005, 0x0)
readv(r1, &(0x7f0000000000)=[{&(0x7f00000012c0)=""/191, 0x4}], 0x3)
r2 = socket$kcm(0x10, 0x2, 0x4)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000580)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000002040))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f00000003c0)={r4})
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000780)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00800020004000200060006000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

731.775656ms ago: executing program 2 (id=2588):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
r3 = accept4(0xffffffffffffffff, &(0x7f0000000200)=@qipcrtr, &(0x7f0000000280)=0x80, 0x80800)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x620020}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000000f14200026bd7000fcdbdf2508000300030000001100450069625f6d756c746963617b740000000008000300000000000a00450069706f69620000000800030001000000080045006d6164000b0045007576657262730000"], 0x5c}, 0x1, 0x0, 0x0, 0x20044005}, 0x40)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002000)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xd, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8c8}, 0x20004804)
r9 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r9, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0xe})
r10 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r10, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
close_range(r0, 0xffffffffffffffff, 0x0)

591.365869ms ago: executing program 2 (id=2589):
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='\t\x00\x00\x00\f'], 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
vmsplice(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)='wi', 0x2}], 0x1, 0x1)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00', @ANYRES16=r4, @ANYBLOB="010100000000000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

591.092797ms ago: executing program 2 (id=2590):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x11a)
mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
unshare(0x4000400)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000140)={&(0x7f0000519000/0x1000)=nil, &(0x7f0000646000/0x1000)=nil, 0x1000})
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r4, &(0x7f0000000f80)=""/4096, 0x1000)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000008c0)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x84}}, 0x0)
dup3(r4, r0, 0x80000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@gettaction={0x44, 0x32, 0x89910f7975f42df, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffd}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x123}]}, 0x44}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_IOC_READY(r5, 0x9360, 0xe)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000200001030000008ef54565ff05"], 0x14}}, 0x8000)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="ad43000000f45400000015"], 0x14}}, 0x0)

511.32447ms ago: executing program 0 (id=2591):
socket$l2tp6(0xa, 0x2, 0x73)
socket$key(0xf, 0x3, 0x2)
syz_usb_connect$cdc_ecm(0x3, 0x4d, &(0x7f0000001240)=ANY=[@ANYBLOB="12010000020000102505a1a44000010203010902"], 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00')
userfaultfd(0x801)
syz_open_dev$sndctrl(&(0x7f0000000240), 0x0, 0x2a8600)
openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000380), 0x2, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x40000012})
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x201, 0x1, &(0x7f0000000540)=[r1], &(0x7f0000000500)=[0x1], &(0x7f0000000200), &(0x7f0000000580), 0x0, 0x7f})

510.222064ms ago: executing program 2 (id=2592):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x3f, &(0x7f0000000000)={&(0x7f0000000600)=@newtfilter={0x24, 0x2c, 0xd2b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xf, 0x1}, {}, {0x7, 0xfff3}}}, 0x24}}, 0x24040084)

509.997132ms ago: executing program 1 (id=2593):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, './file0\x00'})
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRESHEX=r1], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x24000881)
r2 = syz_open_dev$loop(&(0x7f00000001c0), 0x2, 0x6840c1)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b04000000000008000002000000400004803c0001800b0001006e756d67656e00002c000280080004400000000708000340000000000800014000000001080001400000000c08000240000000000900010073797a30000000000900020073797a32"], 0x94}}, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r2)

430.853473ms ago: executing program 1 (id=2594):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x1)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB="0101000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xb8}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

430.525698ms ago: executing program 1 (id=2595):
r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800b704000000000000850000000300000095000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_usb_ep_write(0xffffffffffffffff, 0x1, 0xbe, &(0x7f0000000580)="63cb8dc503b4e7fd8e55759443285bb03ba3f4732cb6af49d74dd0c61932c1b21efeba1227a98de745f79c6f849767d56bbb08a2f97de256ed0ad27e0b071dc541874d243cfd5cb80e3ac11834c188938efb7b7ba95c6e8e0a9bf4909f8881b64313ee9a807a9729046571bcd79b6f77b7888eb52e6461d6762d0489fb7ff93880e4f992a3814e6f70054037225f1a123af4f2901ba231764b580451d5841e83c0ed1531a4a55c87780091e5f72bad859745ef9bb751c060bc75ad8de4ee")
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000400)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010800000000000000000b00000008000300", @ANYRES32=r5, @ANYBLOB="0a000600080211000000000038005080080003000bac0f0011000100cabee339084eeef109002471f40000000800070000000000050002"], 0x60}}, 0x0)
r6 = add_key$keyring(&(0x7f0000000100), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, r0)
r7 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, r6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x2, &(0x7f0000000040)=[{0x35}, {0x6}]})
r8 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, r7)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, r8)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r9, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x2e, 0x0, "8ddbb51a3cfd954e41e8ccb21f650fa6a867fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71bc4b828c7de258b6b9ca1fc52bcc83e2a016a"}, 0xd8)
bind$inet6(r9, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000a80)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401], [0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x7ff, 0x0, 0x0, 0x3fc], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x45c)
ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x1)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
close_range(r10, 0xffffffffffffffff, 0x0)

381.49006ms ago: executing program 2 (id=2596):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000500)={'pimreg0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
memfd_create(&(0x7f0000000080)='}\xa4-}3q\xe4\x83a\x0f\xa4\x18d{\x00', 0x3)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000540)=ANY=[@ANYBLOB="1200000081000000080000000200000000000000748fe833e5b6608c44dc", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)='%-010d \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={r1}, 0x4)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r2], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, @void, @value}, 0x94)
r3 = syz_io_uring_setup(0xcf, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x20000, 0x1f9}, &(0x7f0000000000)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x3c}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x4e, 0x2004, @fd_index=0x6, 0xfffffffffffffff9, 0x0, 0x0, 0x8, 0x0, {0x3}})
io_uring_enter(r3, 0x7f1e, 0x4000000, 0x40, 0x0, 0x0)

343.067717ms ago: executing program 2 (id=2597):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000280)={&(0x7f0000000240)=[<r2=>0x0], 0x1})
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x40049366, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000400)={&(0x7f0000000380)=[<r4=>0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], 0x4, r2, 0xeeeeeeee})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000500)={&(0x7f0000000d00)=[0x0, 0x0, 0x0], &(0x7f00000005c0)=[{}, {}, {}, {}], &(0x7f0000000440)=[<r5=>0x0, 0x0, 0x0], &(0x7f00000004c0), 0x4, 0x3, 0x3})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000d40), &(0x7f00000009c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000009c0), 0x0, 0x4, 0x4})
ioctl$SNDRV_PCM_IOCTL_READI_FRAMES(0xffffffffffffffff, 0x80184151, 0x0)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="02c9000a00061005001a0502000006"], 0xf)
accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x80800)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000cc0)=ANY=[@ANYBLOB="02c9100c00080001000b2d3cbd29b2aa723728935e91af6d9b8b040001000200cb450d0e197a251d1397a65a6e0182368940c68147c3c89e921e2be4d7ebfc8a"], 0x11)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x29, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r7, 0xc05064a7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[<r9=>0x0], &(0x7f00000000c0), 0x0, 0x1, 0x0, 0x0, r8})
ioctl$DRM_IOCTL_MODE_ATOMIC(r6, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f00000002c0)=[r8], &(0x7f0000000140)=[0x7], &(0x7f0000000800)=[r9], &(0x7f0000000100), 0x0, 0x400000000})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000b00)={&(0x7f0000000a80)=[0x0, <r10=>0x0, 0x0, 0x0], &(0x7f0000000ac0)=[0x0, 0x0], 0x4, 0x0, 0xc0c0c0c0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000004c0)={&(0x7f0000000480)=[0x0, 0x0], &(0x7f0000000980)=[0x0], 0x2, r4, 0xdededede})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000c80)={0x401, 0x6, &(0x7f0000000300)=[r2, r1, r1, r2, 0x0, r2], &(0x7f0000000340)=[0x7, 0x5, 0x9, 0x0, 0x7ff, 0xb7cf2ea, 0xffffffff], &(0x7f0000000c00)=[r4, r5, 0x0, r9, r10, 0x0], &(0x7f0000000c40)=[0x4, 0x80, 0x9b28, 0x9, 0xffffffffffff7fff, 0x9], 0x0, 0x7fffffff})
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073799b31000000000c000780050015007f000000050005000a000000050001000600000011000300686173683a69700000000000"], 0x58}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, <r12=>0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], 0x4000013b, 0x2, 0x4, 0x4})
r13 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r13, 0x400454ca, &(0x7f0000000040)={'veth1_to_hsr\x00', 0x6111})
ioctl$TUNSETPERSIST(r13, 0x400454cb, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000580)={0x0, r12, 0x0, 0x0, 0x0, 0x6, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})

211.658465ms ago: executing program 3 (id=2601):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'ip6tnl0\x00', &(0x7f00000000c0)={'syztnl2\x00', <r5=>r2, 0x4, 0x7, 0x6, 0x3f7, 0x28, @ipv4={'\x00', '\xff\xff', @broadcast}, @local, 0x80, 0xb1dec57f897df554, 0x7, 0x2}})
sendmsg$xdp(r4, &(0x7f0000000580)={&(0x7f00000001c0)={0x2c, 0x8, r5, 0x11}, 0x10, &(0x7f0000000500)=[{&(0x7f0000000200)="93af8b8defeabdc991e9584c1509b327be5a675ce8df1b4ef629060fe35a3331119797f68fe2dbc201c88b80452595f46771bb8bfc16ab951f492ecffbecb59f7cfe936e997c41896b441c016d5e6188b9a05776248b64c95b9ef59c281dc4d7f20db613bbf24b43a704be48399a01fb53633fb7e0887430d3c39a96565bc384afd7", 0x82}, {&(0x7f00000002c0)="3bc798be881020c71c760f4b13945543d2d06559da035d8e699c3fd91fd028e3c9cc3c95e00396c65134c4dd6ff558fa6dfddd08f33398fb0dc7d581959cdbe19f94ce9620fb7fe2d613e0e67fd340c1d44fc7a477604c1ed2d79b25a04905adce3ea1799e24bbad60192d9e210cdf112256a2cf8a1ee06389040d066211d3b5e48cfddd86b40c086639d8fd558e22ca0b75ee681345bfd9e691cf338a1cfade1059656b02c510683b16ba9b0d31cf2860206451b9753c5e2d1e179ab33af968f41f4a38aa70ce6bf1d6d8e67504fac081ef43d89593827e38dcc58288799a6358c77e068f0ab3d2127c139d", 0xec}, {&(0x7f00000003c0)="145f118fa92f85357e4f02e8a6a4e78a", 0x10}, {&(0x7f0000000700)="a44e32eb3ee575bc08a46cc93549fdcd1c7acd16ecc0a3a32c0d3523715681e6a0b1bbe0e88430b867bc508ff80ea8ebe995799b3e51ac7d39c42b993c525d7bda7457c9d904dc929370d1bf1e290fccfb35cb024a23fc1be2a07149cbbc1ca1b8c1b760023e8c1c637b3a8c1588147d53b5868563ed7d3c1608c272be3711b26f767efde336e041211624646b5c5ee7089fc98c4a3da8e8835f559b895a62456dab3868f1844d620b4cc22c34d7453b73692c58cef6479da09e48450772b7f49f1102c4c830c8404d3cd656f5fa14c8c96d8e82b0eb23746a887102f4e47e4b812d31e1a88c315f9a20e9e462797fa6bda70c9eed0d06438eaa34d229f3ef21125735b0cb5a13446a5a622fe3a01c8931ed7d01e72b9b15390738da62b28a87386197cf834b222c5ccd65ac48fdbb4a423fa65709054808aa7573634aeb5aec92ed54c2d5d853a7d19c03e37ac5c78e4f9d0eee1f34c761416aeca9ac59f1a88a8445ecc9679a0c66f535c68c9e8d81fa93c415ef6cdaccf5834c6370df54511234b91d4bb522421985fd1a6d2c34efbb63a917f9f1feb6c2b6b300450af02c7d299b496e215089ce0233965c5eaa29eae40c8487c45ce987ac95c8d90316e7b5118de7052e10743bc2ab285629c85ac42930e3285234d647b04ea90bd98611a550229a8a1725fc71bf1694cc00596cb39572f0bb8e1d0092253de4c273d3e412bf6d1d072923c0de9cdc04fa8a135473cccd720ef8792bde1e945c98d8c067c1dc5e4b6cd80174fcae0b329be4a2ce5fcef4194dbc27e7afe547ff0fa0c43951d24a592a1b825ca5860f8378a9fce996c173894024db3c4e75848e536ed76bdd81894dd395f0d005ad3422f3aa270e23589b31ac6c0ac61a9c19a61d0d842e33b673ad9a1f2442884613457118ca3de78bd0f76ef7325b06441f3a6dcaa80e63122c821bd68392269476d12a55d7ec61492be56c6b3c33293f4cfe5278ff62eba2440ec313e0bf65c139aa50ee806a9d3b97f1d5836b267cfe34696067dc38d04227131a099455ec6b14b90669c18fb16fdc6dd732ffa85bc75a9fee2f45c618ecfd647509f0294d555172bc08af464e3f183b134ec6c45f27e1e476b17eb366769096a2d739c667b4748956aca08ad54f5e0e36904c6bfc6db00017192f23fb91af9da57e1bc20899c9a9798f4782e15e703766305e1006da58397768cb0f41cb713ee453694596b1a5682e70f809595a8371796eaa29d73e8897d47e31606fba271e7cce9967947f4961a3d958c66dd90e7cb2e228cfb7fba95d30cc045c2b3b4ea5cfc29f04f70a289a003558f7ac72014cb7e337c5fc133e232b1bfd6171a635f54d0677a3285e06d89ce0fafaf6b0b7347a9ddfd643b124a989a53f929e5659e2a6f8c584ac7919a2959557979b7a5a200519bf560c9f6c5ac4f7963eb84cb94b8e28bccdab8e5db7fd995930aa24718528d1f278d6e21d2b75d2ef6457dc271d6a23c202860a4f380d3f0b42dd965ab9e9d7ad8077b65e8063ddbe46daf7eae9265b8cbe2b13017d007085e3b86e826b2bc37fade7467d8c1d4c745a424e7b78618af13dace3de53c38bbd3fdb0e3e80375d7e47642b0d3e40efd7bae5b7a5ef497ae2a7d8e371237b764d912e64d374dba4b6484cdb7e59026812a998b7333898343fce55c77f22072db59a1e9fc48ecaaafeee797c987c09d7a0357936c0d4e1a8b33d72313531cd522a20ba0cd8e26157cd9140410423e6200e2db06a5d51539fe0671c56f796c153e3261e6e4dc7dad953ccc9cbb3876c3da3bbaac8fd75f688abe6eb837196af9be4f788e43226b6cb5be50df78cb030fdfc44d2ef3234980991583a0f8d6e19f53c8da0efcdfda1d54a3e00bb73afa0ea78dc8505aa75c27d2d99ec8c6f65e9246c70b6b765c11c2503e88685b3f0ac46379ed0b6d3f7741cedcc0339b83994cc93c2995a8a8fc6284f50648ec75504413f23b56ca5e0577023e6fcd9b563eae179ac0a44c6db7f96e6df1588e3883dab9a4822de0179f3f666bfe11685f8e84aeaf40809ef9a69f64545a8ae00f78ad23cf66690dea8e233f0959f1fe4c7ec01e1f990fca739438cd28a7bfbc80aaffeb399dbe12b55b1fabf611089a3a8fc3ee77c07bee610347c6e9863c6b42762c6b00e626c141d8a7add4bd7f166b3bcc535502dab14b4582e4da8f929a69cb2adfd559ebdd97f2d2d6f844314cf29902af7f2f48a23add277dfd5095fb816135888dbe3f9d174f56659f6b8195d0944f7811456df25af8e81d4393958e6335c7f6325bc7002f4ead8f3ae76e33cb08a0577e2c2413bfcc96795c3af21642e0b8431eb9ec178f4b2892ad65ab3c6d49510841cb910268eb805f09b9c5a591841a92854a4f42eec370c5411f21706e3f8c38f52b7a5492d3d73a44e055ea2a2455ca42c43838151255a33f1298701c48248111805a4101505617a55c0ac5d25b6c3bbc7b135ecf1b42633aa6dec1f4480fc90e2feaf5606f968420c3d8fe2a5100fe87f343bf77f44734ac45fe2e8bb551861cfae26fbdec8886857c76f6d6f8b5dfbae87ed80f55c0c6bc0d92e5b73efdcceb76177a03bd7fabeafc54838b5499f58a75c52db774cb2dffb2c00f5796af67fa64930c1ac4e483323c26ca0ca47e8b22cdd54551c373967bfbcabef96cf4177eb09ee96b8c045bd01a603946cae864a4ad1f476d3055abfcfd23c8f7d244811d1da6cbe19c9fcc82a92ce6367be0eed09216385e80be59edc270cc0423dad19de0b0ab64a113bf4db97a507b22a30615f098a9cbd4a2a40a787be97376fd81f3e87cd12487974aa9780f0dd0605c16bc785aa8568862947762e751048063070c50b77116c879b05483350755cef1b45b3c0ff284afc5f272422c287cbeffb04f08823d560758ab9f37260d9738e920fc75f8ccfdd11b81e0876ac375a716d578bab2e27c3822e96e7bca1390b72a376a9998dcc5136965cce3968f034f4301c5f66436210f3bb4a42c1e02858401b05e1135e4e4b272b930b1528205d8f7c39e0d8f108ae4a85e161e86347a143cc9615a9e36ec3e62fc90115752c2597a5783fd4f5a2484be42fc92e8a53a3d6ac23f5cbace1b38023f38144efd7a85e402344e94712146adf1ed8350e401cc1a1d3d64f0effa02205e96bbfd45692b8a11223a044866525dfedefc8ececa3bca0c4beffffc1c5d2a34b054b47c573168ade25d8ac383d6d77c5e4d1878e51f22f8414ba39644878dcacf75f39346e1f7e6dfc58092d66bea1ad2d82c565cd27942747740a74fbbba97ce27a73245cbb9fab146c70a2d53e8c0ddeb4d4d1ed1e2d3408c0971fdbeab5d903d3dbe5ba0802857458ef93c5b978a39a5e1b0e0144dcb0509b5ec2a7833d7faa24a99b7e71a1eab3080e3c16d48f835b7b8298acba8a2bc0ce59e765bab646bb9043d6377e1283f88c491e45bea4df8f494d2b76c5ef4dd591b06deefb2adf5bca2404be9956536d268d582ffcb446b5ede5ba1f91116d00983e644a4ed29fdb8324a40f5e398dddc5e5c7bfe6e0068f6e5341041802ebe41817188cc0e4aebf2c586a10ebcd729e2abe188bc29aceddd3afae8481049400885e9444220c54edf191c9ccff0b0e901f708476836cb7449c67eb5e9e80dd7687f5c77790fe4835ec1afdd4a647d3ae158653ee706641fcd258792a1e266731bef2d928ff86033c53c51cd81e8ef34080d103a776effe0c544937d5d54db64574813a9024e19dc55de6e6fefc49cd397471bf38313d30f10bfe1d291080694a40d7ec4ecff397fa08b2dd0a191115d6eff51d6994509d025cc94e49dbf4bb1c85599b54dc1b7318f83a821fa7e14fb419f4c060aa466da13cf27d44d99f3767cb74d97f5a90bf5bde0e42499bcbf146f1a1ecafcf3033873ecbc6e8dcf44e36c033a9adefb0e21b059b79d8a99142bfd9ba606370f0addc4a80fb41bd0fc23d4a0b7198afb51c12ccab570dc5a4487d489b72ff2341e589fb32ae8b6dd3e25d9f1e11a77b6dd77619f3f9a4ffb0a37ebb0e5bec567dee1122d8beb9746a05d3aed74b2591bb6b8c4498cb90b4fd4c3fddf73046a0c46bd4c3e2170f08a3a3ad7ae41a7b8423e65e4589b75654424a0e4fa1e7f831d20e1f8bc2b30e9324914144e86c7ae1ad1fab64305ad8c9bb94d6bbe2ad2bdbddd14cced9a0fb374e1ad66e0fd0071f6d5471dd4283564c6069140c181e55cd7fb5d134073cc7fc5731ea12db9b439e29f1924bd770eee6c4533f76088aae0fddeb3ade77bafdd4c78bbf9fd906a76515ebc3cb150345fa5fecdb80de796851ce3f2b6830123ec8f766d46f46a95b8e504b77014e3e9597117de8caa33b6e4df56b0af787cbe91f32a4e0bcace6c1d1c21d69aea0420cc4fab0a74366def78881fd46ca5af712a7eb94bb95d49a1bd1053d1a698ce9aa87e6093091c6630dc05f983f3bf21c4d9449fed49e723b5353f4b25d668dae171a1634c21dfe5a9ee83b6783c631e755d632b9d204161878f67908fb3a89965a5666d3a6c897d6dce122aaf204de5a79ff31ec53c9940bacb1de192512ebb2be892a8e9aa771b646f61d79a9ba141858a402a5dd9546a943366a4513b71a053810ca91a55cd114cd81cf1afc906801816f4f0e9317625659a1a7d8f3ecbb81d40ee99d7bb4bc429bf80318488c1a5fde3ab67c72351c335584c5e73866eb50b91f18ab80c830a753a2fbf1876a7e931834ce78485da32396fe0c51491839d067b410799681a95bb6f1044a5c3575881e01133171dbec14cda76a9d02e24333a1a4e9ab6e76f5380a0b7ee2879a64cda7b94a24533c035f12c3dc7165eb9300e1f2dcc6467011715e95387ead8f15181beafd73d3e02ea5d60bc0b28076c0d6e7057ab075e05f026ff5e48b2ad3f8420bc55b3a817e13bd68984dafee8ad06e0f764b71c94af9dbab711cb3dc0729faba612cd7087fc2ed3a6add7bbf32716a6c9bef11f47f7d3eda16458ad1d56b29985da10bd58ec84cf57ba07a7f2ceb41ca3c0326ca76c48d313672f3a6cd8db7b92228bf0c8a85c361094c74f58b0f71ab3ea3cb888b537100d53a961b3fa2b24d115103be5b6474457c938d3d5fdb6d79dc870eef50e7513274e94630c0d337a42e3fd0186f8850c1ccddc7167138ba837eeeefb24f5555669ce7950633f481fc980bbd1bb42051c65b57f6e3d6d9f964b83633eef77771ac082ee669ecb77c1f1497bd83f356d24221b2a22d4ed121dd169aa4b63abe262d5709077ddb6ed27dd29a3646497a7bd37433fff4b6bda2caf1ce8bcb47e1217ec7308ceae1a71e025874200f3b854c2fa0237a1969b54015d096eff506da60d676d16041f11ac7419e55c1150b98f535541e40c45a6cc57fff3048d46c65a52d1825937f5d876441fc2957ef5e82703f104f980592804c40e3b0c3677d40ccba7f83f62f09a36816aee48161cf3496a86b1a4d4d3644dbc217a2f65f8f7032f51497901ea5615cdcc9eb1b2551a741f3d94cdd33ec42a7458eccba85d5b22448c4e4265431d117f43afa6024ce83aad92b831ffcf184ada115448b864b5b73f4c24ddf616269f12e33317f90921a0d6fb95978ffa3bd1e30308d2d3f2c4e0dc4476c0ed7a2d7f023f1480b80a34e8ccd98f40be9c10e0f76667d08ac3c8185875257bb995984655b141622c8cfa7f3e55b3996787ee18810df1fba9120ade4e1681ed1092e82d12b124469cf24acb06c962952d701c701ccbc4fcba2750d08eb1adf4814bd9d778ada3ab1c6", 0x1000}, {&(0x7f0000000400)="3d7ac7141e4fcc97db8c6df3a2e83a2ee25cc32c9f2f8c3bae6dbbb8422a6b7b3697fb4228a174100305bfd900de0d0eaceef5ec22b85fdd386323778528db65ad968f17bd09e62b99e0efb591eadfd97765cdf2aac0a3fbca6e4ed8450a98132d9539d9b263a27c56980583eb7840838013c19f5e9fa3d2bff21802e7eabfa1f088508a3f3ccfe3ceb64220cf77e44d8159ff8a39d2da624d7000a59dc77d0fd9a20f8380105d5a6e11e1fa5bd5f8b428b42dfa3fdd420aa8812498bccd8e48e1df493a917353e91e92470419", 0xcd}], 0x5, 0x0, 0x0, 0x4}, 0x10004140)
ioctl$TFD_IOC_SET_TICKS(r3, 0x40085400, &(0x7f0000000140)=0x7)
sendmsg$nl_route(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000000)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x200088c5}, 0x40840)
fcntl$dupfd(r0, 0x0, r0)

141.628894ms ago: executing program 3 (id=2602):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000500)={'pimreg0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
memfd_create(&(0x7f0000000080)='}\xa4-}3q\xe4\x83a\x0f\xa4\x18d{\x00', 0x3)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000540)=ANY=[@ANYBLOB="1200000081000000080000000200000000000000748fe833e5b6608c44dc", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{0x1}, &(0x7f0000000200), &(0x7f0000000240)='%-010d \x00'}, 0x20)
r1 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r1], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0xcf, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x20000, 0x1f9}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x3c}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x4e, 0x2004, @fd_index=0x6, 0xfffffffffffffff9, 0x0, 0x0, 0x8, 0x0, {0x3}})
io_uring_enter(r2, 0x7f1e, 0x4000000, 0x40, 0x0, 0x0)

61.495666ms ago: executing program 3 (id=2603):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x1)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB="0101000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xb8}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

61.211786ms ago: executing program 3 (id=2604):
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='\t\x00\x00\x00\f'], 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
vmsplice(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)='wi', 0x2}], 0x1, 0x1)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00', @ANYRES16=r4, @ANYBLOB="010100000000000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

264.72µs ago: executing program 3 (id=2605):
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x77, 0x101101)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6b", 0x2a}, {&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bd98dbb2ab76919ba5c1020e80bd0659e82d861dc6fe4c62639134c504aa438689d28748c22ebfe2772d64b64e706d94864d785dcc6b24fff7858b2a4edb673503cf002e28e331bc529b433cd74ab6c48a2c", 0xf6}, {&(0x7f0000000180)="5be3b011e12323e4ab88c0472f0700000000000000e71ba62334303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf648c9100000000000000006a8f4f5405596e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff7", 0xd8}, {&(0x7f0000001000)="bd2f6aa36cea0e4bccda24dc5bd69ad762e998d923018ec9f30d63c7059c3c786069915581888508ff589f82857ff546b23b88d6bd61f1efc982005bf6c9abc4fe2caf32ef3ff105b69346a4d09afd7b0b8bd5f8c25f0eab84d8ad1b6576552ee2acc2ef0a9b0f9964d5705db134bdd9f261b7349aeede1c42e31b1082eec37b959d16afb967f54c471f2c7922c3c069f6a67c6ffee04bb1106c7e99752f50c7efdfa8afc8bd11acfc7a82e59dc5ffc88775bf6c9794b3ca2f475d25203ec0e0dd996b25d908e16539ac6e6086da296964d83ba527dcb6e7de403ef2a089ba3a5e094333a951cb48b75ac346a4783121dbceeef0a14f71fce2f4eb8bb7e758a67b9f7bd6231f410120746c1450cfd1aa4ba36a3bf20ded587f261a4c980fcd1e966d88d1c82912a289858e876d45f85516db0e8aa12e436a4faf2ffccc7b12c716a3f0499246752636a5b5e3762fa5dff7e78942123a253565e3058926808ee581d47fdd34118121a5", 0x169}], 0x4}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="b5d383823677f025217943343e363268a73daecfa0fdc5beb5a7ac332a11533627b41dbe33a6be0055bf716aa2b23b97d43cc40c632f6b9850f364ba0831ed0d6f7157f204275aa850d992d81ba6ab984bd809254e847b644cf6459a813bc3ebba62168141343c9938965233cdaef85778ce05c77e962fd6bf3a4b9eb05654e64f1867398e202b4920e8ebc08f6e6dc652a12e000000000000000000dabfc714629971d55b52192c803e89147c9434e190ba2de9c450883623e826c07629f995ad852ebf1727f940374dd2245519c82a823f551fb0df615425f7e0d6ec20e4d85814cc430ee2fcc6145748301f", 0xed}, {&(0x7f0000000500)="e47ecfc6ce6d4d9cc5a0fbf98f301803da3adfbec8a1d5324076b744b24bc7cf83120d4819726e827d90219c7100dc5480", 0x31}], 0x2}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x22280, 0x0)
getsockopt$sock_buf(r1, 0x1, 0x3d, 0x0, &(0x7f0000000280))
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r2, 0x113, 0x1, &(0x7f0000000000), 0x4)

0s ago: executing program 3 (id=2606):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newtaction={0x14, 0x30, 0x1}, 0x14}}, 0x480)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2a}, 0xa}, 0x20)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000300))
r3 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x4788, r5, 0x36}, 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)='O', 0x28}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, &(0x7f0000000040)={0x1, 0x7f, 0x1f, 0x0, 0x83})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c90010000c"], 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x7, 0x2}, {0x4}}}}, 0xf)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x8, 0x2)

kernel console output (not intermixed with test programs):

 153.629246][T10956] FAULT_INJECTION: forcing a failure.
[  153.629246][T10956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.634234][T10956] CPU: 0 UID: 0 PID: 10956 Comm: syz.1.1892 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  153.634256][T10956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.634266][T10956] Call Trace:
[  153.634273][T10956]  <TASK>
[  153.634279][T10956]  dump_stack_lvl+0x16c/0x1f0
[  153.634328][T10956]  should_fail_ex+0x512/0x640
[  153.634358][T10956]  _copy_from_user+0x2e/0xd0
[  153.634381][T10956]  copy_msghdr_from_user+0x98/0x160
[  153.634406][T10956]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  153.634456][T10956]  ___sys_sendmsg+0xfe/0x1d0
[  153.634486][T10956]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.634539][T10956]  __sys_sendmsg+0x16d/0x220
[  153.634562][T10956]  ? __pfx___sys_sendmsg+0x10/0x10
[  153.634591][T10956]  ? rcu_is_watching+0x12/0xc0
[  153.634620][T10956]  do_syscall_64+0xcd/0x260
[  153.634646][T10956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.634662][T10956] RIP: 0033:0x7f3d5698d169
[  153.634676][T10956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.634692][T10956] RSP: 002b:00007f3d57780038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  153.634708][T10956] RAX: ffffffffffffffda RBX: 00007f3d56ba5fa0 RCX: 00007f3d5698d169
[  153.634719][T10956] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  153.634728][T10956] RBP: 00007f3d57780090 R08: 0000000000000000 R09: 0000000000000000
[  153.634738][T10956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.634747][T10956] R13: 0000000000000000 R14: 00007f3d56ba5fa0 R15: 00007ffeec969f88
[  153.634770][T10956]  </TASK>
[  153.755655][   T40] audit: type=1400 audit(1743402030.052:515): avc:  denied  { write } for  pid=10960 comm="syz.0.1894" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  153.757770][T10961] openvswitch: netlink: Multiple metadata blocks provided
[  153.774495][   T40] audit: type=1400 audit(1743402030.052:516): avc:  denied  { ioctl } for  pid=10960 comm="syz.0.1894" path="/dev/nvram" dev="devtmpfs" ino=631 ioctlcmd=0x5403 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  154.011269][T10979] netlink: 'syz.3.1901': attribute type 1 has an invalid length.
[  154.051989][T10979] 8021q: adding VLAN 0 to HW filter on device bond31
[  154.056286][T10979] bond30: (slave bond31): making interface the new active one
[  154.058875][T10979] bond30: (slave bond31): Enslaving as an active interface with an up link
[  154.071179][T10979] 8021q: adding VLAN 0 to HW filter on device bond30
[  154.108936][T10990] FAULT_INJECTION: forcing a failure.
[  154.108936][T10990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.112791][T10990] CPU: 3 UID: 0 PID: 10990 Comm: syz.3.1904 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  154.112805][T10990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.112812][T10990] Call Trace:
[  154.112815][T10990]  <TASK>
[  154.112819][T10990]  dump_stack_lvl+0x16c/0x1f0
[  154.112837][T10990]  should_fail_ex+0x512/0x640
[  154.112852][T10990]  _copy_from_user+0x2e/0xd0
[  154.112866][T10990]  ucma_write+0x128/0x330
[  154.112877][T10990]  ? __pfx_ucma_write+0x10/0x10
[  154.112886][T10990]  ? bpf_lsm_file_permission+0x9/0x10
[  154.112900][T10990]  ? security_file_permission+0x71/0x210
[  154.112910][T10990]  ? rw_verify_area+0xcf/0x680
[  154.112923][T10990]  vfs_write+0x25c/0x1180
[  154.112934][T10990]  ? __pfx_ucma_write+0x10/0x10
[  154.112946][T10990]  ? __pfx_vfs_write+0x10/0x10
[  154.112957][T10990]  ? find_held_lock+0x2b/0x80
[  154.112971][T10990]  ? __fget_files+0x204/0x3c0
[  154.112986][T10990]  ? __fget_files+0x20e/0x3c0
[  154.113002][T10990]  ksys_write+0x205/0x240
[  154.113014][T10990]  ? __pfx_ksys_write+0x10/0x10
[  154.113025][T10990]  ? rcu_is_watching+0x12/0xc0
[  154.113041][T10990]  do_syscall_64+0xcd/0x260
[  154.113057][T10990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.113067][T10990] RIP: 0033:0x7fd34018d169
[  154.113076][T10990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.113085][T10990] RSP: 002b:00007fd34104f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  154.113095][T10990] RAX: ffffffffffffffda RBX: 00007fd3403a5fa0 RCX: 00007fd34018d169
[  154.113101][T10990] RDX: 0000000000000030 RSI: 0000200000000040 RDI: 0000000000000003
[  154.113107][T10990] RBP: 00007fd34104f090 R08: 0000000000000000 R09: 0000000000000000
[  154.113112][T10990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.113118][T10990] R13: 0000000000000000 R14: 00007fd3403a5fa0 R15: 00007ffda9760818
[  154.113130][T10990]  </TASK>
[  154.119882][T10991] Bluetooth: Error in BCSP hdr checksum
[  154.184802][   T40] audit: type=1400 audit(1743402030.482:517): avc:  denied  { read } for  pid=10989 comm="syz.2.1905" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  154.394683][ T5999] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  154.554590][ T5999] usb 8-1: Using ep0 maxpacket: 16
[  154.559324][ T5999] usb 8-1: config 0 has no interfaces?
[  154.562978][ T5999] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  154.566407][ T5999] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.569198][ T5999] usb 8-1: Product: syz
[  154.570602][ T5999] usb 8-1: Manufacturer: syz
[  154.572218][ T5999] usb 8-1: SerialNumber: syz
[  154.576357][ T5999] usb 8-1: config 0 descriptor??
[  154.789608][ T5999] usb 8-1: USB disconnect, device number 6
[  155.456977][T11018] __nla_validate_parse: 11 callbacks suppressed
[  155.456991][T11018] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1915'.
[  155.783057][T11029] overlayfs: failed to resolve './file0': -40
[  155.905098][T11040] Cache volume key already in use (9p,syz,)
[  155.926262][T11040] overlayfs: failed to resolve './file0': -40
[  156.187288][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  156.187640][ T5951] Bluetooth: hci4: command 0x1003 tx timeout
[  156.296850][T11071] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  156.449353][T11077] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1935'.
[  156.456367][   T40] audit: type=1326 audit(1743402032.752:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11076 comm="syz.3.1935" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd34018d169 code=0x0
[  156.573634][T11080] input: syz1 as /devices/virtual/input/input22
[  156.933298][T11090] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1938'.
[  156.939452][T11090] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1938'.
[  157.049305][T11096] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  157.058180][T11096] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  157.063506][T11096] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  157.069222][T11096] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  157.115951][T11098] FAULT_INJECTION: forcing a failure.
[  157.115951][T11098] name failslab, interval 1, probability 0, space 0, times 0
[  157.119445][T11098] CPU: 0 UID: 0 PID: 11098 Comm: syz.1.1942 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  157.119463][T11098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.119469][T11098] Call Trace:
[  157.119481][T11098]  <TASK>
[  157.119485][T11098]  dump_stack_lvl+0x16c/0x1f0
[  157.119517][T11098]  should_fail_ex+0x512/0x640
[  157.119534][T11098]  ? fs_reclaim_acquire+0xae/0x150
[  157.119547][T11098]  ? tomoyo_encode2+0x100/0x3e0
[  157.119556][T11098]  should_failslab+0xc2/0x120
[  157.119572][T11098]  __kmalloc_noprof+0xd2/0x510
[  157.119586][T11098]  ? d_absolute_path+0x136/0x1a0
[  157.119598][T11098]  tomoyo_encode2+0x100/0x3e0
[  157.119609][T11098]  tomoyo_encode+0x29/0x50
[  157.119617][T11098]  tomoyo_realpath_from_path+0x18f/0x6e0
[  157.119630][T11098]  tomoyo_path_number_perm+0x245/0x580
[  157.119644][T11098]  ? tomoyo_path_number_perm+0x237/0x580
[  157.119658][T11098]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  157.119673][T11098]  ? find_held_lock+0x2b/0x80
[  157.119698][T11098]  ? find_held_lock+0x2b/0x80
[  157.119711][T11098]  ? hook_file_ioctl_common+0x145/0x410
[  157.119725][T11098]  ? __fget_files+0x20e/0x3c0
[  157.119741][T11098]  security_file_ioctl+0x9b/0x240
[  157.119757][T11098]  __x64_sys_ioctl+0xb7/0x200
[  157.119769][T11098]  do_syscall_64+0xcd/0x260
[  157.119785][T11098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.119795][T11098] RIP: 0033:0x7f3d5698d169
[  157.119803][T11098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.119813][T11098] RSP: 002b:00007f3d57780038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.119823][T11098] RAX: ffffffffffffffda RBX: 00007f3d56ba5fa0 RCX: 00007f3d5698d169
[  157.119829][T11098] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 000000000000000e
[  157.119835][T11098] RBP: 00007f3d57780090 R08: 0000000000000000 R09: 0000000000000000
[  157.119841][T11098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.119846][T11098] R13: 0000000000000000 R14: 00007f3d56ba5fa0 R15: 00007ffeec969f88
[  157.119859][T11098]  </TASK>
[  157.119869][T11098] ERROR: Out of memory at tomoyo_realpath_from_path.
[  157.610905][   T40] audit: type=1400 audit(1743402033.902:519): avc:  denied  { write } for  pid=11110 comm="syz.0.1948" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  157.766930][T11111] netlink: 'syz.0.1948': attribute type 2 has an invalid length.
[  157.769614][T11111] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1948'.
[  157.955002][   T29] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  157.987656][ T5943] Bluetooth: hci0: Malformed LE Event: 0x1d
[  158.057797][T11133] vcan0 speed is unknown, defaulting to 1000
[  158.114929][   T29] usb 7-1: Using ep0 maxpacket: 8
[  158.121348][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  158.130033][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  158.132454][   T29] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  158.135221][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.146667][   T29] usb 7-1: config 0 descriptor??
[  158.166840][T11136] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11136 comm=syz.1.1957
[  158.285666][T11142] openvswitch: netlink: Duplicate or invalid key (type 0).
[  158.288021][T11142] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  158.351866][   T29] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  158.552893][T11113] ntfs3: Unknown parameter 'discardm'
[  158.554702][   T40] audit: type=1400 audit(1743402034.842:520): avc:  denied  { mounton } for  pid=11112 comm="syz.2.1949" path="/518/bus" dev="tmpfs" ino=2825 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  158.593751][  T836] usb 7-1: USB disconnect, device number 14
[  158.637331][T11151] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1960'.
[  158.639804][T11151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1960'.
[  159.130458][   T40] audit: type=1400 audit(1743402035.422:521): avc:  denied  { getopt } for  pid=11170 comm="syz.1.1969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  159.359982][T11180] netlink: 'syz.1.1972': attribute type 1 has an invalid length.
[  159.390042][T11180] 8021q: adding VLAN 0 to HW filter on device bond19
[  159.394107][T11180] bond18: (slave bond19): making interface the new active one
[  159.397879][T11180] bond18: (slave bond19): Enslaving as an active interface with an up link
[  159.405589][T11180] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1972'.
[  159.410844][T11180] 8021q: adding VLAN 0 to HW filter on device bond18
[  159.443293][T11187] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11187 comm=syz.2.1974
[  159.632411][   T40] audit: type=1400 audit(1743402035.922:522): avc:  denied  { setopt } for  pid=11199 comm="syz.1.1980" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  160.444661][  T836] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  160.536863][T11221] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11221 comm=syz.1.1988
[  160.594528][  T836] usb 7-1: Using ep0 maxpacket: 16
[  160.597942][  T836] usb 7-1: config 0 has no interfaces?
[  160.601744][  T836] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  160.606810][  T836] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.609676][  T836] usb 7-1: Product: syz
[  160.611216][  T836] usb 7-1: Manufacturer: syz
[  160.612936][  T836] usb 7-1: SerialNumber: syz
[  160.615497][  T836] usb 7-1: config 0 descriptor??
[  160.827338][ T5999] usb 7-1: USB disconnect, device number 15
[  161.024392][   T40] audit: type=1400 audit(1743402037.312:523): avc:  denied  { mount } for  pid=11242 comm="syz.0.1997" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  161.031240][   T40] audit: type=1400 audit(1743402037.322:524): avc:  denied  { remount } for  pid=11242 comm="syz.0.1997" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  161.153699][   T40] audit: type=1400 audit(1743402037.442:525): avc:  denied  { unmount } for  pid=5944 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  161.392406][T11266] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2005'.
[  161.398802][   T40] audit: type=1326 audit(1743402037.692:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11265 comm="syz.3.2005" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd34018d169 code=0x0
[  161.764542][  T836] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  161.934487][  T836] usb 7-1: Using ep0 maxpacket: 16
[  161.937196][  T836] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  161.941469][  T836] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  161.944294][  T836] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.948079][  T836] usb 7-1: config 0 descriptor??
[  161.952661][  T836] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input24
[  162.153550][T11276] input: syz0 as /devices/virtual/input/input25
[  162.284912][T11296] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2017'.
[  163.291210][T11322] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2027'.
[  163.299692][T11324] sp0: Synchronizing with TNC
[  163.413038][T11327] syzkaller0: entered promiscuous mode
[  163.415243][T11327] syzkaller0: entered allmulticast mode
[  163.803468][T11345] overlayfs: failed to resolve './file0': -40
[  163.863368][T11350] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2038'.
[  164.060497][   T40] audit: type=1400 audit(1743402040.352:527): avc:  denied  { allowed } for  pid=11357 comm="syz.3.2041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  164.128918][T11363] netlink: 'syz.3.2043': attribute type 1 has an invalid length.
[  164.162962][T11363] 8021q: adding VLAN 0 to HW filter on device bond33
[  164.165755][T11363] bond32: (slave bond33): making interface the new active one
[  164.168049][T11363] bond32: (slave bond33): Enslaving as an active interface with an up link
[  164.173045][T11363] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2043'.
[  164.177005][T11363] 8021q: adding VLAN 0 to HW filter on device bond32
[  164.227200][   T40] audit: type=1400 audit(1743402040.522:528): avc:  denied  { mounton } for  pid=11368 comm="syz.3.2045" path="/522/file0/bus" dev="ramfs" ino=52316 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  164.230266][T11369] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  164.236797][T11369] overlayfs: failed to set xattr on upper
[  164.238380][T11369] overlayfs: ...falling back to redirect_dir=nofollow.
[  164.240339][T11369] overlayfs: ...falling back to index=off.
[  164.241986][T11369] overlayfs: ...falling back to uuid=null.
[  164.380013][T11375] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2048'.
[  164.512062][   T58] usb 7-1: USB disconnect, device number 16
[  164.512698][ T5338] bcm5974 7-1:0.0: could not read from device
[  164.520380][ T5955] bcm5974 7-1:0.0: could not read from device
[  164.566010][T11389] overlayfs: failed to resolve './file0': -40
[  164.757454][   T40] audit: type=1326 audit(1743402041.052:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11397 comm="syz.0.2056" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fac4378d169 code=0x0
[  165.179389][   T40] audit: type=1400 audit(1743402041.472:530): avc:  denied  { ioctl } for  pid=11406 comm="syz.2.2059" path="/dev/vhost-net" dev="devtmpfs" ino=1300 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  165.183871][T11407] netlink: 160 bytes leftover after parsing attributes in process `syz.2.2059'.
[  165.229064][T11410] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2060'.
[  165.231597][T11410] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2060'.
[  165.234093][T11410] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2060'.
[  165.280324][T11412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=11412 comm=syz.2.2061
[  165.283803][T11412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2562 sclass=netlink_route_socket pid=11412 comm=syz.2.2061
[  165.287721][T11412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=11412 comm=syz.2.2061
[  165.292571][T11412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=11412 comm=syz.2.2061
[  165.391019][   T40] audit: type=1400 audit(1743402041.682:531): avc:  denied  { read write } for  pid=11423 comm="syz.2.2067" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  165.398402][   T40] audit: type=1400 audit(1743402041.682:532): avc:  denied  { open } for  pid=11423 comm="syz.2.2067" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  165.405131][   T40] audit: type=1400 audit(1743402041.692:533): avc:  denied  { map } for  pid=11423 comm="syz.2.2067" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  165.412987][   T40] audit: type=1400 audit(1743402041.692:534): avc:  denied  { execute } for  pid=11423 comm="syz.2.2067" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  165.782905][T11438] FAULT_INJECTION: forcing a failure.
[  165.782905][T11438] name failslab, interval 1, probability 0, space 0, times 0
[  165.787859][T11438] CPU: 0 UID: 0 PID: 11438 Comm: syz.2.2072 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  165.787882][T11438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.787891][T11438] Call Trace:
[  165.787897][T11438]  <TASK>
[  165.787903][T11438]  dump_stack_lvl+0x16c/0x1f0
[  165.787950][T11438]  should_fail_ex+0x512/0x640
[  165.787975][T11438]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  165.787998][T11438]  should_failslab+0xc2/0x120
[  165.788024][T11438]  __kmalloc_cache_noprof+0x6a/0x3e0
[  165.788043][T11438]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.788059][T11438]  ? drm_atomic_state_alloc+0xb8/0x120
[  165.788081][T11438]  drm_atomic_state_alloc+0xb8/0x120
[  165.788099][T11438]  drm_mode_atomic_ioctl+0x393/0x25f0
[  165.788121][T11438]  ? avc_has_extended_perms+0x33a/0x1090
[  165.788144][T11438]  ? avc_has_extended_perms+0x47c/0x1090
[  165.788165][T11438]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  165.788183][T11438]  ? __lock_acquire+0xaa4/0x1ba0
[  165.788214][T11438]  ? drm_is_current_master+0x2c/0x40
[  165.788232][T11438]  ? do_raw_spin_unlock+0x172/0x230
[  165.788253][T11438]  drm_ioctl_kernel+0x1f1/0x3e0
[  165.788274][T11438]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  165.788298][T11438]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  165.788327][T11438]  drm_ioctl+0x5c9/0xc30
[  165.788351][T11438]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  165.788371][T11438]  ? __pfx_drm_ioctl+0x10/0x10
[  165.788403][T11438]  ? selinux_file_ioctl+0x180/0x270
[  165.788419][T11438]  ? selinux_file_ioctl+0xb4/0x270
[  165.788435][T11438]  ? __pfx_drm_ioctl+0x10/0x10
[  165.788459][T11438]  __x64_sys_ioctl+0x190/0x200
[  165.788478][T11438]  do_syscall_64+0xcd/0x260
[  165.788501][T11438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.788516][T11438] RIP: 0033:0x7fee9fb8d169
[  165.788550][T11438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.788564][T11438] RSP: 002b:00007feea0a29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.788579][T11438] RAX: ffffffffffffffda RBX: 00007fee9fda5fa0 RCX: 00007fee9fb8d169
[  165.788590][T11438] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 000000000000000e
[  165.788600][T11438] RBP: 00007feea0a29090 R08: 0000000000000000 R09: 0000000000000000
[  165.788609][T11438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.788618][T11438] R13: 0000000000000000 R14: 00007fee9fda5fa0 R15: 00007ffe5e6f1028
[  165.788640][T11438]  </TASK>
[  166.221253][T11461] overlayfs: failed to resolve './file0': -40
[  166.365230][  T834] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  166.544510][  T834] usb 6-1: Using ep0 maxpacket: 16
[  166.547617][  T834] usb 6-1: config 0 has no interfaces?
[  166.551627][  T834] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  166.554207][  T834] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.557083][  T834] usb 6-1: Product: syz
[  166.558268][  T834] usb 6-1: Manufacturer: syz
[  166.559573][  T834] usb 6-1: SerialNumber: syz
[  166.562236][  T834] usb 6-1: config 0 descriptor??
[  166.601994][   T40] audit: type=1400 audit(1743402042.892:535): avc:  denied  { sqpoll } for  pid=11477 comm="syz.0.2087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  166.612776][   T40] audit: type=1400 audit(1743402042.902:536): avc:  denied  { create } for  pid=11477 comm="syz.0.2087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  166.619878][   T40] audit: type=1400 audit(1743402042.902:537): avc:  denied  { getopt } for  pid=11477 comm="syz.0.2087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  166.772583][  T834] usb 6-1: USB disconnect, device number 12
[  166.886658][T11494] netlink: 'syz.2.2093': attribute type 1 has an invalid length.
[  166.916581][T11494] 8021q: adding VLAN 0 to HW filter on device bond18
[  166.919902][T11494] bond17: (slave bond18): making interface the new active one
[  166.922988][T11494] bond17: (slave bond18): Enslaving as an active interface with an up link
[  166.929122][T11494] __nla_validate_parse: 1 callbacks suppressed
[  166.929135][T11494] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2093'.
[  166.936100][T11494] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2093'.
[  166.939999][T11494] 8021q: adding VLAN 0 to HW filter on device bond17
[  166.983698][T11499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2094'.
[  167.242581][T11506] FAULT_INJECTION: forcing a failure.
[  167.242581][T11506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.247666][T11506] CPU: 3 UID: 0 PID: 11506 Comm: syz.2.2097 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  167.247689][T11506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.247698][T11506] Call Trace:
[  167.247705][T11506]  <TASK>
[  167.247711][T11506]  dump_stack_lvl+0x16c/0x1f0
[  167.247741][T11506]  should_fail_ex+0x512/0x640
[  167.247765][T11506]  _copy_from_user+0x2e/0xd0
[  167.247788][T11506]  copy_msghdr_from_user+0x98/0x160
[  167.247812][T11506]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  167.247847][T11506]  ___sys_sendmsg+0xfe/0x1d0
[  167.247870][T11506]  ? __pfx____sys_sendmsg+0x10/0x10
[  167.247923][T11506]  __sys_sendmsg+0x16d/0x220
[  167.247947][T11506]  ? __pfx___sys_sendmsg+0x10/0x10
[  167.247985][T11506]  do_syscall_64+0xcd/0x260
[  167.248012][T11506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.248030][T11506] RIP: 0033:0x7fee9fb8d169
[  167.248043][T11506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.248058][T11506] RSP: 002b:00007feea0a29038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  167.248074][T11506] RAX: ffffffffffffffda RBX: 00007fee9fda5fa0 RCX: 00007fee9fb8d169
[  167.248084][T11506] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000003
[  167.248094][T11506] RBP: 00007feea0a29090 R08: 0000000000000000 R09: 0000000000000000
[  167.248103][T11506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.248113][T11506] R13: 0000000000000000 R14: 00007fee9fda5fa0 R15: 00007ffe5e6f1028
[  167.248134][T11506]  </TASK>
[  167.383978][T11512] overlayfs: failed to resolve './file0': -40
[  167.405088][T11516] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2099'.
[  167.407630][T11516] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2099'.
[  167.410246][T11516] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2099'.
[  167.412720][T11516] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2099'.
[  167.589929][T11528] netlink: 'syz.0.2106': attribute type 1 has an invalid length.
[  167.624586][T11528] 8021q: adding VLAN 0 to HW filter on device bond21
[  167.628290][T11528] bond20: (slave bond21): making interface the new active one
[  167.631385][T11528] bond20: (slave bond21): Enslaving as an active interface with an up link
[  167.636935][T11528] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2106'.
[  167.640624][T11528] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2106'.
[  167.644130][T11528] 8021q: adding VLAN 0 to HW filter on device bond20
[  167.853398][T11546] overlayfs: failed to resolve './file0': -40
[  167.854620][   T57] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  168.004597][   T57] usb 7-1: Using ep0 maxpacket: 16
[  168.007634][   T57] usb 7-1: config 0 has no interfaces?
[  168.010543][   T57] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  168.013423][   T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.015591][   T57] usb 7-1: Product: syz
[  168.016697][   T57] usb 7-1: Manufacturer: syz
[  168.017901][   T57] usb 7-1: SerialNumber: syz
[  168.020829][   T57] usb 7-1: config 0 descriptor??
[  168.056180][T11554] overlayfs: conflicting options: userxattr,redirect_dir=on
[  168.059705][   T40] audit: type=1400 audit(1743402044.352:538): avc:  denied  { getopt } for  pid=11553 comm="syz.0.2117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  168.065532][T11555] overlayfs: conflicting options: userxattr,redirect_dir=on
[  168.101785][T11561] netlink: 'syz.0.2118': attribute type 1 has an invalid length.
[  168.122788][T11561] 8021q: adding VLAN 0 to HW filter on device bond23
[  168.126114][T11561] bond22: (slave bond23): making interface the new active one
[  168.128436][T11561] bond22: (slave bond23): Enslaving as an active interface with an up link
[  168.132198][T11561] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2118'.
[  168.136644][T11561] 8021q: adding VLAN 0 to HW filter on device bond22
[  168.230718][   T58] usb 7-1: USB disconnect, device number 17
[  168.388317][T11589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.391470][T11589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.394149][T11589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.398926][T11589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.402213][T11589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.405121][T11589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.481273][T11597] netlink: 'syz.1.2127': attribute type 1 has an invalid length.
[  168.515399][T11597] 8021q: adding VLAN 0 to HW filter on device bond22
[  168.519494][T11597] bond21: (slave bond22): making interface the new active one
[  168.522005][T11597] bond21: (slave bond22): Enslaving as an active interface with an up link
[  168.529365][T11597] 8021q: adding VLAN 0 to HW filter on device bond21
[  168.615055][T11605] overlayfs: failed to resolve './file0': -40
[  168.846041][T11623] hfs: unable to load iocharset "io#harset"
[  168.972302][T11636] 9p: Unknown Cache mode or invalid value fsca
[  169.078327][T11644] pimreg: entered allmulticast mode
[  169.081342][T11644] pimreg: left allmulticast mode
[  169.224639][ T1337] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  169.264587][  T835] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  169.360168][T11656] bond0: (slave ip6_vti0): Error: Device type is different from other slaves
[  169.385063][ T1337] usb 6-1: Using ep0 maxpacket: 16
[  169.388018][ T1337] usb 6-1: config 0 has no interfaces?
[  169.391298][ T1337] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  169.394100][ T1337] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.397711][ T1337] usb 6-1: Product: syz
[  169.399076][ T1337] usb 6-1: Manufacturer: syz
[  169.400359][ T1337] usb 6-1: SerialNumber: syz
[  169.402624][ T1337] usb 6-1: config 0 descriptor??
[  169.444622][  T835] usb 8-1: Using ep0 maxpacket: 16
[  169.447500][  T835] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.450510][  T835] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.453227][  T835] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  169.457558][  T835] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  169.460024][  T835] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.463193][  T835] usb 8-1: config 0 descriptor??
[  169.617766][   T10] usb 6-1: USB disconnect, device number 13
[  169.810617][T11678] vlan3: entered allmulticast mode
[  169.871837][  T835] HID 045e:07da: Invalid code 65791 type 1
[  169.877440][  T835] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:045E:07DA.0006/input/input27
[  169.885398][  T835] microsoft 0003:045E:07DA.0006: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  170.075276][ T1337] usb 8-1: USB disconnect, device number 7
[  170.075975][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  170.075984][   T40] audit: type=1400 audit(1743402046.362:543): avc:  denied  { read } for  pid=5338 comm="acpid" name="event4" dev="devtmpfs" ino=2981 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  170.085450][   T40] audit: type=1400 audit(1743402046.362:544): avc:  denied  { open } for  pid=5338 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2981 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  170.092768][   T40] audit: type=1400 audit(1743402046.362:545): avc:  denied  { ioctl } for  pid=5338 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2981 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  170.182949][  T835] libceph: connect (1)[c::]:6789 error -101
[  170.185854][  T835] libceph: mon0 (1)[c::]:6789 connect error
[  170.215277][T11703] ceph: No mds server is up or the cluster is laggy
[  170.244291][T11710] FAULT_INJECTION: forcing a failure.
[  170.244291][T11710] name failslab, interval 1, probability 0, space 0, times 0
[  170.254961][T11710] CPU: 3 UID: 0 PID: 11710 Comm: syz.2.2168 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  170.254976][T11710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.254983][T11710] Call Trace:
[  170.254986][T11710]  <TASK>
[  170.254990][T11710]  dump_stack_lvl+0x16c/0x1f0
[  170.255009][T11710]  should_fail_ex+0x512/0x640
[  170.255021][T11710]  ? fs_reclaim_acquire+0xae/0x150
[  170.255034][T11710]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  170.255044][T11710]  should_failslab+0xc2/0x120
[  170.255060][T11710]  __kmalloc_noprof+0xd2/0x510
[  170.255077][T11710]  tomoyo_realpath_from_path+0xc2/0x6e0
[  170.255088][T11710]  ? tomoyo_profile+0x47/0x60
[  170.255100][T11710]  tomoyo_path_number_perm+0x245/0x580
[  170.255113][T11710]  ? tomoyo_path_number_perm+0x237/0x580
[  170.255128][T11710]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  170.255142][T11710]  ? find_held_lock+0x2b/0x80
[  170.255167][T11710]  ? find_held_lock+0x2b/0x80
[  170.255180][T11710]  ? hook_file_ioctl_common+0x145/0x410
[  170.255194][T11710]  ? __fget_files+0x20e/0x3c0
[  170.255210][T11710]  security_file_ioctl+0x9b/0x240
[  170.255226][T11710]  __x64_sys_ioctl+0xb7/0x200
[  170.255239][T11710]  do_syscall_64+0xcd/0x260
[  170.255255][T11710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.255265][T11710] RIP: 0033:0x7fee9fb8d169
[  170.255275][T11710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.255284][T11710] RSP: 002b:00007feea09e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  170.255294][T11710] RAX: ffffffffffffffda RBX: 00007fee9fda6160 RCX: 00007fee9fb8d169
[  170.255300][T11710] RDX: 0000200000000400 RSI: 000000004020ae46 RDI: 0000000000000004
[  170.255311][T11710] RBP: 00007feea09e7090 R08: 0000000000000000 R09: 0000000000000000
[  170.255317][T11710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.255323][T11710] R13: 0000000000000000 R14: 00007fee9fda6160 R15: 00007ffe5e6f1028
[  170.255336][T11710]  </TASK>
[  170.255340][T11710] ERROR: Out of memory at tomoyo_realpath_from_path.
[  170.424569][ T5939] Bluetooth: hci0: command 0x0406 tx timeout
[  170.424628][ T5943] Bluetooth: hci2: command 0x0406 tx timeout
[  170.495450][T11718] FAULT_INJECTION: forcing a failure.
[  170.495450][T11718] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.500349][T11718] CPU: 3 UID: 0 PID: 11718 Comm: syz.0.2171 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  170.500363][T11718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.500370][T11718] Call Trace:
[  170.500374][T11718]  <TASK>
[  170.500379][T11718]  dump_stack_lvl+0x16c/0x1f0
[  170.500398][T11718]  should_fail_ex+0x512/0x640
[  170.500413][T11718]  _copy_from_iter+0x2a4/0x15b0
[  170.500429][T11718]  ? __pfx__copy_from_iter+0x10/0x10
[  170.500442][T11718]  ? rcu_is_watching+0x12/0xc0
[  170.500455][T11718]  ? rcu_is_watching+0x12/0xc0
[  170.500467][T11718]  ? kfree+0x252/0x4d0
[  170.500493][T11718]  ? file_tty_write.constprop.0+0x6f1/0x9b0
[  170.500509][T11718]  file_tty_write.constprop.0+0x48a/0x9b0
[  170.500523][T11718]  vfs_write+0x5ba/0x1180
[  170.500537][T11718]  ? __pfx_tty_write+0x10/0x10
[  170.500548][T11718]  ? __pfx_vfs_write+0x10/0x10
[  170.500559][T11718]  ? find_held_lock+0x2b/0x80
[  170.500580][T11718]  ksys_write+0x12a/0x240
[  170.500592][T11718]  ? __pfx_ksys_write+0x10/0x10
[  170.500603][T11718]  ? rcu_is_watching+0x12/0xc0
[  170.500619][T11718]  do_syscall_64+0xcd/0x260
[  170.500635][T11718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.500645][T11718] RIP: 0033:0x7fac4378d169
[  170.500654][T11718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.500664][T11718] RSP: 002b:00007fac415f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  170.500674][T11718] RAX: ffffffffffffffda RBX: 00007fac439a5fa0 RCX: 00007fac4378d169
[  170.500680][T11718] RDX: 0000000000001006 RSI: 0000200000001040 RDI: 0000000000000003
[  170.500686][T11718] RBP: 00007fac415f6090 R08: 0000000000000000 R09: 0000000000000000
[  170.500691][T11718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.500697][T11718] R13: 0000000000000000 R14: 00007fac439a5fa0 R15: 00007ffee8924728
[  170.500711][T11718]  </TASK>
[  170.732184][ T5951] Bluetooth: hci1: Malformed Event: 0x2f
[  170.738894][   T40] audit: type=1400 audit(1743402047.032:546): avc:  denied  { validate_trans } for  pid=11730 comm="syz.2.2178" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  170.743809][T11733] bond0: (slave ip6_vti0): Error: Device can not be enslaved while up
[  171.449297][T11770] bond0: (slave ip6_vti0): Error: Device can not be enslaved while up
[  171.478482][T11775] FAULT_INJECTION: forcing a failure.
[  171.478482][T11775] name failslab, interval 1, probability 0, space 0, times 0
[  171.482388][T11775] CPU: 2 UID: 0 PID: 11775 Comm: syz.2.2194 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  171.482402][T11775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.482408][T11775] Call Trace:
[  171.482420][T11775]  <TASK>
[  171.482425][T11775]  dump_stack_lvl+0x16c/0x1f0
[  171.482457][T11775]  should_fail_ex+0x512/0x640
[  171.482474][T11775]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  171.482491][T11775]  should_failslab+0xc2/0x120
[  171.482507][T11775]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  171.482521][T11775]  ? __alloc_skb+0x2b2/0x380
[  171.482537][T11775]  __alloc_skb+0x2b2/0x380
[  171.482549][T11775]  ? __pfx___alloc_skb+0x10/0x10
[  171.482563][T11775]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  171.482581][T11775]  netlink_alloc_large_skb+0x69/0x130
[  171.482596][T11775]  netlink_sendmsg+0x6a1/0xdd0
[  171.482613][T11775]  ? __pfx_netlink_sendmsg+0x10/0x10
[  171.482632][T11775]  ____sys_sendmsg+0xa95/0xc70
[  171.482643][T11775]  ? copy_msghdr_from_user+0x10a/0x160
[  171.482656][T11775]  ? __pfx_____sys_sendmsg+0x10/0x10
[  171.482672][T11775]  ___sys_sendmsg+0x134/0x1d0
[  171.482686][T11775]  ? __pfx____sys_sendmsg+0x10/0x10
[  171.482714][T11775]  __sys_sendmsg+0x16d/0x220
[  171.482727][T11775]  ? __pfx___sys_sendmsg+0x10/0x10
[  171.482744][T11775]  ? rcu_is_watching+0x12/0xc0
[  171.482761][T11775]  do_syscall_64+0xcd/0x260
[  171.482777][T11775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.482787][T11775] RIP: 0033:0x7fee9fb8d169
[  171.482796][T11775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.482805][T11775] RSP: 002b:00007feea0a29038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.482815][T11775] RAX: ffffffffffffffda RBX: 00007fee9fda5fa0 RCX: 00007fee9fb8d169
[  171.482821][T11775] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000003
[  171.482827][T11775] RBP: 00007feea0a29090 R08: 0000000000000000 R09: 0000000000000000
[  171.482832][T11775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.482838][T11775] R13: 0000000000000000 R14: 00007fee9fda5fa0 R15: 00007ffe5e6f1028
[  171.482850][T11775]  </TASK>
[  171.544319][    C2] vkms_vblank_simulate: vblank timer overrun
[  171.552291][T11782] QAT: Stopping all acceleration devices.
[  171.932107][T11828] netlink: 'syz.3.2216': attribute type 1 has an invalid length.
[  171.969816][T11828] 8021q: adding VLAN 0 to HW filter on device bond35
[  171.973844][T11828] bond34: (slave bond35): making interface the new active one
[  171.977192][T11828] bond34: (slave bond35): Enslaving as an active interface with an up link
[  171.984367][T11828] __nla_validate_parse: 17 callbacks suppressed
[  171.984382][T11828] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2216'.
[  172.252255][   T40] audit: type=1400 audit(1743402048.542:547): avc:  denied  { create } for  pid=11844 comm="syz.1.2223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  172.259136][   T40] audit: type=1400 audit(1743402048.552:548): avc:  denied  { write } for  pid=11844 comm="syz.1.2223" path="socket:[53627]" dev="sockfs" ino=53627 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  172.268298][   T40] audit: type=1400 audit(1743402048.552:549): avc:  denied  { nlmsg_read } for  pid=11844 comm="syz.1.2223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  172.323254][T11851] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  172.325312][T11851] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  172.328303][T11851] vhci_hcd vhci_hcd.0: Device attached
[  172.331865][T11852] vhci_hcd: cannot find the pending unlink 1023
[  172.401022][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.403670][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.406383][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.408945][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.411600][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.414157][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.416739][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.419333][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.422028][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.424957][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.427623][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.430292][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.432933][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.435687][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.438321][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.440829][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.443610][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.446657][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.449162][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.451232][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.453303][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.461004][T11860] veth0_to_batadv: entered promiscuous mode
[  172.464561][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.466720][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.468791][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.470851][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.472922][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.475399][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.475620][T11860] macvlan3: entered allmulticast mode
[  172.478014][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.479805][T11860] veth0_to_batadv: entered allmulticast mode
[  172.482227][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.485262][T11860] bond0: (slave macvlan3): Enslaving as an active interface with an up link
[  172.487010][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.492442][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.495132][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.497251][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.499671][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.502081][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.504073][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.506475][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.508522][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.510518][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.512715][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.515141][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.517252][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.519330][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.521370][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.523411][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.525742][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.527809][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.529878][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.531952][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.534041][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.536554][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.538648][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.540830][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.542884][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.545720][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.548184][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.550349][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.552439][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.554826][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.556970][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.559082][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.561206][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.563303][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.565755][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.567827][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.569961][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.572056][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.574182][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.576552][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.578674][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.580808][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.582921][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.584586][   T58] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  172.585437][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.589882][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.591929][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.593986][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.596246][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.598310][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.600322][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.602328][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.604361][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.606431][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.608581][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.610636][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.610818][T11852] vhci_hcd: connection reset by peer
[  172.613069][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.615382][ T1150] vhci_hcd: stop threads
[  172.617121][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.617135][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.617146][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.617157][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.618760][ T1150] vhci_hcd: release socket
[  172.620771][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.620786][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.620797][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.620808][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.623472][ T1150] vhci_hcd: disconnect device
[  172.625500][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625514][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625525][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625536][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625550][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625560][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625571][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625582][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625593][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625604][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625614][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625625][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.625636][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.666828][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.669297][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.671564][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.673650][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.675915][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.677994][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.680074][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.682140][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.684721][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.687428][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.690272][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.692936][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.695841][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x1
[  172.698634][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.701370][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.704057][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.706769][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.709454][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.712178][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.715004][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.718023][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.720651][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.722667][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.724945][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.727057][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.729059][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.731189][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.733354][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.735412][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.737385][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.739335][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.741375][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.743402][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.745875][ T5981] hid-generic 0008:0005:0081.0007: unknown main item tag 0x0
[  172.749398][ T5981] hid-generic 0008:0005:0081.0007: hidraw0: <UNKNOWN> HID v0.06 Device [syz1] on syz1
[  172.843327][T11880] »»»»»»aaaaaaaaa: renamed from lo
[  172.982689][T11894] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.2239'.
[  172.985200][T11894] openvswitch: netlink: EtherType 0 is less than min 600
[  173.240045][T11907] netlink: 'syz.1.2246': attribute type 1 has an invalid length.
[  173.284264][T11907] 8021q: adding VLAN 0 to HW filter on device bond24
[  173.288054][T11907] bond23: (slave bond24): making interface the new active one
[  173.290452][T11907] bond23: (slave bond24): Enslaving as an active interface with an up link
[  173.295801][T11907] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2246'.
[  173.370362][T11919] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2250'.
[  173.380839][T11921] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  173.410125][T11923] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2252'.
[  173.412954][T11923] bond0: (slave ip6_vti0): Error: Device can not be enslaved while up
[  173.584575][  T836] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  173.656288][T11929] FAULT_INJECTION: forcing a failure.
[  173.656288][T11929] name failslab, interval 1, probability 0, space 0, times 0
[  173.659916][T11929] CPU: 2 UID: 0 PID: 11929 Comm: syz.2.2254 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  173.659930][T11929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  173.659936][T11929] Call Trace:
[  173.659940][T11929]  <TASK>
[  173.659944][T11929]  dump_stack_lvl+0x16c/0x1f0
[  173.659962][T11929]  should_fail_ex+0x512/0x640
[  173.659975][T11929]  ? fs_reclaim_acquire+0xae/0x150
[  173.659988][T11929]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  173.659998][T11929]  should_failslab+0xc2/0x120
[  173.660014][T11929]  __kmalloc_noprof+0xd2/0x510
[  173.660031][T11929]  tomoyo_realpath_from_path+0xc2/0x6e0
[  173.660041][T11929]  ? tomoyo_profile+0x47/0x60
[  173.660054][T11929]  tomoyo_path_number_perm+0x245/0x580
[  173.660067][T11929]  ? tomoyo_path_number_perm+0x237/0x580
[  173.660082][T11929]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  173.660096][T11929]  ? find_held_lock+0x2b/0x80
[  173.660121][T11929]  ? find_held_lock+0x2b/0x80
[  173.660133][T11929]  ? hook_file_ioctl_common+0x145/0x410
[  173.660147][T11929]  ? __fget_files+0x20e/0x3c0
[  173.660163][T11929]  security_file_ioctl+0x9b/0x240
[  173.660179][T11929]  __x64_sys_ioctl+0xb7/0x200
[  173.660191][T11929]  do_syscall_64+0xcd/0x260
[  173.660206][T11929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.660216][T11929] RIP: 0033:0x7fee9fb8d169
[  173.660224][T11929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.660234][T11929] RSP: 002b:00007feea0a29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  173.660243][T11929] RAX: ffffffffffffffda RBX: 00007fee9fda5fa0 RCX: 00007fee9fb8d169
[  173.660249][T11929] RDX: 0000200000000100 RSI: 000000004138ae84 RDI: 0000000000000005
[  173.660255][T11929] RBP: 00007feea0a29090 R08: 0000000000000000 R09: 0000000000000000
[  173.660260][T11929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.660266][T11929] R13: 0000000000000000 R14: 00007fee9fda5fa0 R15: 00007ffe5e6f1028
[  173.660278][T11929]  </TASK>
[  173.660282][T11929] ERROR: Out of memory at tomoyo_realpath_from_path.
[  173.814648][  T836] usb 6-1: Using ep0 maxpacket: 8
[  173.818775][  T836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  173.822483][  T836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  173.825359][  T836] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  173.827763][  T836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.831973][  T836] usb 6-1: config 0 descriptor??
[  173.973428][T11937] netlink: 'syz.3.2258': attribute type 1 has an invalid length.
[  173.997931][T11937] 8021q: adding VLAN 0 to HW filter on device bond37
[  174.001848][T11937] bond36: (slave bond37): making interface the new active one
[  174.005572][T11937] bond36: (slave bond37): Enslaving as an active interface with an up link
[  174.011654][T11937] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2258'.
[  174.059059][T11917] netlink: 'syz.1.2249': attribute type 6 has an invalid length.
[  174.061958][T11917] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2249'.
[  174.075762][  T836] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  174.084750][  T836] usb 6-1: USB disconnect, device number 14
[  174.244583][  T834] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  174.305759][   T40] audit: type=1400 audit(1743402050.602:550): avc:  denied  { connect } for  pid=11950 comm="syz.0.2264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  174.339455][   T40] audit: type=1400 audit(1743402050.632:551): avc:  denied  { setopt } for  pid=11957 comm="syz.0.2266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  174.340688][T11958] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2266'.
[  174.414489][  T834] usb 7-1: Using ep0 maxpacket: 16
[  174.417217][  T834] usb 7-1: config 0 has no interfaces?
[  174.420219][  T834] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  174.422625][  T834] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.424799][  T834] usb 7-1: Product: syz
[  174.425917][  T834] usb 7-1: Manufacturer: syz
[  174.427177][  T834] usb 7-1: SerialNumber: syz
[  174.429682][  T834] usb 7-1: config 0 descriptor??
[  174.504604][ T5945] Bluetooth: hci3: command 0x0405 tx timeout
[  174.640404][ T1337] usb 7-1: USB disconnect, device number 18
[  174.697264][T11969] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[  174.701181][T11969] lo: entered allmulticast mode
[  174.712338][T11969] afs: Unknown parameter 'dy`q'
[  174.737036][T11968] lo: left allmulticast mode
[  175.041922][T11984] netlink: 'syz.1.2274': attribute type 1 has an invalid length.
[  175.072711][T11984] 8021q: adding VLAN 0 to HW filter on device bond26
[  175.077628][T11984] bond25: (slave bond26): making interface the new active one
[  175.080695][T11984] bond25: (slave bond26): Enslaving as an active interface with an up link
[  175.086253][T11984] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2274'.
[  175.153794][T11990] netlink: 'syz.1.2276': attribute type 3 has an invalid length.
[  175.158187][T11990] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2276'.
[  175.306918][T12007] netlink: 'syz.1.2283': attribute type 1 has an invalid length.
[  175.343203][T12007] 8021q: adding VLAN 0 to HW filter on device bond28
[  175.345995][T12007] bond27: (slave bond28): making interface the new active one
[  175.348339][T12007] bond27: (slave bond28): Enslaving as an active interface with an up link
[  175.521581][T12019] sp0: Synchronizing with TNC
[  175.733187][T12030] netlink: 'syz.1.2292': attribute type 1 has an invalid length.
[  175.755435][ T5981] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  175.759772][T12030] 8021q: adding VLAN 0 to HW filter on device bond30
[  175.763626][T12030] bond29: (slave bond30): making interface the new active one
[  175.767753][T12030] bond29: (slave bond30): Enslaving as an active interface with an up link
[  175.785559][T12034] overlayfs: failed to resolve './file0': -40
[  175.904542][ T5981] usb 8-1: Using ep0 maxpacket: 16
[  175.909015][ T5981] usb 8-1: config 0 has no interfaces?
[  175.911995][ T5981] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  175.915919][ T5981] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.918190][ T5981] usb 8-1: Product: syz
[  175.919327][ T5981] usb 8-1: Manufacturer: syz
[  175.920600][ T5981] usb 8-1: SerialNumber: syz
[  175.922958][ T5981] usb 8-1: config 0 descriptor??
[  175.981811][T12047] openvswitch: netlink: Unknown key attributes 2
[  176.109111][T12056] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[  176.110559][   T40] audit: type=1400 audit(1743402052.402:552): avc:  denied  { create } for  pid=12054 comm="syz.0.2302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  176.123048][T12056] afs: Unknown parameter 'dy`q'
[  176.133105][ T5981] usb 8-1: USB disconnect, device number 8
[  176.205229][T12063] overlayfs: failed to resolve './file0': -40
[  176.254224][ T5951] Bluetooth: hci3: unexpected event for opcode 0x200b
[  176.338793][T12082] netlink: 'syz.0.2310': attribute type 14 has an invalid length.
[  176.436831][T12091] veth0_to_batadv: entered promiscuous mode
[  176.439457][T12091] macvlan2: entered allmulticast mode
[  176.441042][T12091] veth0_to_batadv: entered allmulticast mode
[  176.444990][T12091] veth0_to_batadv: left promiscuous mode
[  176.450364][T12097] overlayfs: failed to resolve './file0': -40
[  176.455002][   T40] audit: type=1400 audit(1743402052.752:553): avc:  denied  { mount } for  pid=12098 comm="syz.2.2319" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  176.616536][   T40] audit: type=1400 audit(1743402052.912:554): avc:  denied  { override_creds } for  pid=12111 comm="syz.2.2324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  176.702963][T12123] overlayfs: workdir and upperdir must be separate subtrees
[  176.900414][T12151] FAULT_INJECTION: forcing a failure.
[  176.900414][T12151] name failslab, interval 1, probability 0, space 0, times 0
[  176.903888][T12151] CPU: 3 UID: 0 PID: 12151 Comm: syz.1.2339 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  176.903902][T12151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  176.903908][T12151] Call Trace:
[  176.903912][T12151]  <TASK>
[  176.903916][T12151]  dump_stack_lvl+0x16c/0x1f0
[  176.903950][T12151]  should_fail_ex+0x512/0x640
[  176.903967][T12151]  ? __kmalloc_noprof+0xbf/0x510
[  176.903983][T12151]  ? drm_atomic_state_init+0x17b/0x320
[  176.903994][T12151]  should_failslab+0xc2/0x120
[  176.904010][T12151]  __kmalloc_noprof+0xd2/0x510
[  176.904027][T12151]  drm_atomic_state_init+0x17b/0x320
[  176.904037][T12151]  ? __kasan_kmalloc+0xaa/0xb0
[  176.904051][T12151]  drm_atomic_state_alloc+0xd3/0x120
[  176.904063][T12151]  drm_mode_atomic_ioctl+0x393/0x25f0
[  176.904077][T12151]  ? avc_has_extended_perms+0x33a/0x1090
[  176.904090][T12151]  ? avc_has_extended_perms+0x47c/0x1090
[  176.904103][T12151]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  176.904114][T12151]  ? __lock_acquire+0xaa4/0x1ba0
[  176.904132][T12151]  ? drm_is_current_master+0x2c/0x40
[  176.904145][T12151]  ? do_raw_spin_unlock+0x172/0x230
[  176.904158][T12151]  drm_ioctl_kernel+0x1f1/0x3e0
[  176.904172][T12151]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  176.904185][T12151]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  176.904203][T12151]  drm_ioctl+0x5c9/0xc30
[  176.904218][T12151]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  176.904234][T12151]  ? __pfx_drm_ioctl+0x10/0x10
[  176.904253][T12151]  ? selinux_file_ioctl+0x180/0x270
[  176.904263][T12151]  ? selinux_file_ioctl+0xb4/0x270
[  176.904274][T12151]  ? __pfx_drm_ioctl+0x10/0x10
[  176.904288][T12151]  __x64_sys_ioctl+0x190/0x200
[  176.904300][T12151]  do_syscall_64+0xcd/0x260
[  176.904315][T12151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.904325][T12151] RIP: 0033:0x7f3d5698d169
[  176.904334][T12151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.904343][T12151] RSP: 002b:00007f3d57780038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  176.904353][T12151] RAX: ffffffffffffffda RBX: 00007f3d56ba5fa0 RCX: 00007f3d5698d169
[  176.904359][T12151] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 000000000000000e
[  176.904365][T12151] RBP: 00007f3d57780090 R08: 0000000000000000 R09: 0000000000000000
[  176.904370][T12151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.904376][T12151] R13: 0000000000000000 R14: 00007f3d56ba5fa0 R15: 00007ffeec969f88
[  176.904388][T12151]  </TASK>
[  177.151603][   T40] audit: type=1400 audit(1743402053.442:555): avc:  denied  { shutdown } for  pid=12154 comm="syz.1.2341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  177.245825][ T6116] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  177.394754][ T6116] usb 7-1: Using ep0 maxpacket: 16
[  177.399348][ T6116] usb 7-1: config 0 has no interfaces?
[  177.403450][ T6116] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  177.406572][ T6116] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.409357][ T6116] usb 7-1: Product: syz
[  177.410813][ T6116] usb 7-1: Manufacturer: syz
[  177.412444][ T6116] usb 7-1: SerialNumber: syz
[  177.415859][ T6116] usb 7-1: config 0 descriptor??
[  177.579450][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.582326][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.585152][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.587693][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.589795][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.591823][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.593917][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.596039][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.598093][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.600147][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.602227][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.604283][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.606665][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.608744][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.610768][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.612859][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.614958][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.617030][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.619085][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.621225][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.623450][ T6116] usb 7-1: USB disconnect, device number 19
[  177.623949][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.628381][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.630450][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.632716][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.634844][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.635498][T12179] veth0_to_batadv: entered promiscuous mode
[  177.636917][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.636931][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.640235][T12179] macvlan2: entered allmulticast mode
[  177.640954][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.643646][T12179] veth0_to_batadv: entered allmulticast mode
[  177.645281][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.647674][T12179] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  177.649231][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.655775][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.658047][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.660113][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.662163][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.664197][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.666309][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.668352][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.670424][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.672530][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.674566][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.676590][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.678605][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.680641][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.682673][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.684801][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.686825][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.688925][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.690953][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.693002][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.695102][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.697149][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.699192][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.701254][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.703270][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.704633][   T58] vhci_hcd: vhci_device speed not set
[  177.705349][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.709733][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.711774][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.714085][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.716822][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.719476][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.721757][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.723864][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.726252][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.728118][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.729910][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.731691][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.733597][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.735806][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.737857][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.740019][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.742040][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.744066][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.746173][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.748203][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.750251][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.752266][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.754299][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.756380][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.758429][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.760447][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.762460][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.764509][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.766576][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.768608][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.770642][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.772739][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.774819][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.776870][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.778917][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.780951][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.782968][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.785074][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.787101][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.789133][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.791139][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.793206][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.795437][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.797634][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.799643][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.801658][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.803753][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.805881][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.807908][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.809967][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.811994][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.814031][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.816106][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.818162][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.820357][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.822551][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.824637][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.826618][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.828583][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.830613][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.832704][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.834782][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.836919][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.838976][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.841064][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x1
[  177.843040][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.845199][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.847236][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.849292][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.851290][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.853334][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.855581][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.857690][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.859694][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.861708][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.863710][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.865891][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.867914][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.869906][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.871882][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.873892][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.876150][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.878498][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.880622][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.882677][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.884878][ T5981] hid-generic 0008:0005:0081.0008: unknown main item tag 0x0
[  177.889113][ T5981] hid-generic 0008:0005:0081.0008: hidraw0: <UNKNOWN> HID v0.06 Device [syz1] on syz1
[  177.907178][T12191] overlayfs: failed to resolve './file0': -40
[  177.953915][T12195] smc: net device bond0 applied user defined pnetid SYZ0
[  178.161295][T12199] fuse: Bad value for 'group_id'
[  178.162689][T12199] fuse: Bad value for 'group_id'
[  178.195871][T12203] netlink: 'syz.2.2356': attribute type 1 has an invalid length.
[  178.234057][T12203] 8021q: adding VLAN 0 to HW filter on device bond20
[  178.238366][T12203] bond19: (slave bond20): making interface the new active one
[  178.241386][T12203] bond19: (slave bond20): Enslaving as an active interface with an up link
[  178.873861][T12198] block nbd3: shutting down sockets
[  179.207172][   T40] audit: type=1400 audit(1743402055.502:556): avc:  denied  { watch_mount } for  pid=12216 comm="syz.2.2360" path="/633" dev="tmpfs" ino=3423 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  179.207615][T12217] nftables ruleset with unbound set
[  179.217899][T12217] __nla_validate_parse: 5 callbacks suppressed
[  179.217908][T12217] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2360'.
[  179.251316][T12223] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2363'.
[  179.259427][T12221] overlayfs: failed to resolve './file0': -40
[  179.675056][ T6116] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  179.834572][ T6116] usb 8-1: Using ep0 maxpacket: 16
[  179.838219][ T6116] usb 8-1: config 0 has no interfaces?
[  179.842227][ T6116] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  179.845514][ T6116] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.848283][ T6116] usb 8-1: Product: syz
[  179.849829][ T6116] usb 8-1: Manufacturer: syz
[  179.852328][ T6116] usb 8-1: SerialNumber: syz
[  179.856007][ T6116] usb 8-1: config 0 descriptor??
[  179.861628][    C0] sr 2:0:0:0: [sr0] tag#28 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  179.864495][    C0] sr 2:0:0:0: [sr0] tag#28 CDB: Pre-fetch(16) 90 a6 14 b8 5e 96 bc 59 55 c7 c4 37
[  179.868208][   T40] audit: type=1400 audit(1743402056.162:557): avc:  denied  { nlmsg_read } for  pid=12247 comm="syz.0.2372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  180.009736][T12256] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12256 comm=syz.0.2373
[  180.064369][  T835] usb 8-1: USB disconnect, device number 9
[  180.070880][   T40] audit: type=1326 audit(1743402056.362:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12258 comm="syz.0.2374" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fac4378d169 code=0x0
[  180.175281][T12262] input: syz1 as /devices/virtual/input/input29
[  180.572523][   T40] audit: type=1400 audit(1743402056.862:559): avc:  denied  { map } for  pid=12263 comm="syz.2.2375" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  180.626035][T12270] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2378'.
[  180.727345][   T40] audit: type=1400 audit(1743402057.022:560): avc:  denied  { setopt } for  pid=12281 comm="syz.1.2382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  180.733148][   T40] audit: type=1400 audit(1743402057.022:561): avc:  denied  { compute_member } for  pid=12283 comm="syz.3.2383" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  181.418215][   T40] audit: type=1400 audit(1743402057.712:562): avc:  denied  { nlmsg_write } for  pid=12311 comm="syz.0.2394" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  181.489960][T12333] FAULT_INJECTION: forcing a failure.
[  181.489960][T12333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.494880][T12333] CPU: 3 UID: 0 PID: 12333 Comm: syz.2.2397 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  181.494901][T12333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  181.494911][T12333] Call Trace:
[  181.494916][T12333]  <TASK>
[  181.494922][T12333]  dump_stack_lvl+0x16c/0x1f0
[  181.494976][T12333]  should_fail_ex+0x512/0x640
[  181.495006][T12333]  _copy_from_user+0x2e/0xd0
[  181.495026][T12333]  copy_msghdr_from_user+0x98/0x160
[  181.495046][T12333]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  181.495077][T12333]  ___sys_sendmsg+0xfe/0x1d0
[  181.495098][T12333]  ? __pfx____sys_sendmsg+0x10/0x10
[  181.495144][T12333]  __sys_sendmsg+0x16d/0x220
[  181.495165][T12333]  ? __pfx___sys_sendmsg+0x10/0x10
[  181.495191][T12333]  ? rcu_is_watching+0x12/0xc0
[  181.495223][T12333]  do_syscall_64+0xcd/0x260
[  181.495247][T12333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.495262][T12333] RIP: 0033:0x7fee9fb8d169
[  181.495275][T12333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.495288][T12333] RSP: 002b:00007feea0a29038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  181.495303][T12333] RAX: ffffffffffffffda RBX: 00007fee9fda5fa0 RCX: 00007fee9fb8d169
[  181.495312][T12333] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000003
[  181.495322][T12333] RBP: 00007feea0a29090 R08: 0000000000000000 R09: 0000000000000000
[  181.495330][T12333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.495338][T12333] R13: 0000000000000000 R14: 00007fee9fda5fa0 R15: 00007ffe5e6f1028
[  181.495359][T12333]  </TASK>
[  181.557086][T12335] ubi31: attaching mtd0
[  181.566208][T12335] ubi31: scanning is finished
[  181.567659][T12335] ubi31: empty MTD device detected
[  181.608771][   T40] audit: type=1400 audit(1743402057.902:563): avc:  denied  { setattr } for  pid=12334 comm="syz.1.2398" path="/dev/ubi_ctrl" dev="devtmpfs" ino=718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  181.649083][T12335] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  181.651189][T12335] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  181.653219][T12335] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  181.655262][T12335] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  181.657387][T12335] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  181.659312][T12335] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  181.661657][T12335] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1155588232
[  181.665325][T12335] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  181.668081][T12341] ubi31: background thread "ubi_bgt31d" started, PID 12341
[  181.824630][   T58] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  181.894762][ T6116] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  181.974521][   T58] usb 5-1: Using ep0 maxpacket: 8
[  181.978207][   T58] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  181.982121][   T58] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  181.985188][   T58] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  181.988710][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.992545][   T58] usb 5-1: config 0 descriptor??
[  182.024546][ T5980] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  182.044721][ T6116] usb 7-1: Using ep0 maxpacket: 8
[  182.047611][ T6116] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  182.050591][ T6116] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  182.053383][ T6116] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  182.056725][ T6116] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.060769][ T6116] usb 7-1: config 0 descriptor??
[  182.184729][ T5980] usb 6-1: Using ep0 maxpacket: 8
[  182.188751][ T5980] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  182.192792][ T5980] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  182.196628][ T5980] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  182.200703][ T5980] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.215510][ T5980] usb 6-1: config 0 descriptor??
[  182.224572][   T58] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  182.228566][   T58] usb 5-1: USB disconnect, device number 13
[  182.237103][ T5980] usb 6-1: can't set config #0, error -71
[  182.239381][ T5980] usb 6-1: USB disconnect, device number 15
[  182.277824][ T6116] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  182.281437][ T6116] usb 7-1: USB disconnect, device number 20
[  182.285835][ T5955] udevd[5955]: failed to send result of seq 23043 to main daemon: Connection refused
[  182.839344][T12356] netlink: 'syz.1.2407': attribute type 1 has an invalid length.
[  182.879644][T12356] 8021q: adding VLAN 0 to HW filter on device bond32
[  182.881740][T12356] bond31: (slave bond32): making interface the new active one
[  182.884541][T12356] bond31: (slave bond32): Enslaving as an active interface with an up link
[  182.963907][   T40] audit: type=1400 audit(1743402059.252:564): avc:  denied  { read } for  pid=12364 comm="syz.1.2410" path="socket:[57470]" dev="sockfs" ino=57470 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  183.190050][T12378] misc userio: Can't change port type on an already running userio instance
[  183.204538][   T57] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  183.354596][   T57] usb 5-1: Using ep0 maxpacket: 16
[  183.358205][   T57] usb 5-1: config 0 has no interfaces?
[  183.361929][   T57] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  183.365244][   T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.368030][   T57] usb 5-1: Product: syz
[  183.370372][   T57] usb 5-1: Manufacturer: syz
[  183.372169][   T57] usb 5-1: SerialNumber: syz
[  183.375744][   T57] usb 5-1: config 0 descriptor??
[  183.585861][   T10] usb 5-1: USB disconnect, device number 14
[  183.677850][   T40] audit: type=1400 audit(1743402059.972:565): avc:  denied  { ioctl } for  pid=12381 comm="syz.2.2417" path="socket:[56957]" dev="sockfs" ino=56957 ioctlcmd=0x8981 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  183.696296][ T1337] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  183.738475][   T40] audit: type=1400 audit(1743402060.032:566): avc:  denied  { map } for  pid=12383 comm="syz.2.2418" path="socket:[55129]" dev="sockfs" ino=55129 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  183.792242][T12386] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2418'.
[  183.854763][ T1337] usb 6-1: Using ep0 maxpacket: 16
[  183.859935][ T1337] usb 6-1: config 0 has no interfaces?
[  183.863832][ T1337] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  183.867492][ T1337] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.872051][ T1337] usb 6-1: Product: syz
[  183.873696][ T1337] usb 6-1: Manufacturer: syz
[  183.875498][ T1337] usb 6-1: SerialNumber: syz
[  183.878921][ T1337] usb 6-1: config 0 descriptor??
[  184.091672][ T1337] usb 6-1: USB disconnect, device number 16
[  184.127566][T12407] netlink: 'syz.2.2427': attribute type 1 has an invalid length.
[  184.165843][T12407] 8021q: adding VLAN 0 to HW filter on device bond22
[  184.169524][T12407] bond21: (slave bond22): making interface the new active one
[  184.172765][T12407] bond21: (slave bond22): Enslaving as an active interface with an up link
[  184.190115][T12407] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2427'.
[  184.196111][T12407] 8021q: adding VLAN 0 to HW filter on device bond21
[  184.244495][  T835] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  184.289519][T12422] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[  184.292763][T12423] FAULT_INJECTION: forcing a failure.
[  184.292763][T12423] name failslab, interval 1, probability 0, space 0, times 0
[  184.297674][T12423] CPU: 0 UID: 0 PID: 12423 Comm: syz.2.2434 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  184.297689][T12423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  184.297695][T12423] Call Trace:
[  184.297698][T12423]  <TASK>
[  184.297703][T12423]  dump_stack_lvl+0x16c/0x1f0
[  184.297721][T12423]  should_fail_ex+0x512/0x640
[  184.297733][T12423]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  184.297748][T12423]  should_failslab+0xc2/0x120
[  184.297764][T12423]  __kmalloc_cache_noprof+0x6a/0x3e0
[  184.297776][T12423]  ? tcf_chain_create+0x98/0x370
[  184.297791][T12423]  tcf_chain_create+0x98/0x370
[  184.297804][T12423]  __tcf_chain_get+0x153/0x1b0
[  184.297819][T12423]  tc_new_tfilter+0x6ed/0x2340
[  184.297840][T12423]  ? avc_has_perm_noaudit+0x117/0x3b0
[  184.297853][T12423]  ? __pfx_tc_new_tfilter+0x10/0x10
[  184.297873][T12423]  ? __lock_acquire+0x5ca/0x1ba0
[  184.297891][T12423]  ? find_held_lock+0x2b/0x80
[  184.297903][T12423]  ? __pfx_tc_new_tfilter+0x10/0x10
[  184.297917][T12423]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  184.297932][T12423]  ? __pfx_tc_new_tfilter+0x10/0x10
[  184.297947][T12423]  rtnetlink_rcv_msg+0x95b/0xe90
[  184.297962][T12423]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  184.297976][T12423]  ? __pfx_avc_has_perm+0x10/0x10
[  184.297993][T12423]  netlink_rcv_skb+0x16a/0x440
[  184.298008][T12423]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  184.298022][T12423]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  184.298044][T12423]  ? netlink_deliver_tap+0x1ae/0xd30
[  184.298061][T12423]  netlink_unicast+0x53a/0x7f0
[  184.298078][T12423]  ? __pfx_netlink_unicast+0x10/0x10
[  184.298096][T12423]  netlink_sendmsg+0x8d1/0xdd0
[  184.298113][T12423]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.298134][T12423]  ____sys_sendmsg+0xa95/0xc70
[  184.298145][T12423]  ? copy_msghdr_from_user+0x10a/0x160
[  184.298163][T12423]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.298179][T12423]  ___sys_sendmsg+0x134/0x1d0
[  184.298193][T12423]  ? __pfx____sys_sendmsg+0x10/0x10
[  184.298222][T12423]  __sys_sendmsg+0x16d/0x220
[  184.298235][T12423]  ? __pfx___sys_sendmsg+0x10/0x10
[  184.298253][T12423]  ? rcu_is_watching+0x12/0xc0
[  184.298269][T12423]  do_syscall_64+0xcd/0x260
[  184.298285][T12423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.298295][T12423] RIP: 0033:0x7fee9fb8d169
[  184.298303][T12423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.298313][T12423] RSP: 002b:00007feea0a29038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.298323][T12423] RAX: ffffffffffffffda RBX: 00007fee9fda5fa0 RCX: 00007fee9fb8d169
[  184.298328][T12423] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000003
[  184.298334][T12423] RBP: 00007feea0a29090 R08: 0000000000000000 R09: 0000000000000000
[  184.298340][T12423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.298345][T12423] R13: 0000000000000000 R14: 00007fee9fda5fa0 R15: 00007ffe5e6f1028
[  184.298358][T12423]  </TASK>
[  184.402822][T12425] set match dimension is over the limit!
[  184.484596][  T835] usb 8-1: Using ep0 maxpacket: 8
[  184.487626][T12430] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2436'.
[  184.488201][  T835] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  184.494331][  T835] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  184.497947][  T835] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  184.501561][  T835] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.507115][  T835] usb 8-1: config 0 descriptor??
[  184.522076][T12432] ubi: mtd0 is already attached to ubi31
[  184.642440][T12442] veth0_to_batadv: entered promiscuous mode
[  184.645216][T12442] macvlan2: entered allmulticast mode
[  184.646936][T12442] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  184.732117][  T835] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  184.737712][  T835] usb 8-1: USB disconnect, device number 10
[  184.747094][T12446] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2442'.
[  184.808656][T12456] ubi: mtd0 is already attached to ubi31
[  184.817630][   T40] audit: type=1400 audit(1743402061.112:567): avc:  denied  { read } for  pid=12445 comm="syz.2.2442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  185.210738][   T40] audit: type=1400 audit(1743402061.502:568): avc:  denied  { read } for  pid=12489 comm="syz.2.2456" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  185.568476][   T40] audit: type=1400 audit(1743402061.862:569): avc:  denied  { ioctl } for  pid=12518 comm="syz.1.2469" path="socket:[57632]" dev="sockfs" ino=57632 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  185.604507][ T6116] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  185.764563][   T57] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  185.766864][ T6116] usb 8-1: Using ep0 maxpacket: 8
[  185.770317][ T6116] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  185.773449][ T6116] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  185.777252][ T6116] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  185.780847][ T6116] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  185.784519][ T6116] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  185.789289][ T6116] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  185.792915][ T6116] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.840295][   T40] audit: type=1400 audit(1743402062.132:570): avc:  denied  { setattr } for  pid=12531 comm="syz.0.2474" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  185.889289][T12536] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  185.914829][   T57] usb 7-1: Using ep0 maxpacket: 8
[  185.917702][   T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  185.920701][   T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  185.923360][   T57] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  185.925963][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.929212][   T57] usb 7-1: config 0 descriptor??
[  186.007074][ T6116] usb 8-1: GET_CAPABILITIES returned 0
[  186.009158][ T6116] usbtmc 8-1:16.0: can't read capabilities
[  186.143960][   T57] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  186.148639][   T57] usb 7-1: USB disconnect, device number 21
[  186.177638][T12549] overlayfs: missing 'lowerdir'
[  186.294836][T12513] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2463'.
[  186.418616][T12558] sp0: Synchronizing with TNC
[  186.422874][T12558] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2484'.
[  186.543557][   T40] audit: type=1400 audit(1743402062.832:571): avc:  denied  { ioctl } for  pid=12561 comm="syz.1.2486" path="/dev/fb1" dev="devtmpfs" ino=640 ioctlcmd=0x4610 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  186.711621][T12572] overlayfs: missing 'lowerdir'
[  186.873151][   T40] audit: type=1400 audit(1743402063.162:572): avc:  denied  { mount } for  pid=12585 comm="syz.2.2495" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  186.959714][   T40] audit: type=1400 audit(1743402063.252:573): avc:  denied  { unmount } for  pid=5941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  187.093874][T12595] veth0_to_batadv: entered promiscuous mode
[  187.097390][T12595] macvlan2: entered allmulticast mode
[  187.101020][T12595] veth0_to_batadv: left promiscuous mode
[  187.224651][   T57] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  187.374572][   T57] usb 7-1: Using ep0 maxpacket: 8
[  187.377337][   T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  187.380420][   T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  187.382975][   T57] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  187.385522][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.388604][   T57] usb 7-1: config 0 descriptor??
[  187.606303][   T57] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  187.610054][   T57] usb 7-1: USB disconnect, device number 22
[  187.669119][T12608] FAULT_INJECTION: forcing a failure.
[  187.669119][T12608] name failslab, interval 1, probability 0, space 0, times 0
[  187.669170][T12608] CPU: 1 UID: 0 PID: 12608 Comm: syz.1.2504 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  187.669184][T12608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.669190][T12608] Call Trace:
[  187.669194][T12608]  <TASK>
[  187.669198][T12608]  dump_stack_lvl+0x16c/0x1f0
[  187.669216][T12608]  should_fail_ex+0x512/0x640
[  187.669229][T12608]  ? __kmalloc_noprof+0xbf/0x510
[  187.669244][T12608]  ? drm_atomic_state_init+0x17b/0x320
[  187.669256][T12608]  should_failslab+0xc2/0x120
[  187.669271][T12608]  __kmalloc_noprof+0xd2/0x510
[  187.669289][T12608]  drm_atomic_state_init+0x17b/0x320
[  187.669299][T12608]  ? __kasan_kmalloc+0xaa/0xb0
[  187.669314][T12608]  drm_atomic_state_alloc+0xd3/0x120
[  187.669325][T12608]  drm_client_modeset_commit_atomic+0xcc/0x7e0
[  187.669338][T12608]  ? __pfx___might_resched+0x10/0x10
[  187.669355][T12608]  ? trace_contention_end+0xdd/0x130
[  187.669365][T12608]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  187.669375][T12608]  ? __mutex_lock+0x1ca/0xb90
[  187.669391][T12608]  ? __mutex_lock+0x1ca/0xb90
[  187.669413][T12608]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  187.669432][T12608]  drm_client_modeset_commit_locked+0x14d/0x580
[  187.669445][T12608]  drm_fb_helper_pan_display+0x32d/0xa40
[  187.669461][T12608]  ? clear_pending_if_disabled+0xa8/0x210
[  187.669478][T12608]  fb_pan_display+0x479/0x7d0
[  187.669487][T12608]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  187.669503][T12608]  bit_update_start+0x49/0x1f0
[  187.669515][T12608]  fbcon_switch+0xbf5/0x14c0
[  187.669530][T12608]  ? __pfx_fbcon_switch+0x10/0x10
[  187.669547][T12608]  ? __pfx_bit_cursor+0x10/0x10
[  187.669557][T12608]  ? fbcon_cursor+0x409/0x5f0
[  187.669570][T12608]  csi_J+0x863/0xad0
[  187.669588][T12608]  do_con_write+0x3b96/0x7c90
[  187.669600][T12608]  ? rcu_is_watching+0x12/0xc0
[  187.669620][T12608]  ? __pfx_do_con_write+0x10/0x10
[  187.669630][T12608]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  187.669648][T12608]  ? con_write+0x93/0xb0
[  187.669659][T12608]  con_write+0x23/0xb0
[  187.669669][T12608]  n_tty_write+0x41f/0x1150
[  187.669689][T12608]  ? __pfx_n_tty_write+0x10/0x10
[  187.669700][T12608]  ? rcu_is_watching+0x12/0xc0
[  187.669712][T12608]  ? __pfx_woken_wake_function+0x10/0x10
[  187.669725][T12608]  ? kfree+0x252/0x4d0
[  187.669735][T12608]  ? file_tty_write.constprop.0+0x6f1/0x9b0
[  187.669747][T12608]  ? __pfx_n_tty_write+0x10/0x10
[  187.669769][T12608]  file_tty_write.constprop.0+0x503/0x9b0
[  187.669786][T12608]  vfs_write+0x5ba/0x1180
[  187.669799][T12608]  ? __pfx_tty_write+0x10/0x10
[  187.669809][T12608]  ? __pfx_vfs_write+0x10/0x10
[  187.669820][T12608]  ? find_held_lock+0x2b/0x80
[  187.669843][T12608]  ksys_write+0x12a/0x240
[  187.669855][T12608]  ? __pfx_ksys_write+0x10/0x10
[  187.669872][T12608]  do_syscall_64+0xcd/0x260
[  187.669888][T12608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.669898][T12608] RIP: 0033:0x7f3d5698d169
[  187.669906][T12608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.669916][T12608] RSP: 002b:00007f3d57780038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  187.669926][T12608] RAX: ffffffffffffffda RBX: 00007f3d56ba5fa0 RCX: 00007f3d5698d169
[  187.669932][T12608] RDX: 0000000000001006 RSI: 0000200000001040 RDI: 0000000000000003
[  187.669938][T12608] RBP: 00007f3d57780090 R08: 0000000000000000 R09: 0000000000000000
[  187.669943][T12608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.669949][T12608] R13: 0000000000000000 R14: 00007f3d56ba5fa0 R15: 00007ffeec969f88
[  187.669963][T12608]  </TASK>
[  188.141215][T12633] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2514'.
[  188.227726][T12642] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2518'.
[  188.261317][T12645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2519'.
[  188.340809][T12647] infiniband syz2: set down
[  188.343321][T12647] infiniband syz2: added ipvlan1
[  188.359934][   T57] usb 8-1: USB disconnect, device number 11
[  188.362300][T12647] RDS/IB: syz2: added
[  188.363868][T12647] smc: adding ib device syz2 with port count 1
[  188.366298][T12647] smc:    ib device syz2 port 1 has pnetid 
[  188.544594][  T835] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  188.597554][ T5951] Bluetooth: hci2: unexpected event for opcode 0x2027
[  188.632176][T12664] 8021q: adding VLAN 0 to HW filter on device bond24
[  188.646087][T12664] bond24: entered allmulticast mode
[  188.649847][T12664] bond0: (slave bond24): Enslaving as an active interface with an up link
[  188.704537][  T835] usb 6-1: Using ep0 maxpacket: 8
[  188.715966][  T835] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  188.720013][  T835] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  188.723550][  T835] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  188.728650][  T835] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.733099][  T835] usb 6-1: config 0 descriptor??
[  188.772973][T12676] netlink: 'syz.3.2531': attribute type 1 has an invalid length.
[  188.810055][T12676] 8021q: adding VLAN 0 to HW filter on device bond39
[  188.812866][T12676] bond38: (slave bond39): making interface the new active one
[  188.815669][T12676] bond38: (slave bond39): Enslaving as an active interface with an up link
[  188.823739][T12676] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2531'.
[  188.829909][T12676] 8021q: adding VLAN 0 to HW filter on device bond38
[  188.951524][  T835] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  188.955364][  T835] usb 6-1: USB disconnect, device number 17
[  189.024569][ T5981] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  189.096547][   T57] IPVS: starting estimator thread 0...
[  189.174557][ T5981] usb 5-1: Using ep0 maxpacket: 16
[  189.177371][ T5981] usb 5-1: config 0 has no interfaces?
[  189.180448][ T5981] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  189.182919][ T5981] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.185238][ T5981] usb 5-1: Product: syz
[  189.186494][ T5981] usb 5-1: Manufacturer: syz
[  189.187811][ T5981] usb 5-1: SerialNumber: syz
[  189.192017][ T5981] usb 5-1: config 0 descriptor??
[  189.194569][T12698] IPVS: using max 46 ests per chain, 110400 per kthread
[  189.245650][T12705] netlink: 'syz.3.2541': attribute type 1 has an invalid length.
[  189.265953][T12705] 8021q: adding VLAN 0 to HW filter on device bond41
[  189.268754][T12705] bond40: (slave bond41): making interface the new active one
[  189.271059][T12705] bond40: (slave bond41): Enslaving as an active interface with an up link
[  189.275686][T12705] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2541'.
[  189.279880][T12705] 8021q: adding VLAN 0 to HW filter on device bond40
[  189.401899][ T5981] usb 5-1: USB disconnect, device number 15
[  189.499501][   T40] audit: type=1400 audit(1743402065.792:574): avc:  denied  { create } for  pid=12724 comm="syz.3.2549" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  189.500958][T12725] 9pnet_fd: Insufficient options for proto=fd
[  189.507830][   T40] audit: type=1400 audit(1743402065.792:575): avc:  denied  { mounton } for  pid=12724 comm="syz.3.2549" path="/627/file0" dev="tmpfs" ino=3385 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  189.519312][   T40] audit: type=1400 audit(1743402065.812:576): avc:  denied  { unlink } for  pid=5937 comm="syz-executor" name="file0" dev="tmpfs" ino=3385 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  189.574235][   T40] audit: type=1400 audit(1743402065.862:577): avc:  denied  { ioctl } for  pid=12729 comm="syz.3.2551" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  189.574716][T12730] SELinux: syz.3.2551 (12730) set checkreqprot to 1. This is no longer supported.
[  189.583477][   T40] audit: type=1400 audit(1743402065.872:578): avc:  denied  { setcheckreqprot } for  pid=12729 comm="syz.3.2551" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  189.653550][T12735] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  189.691753][T12735] netlink: 'syz.3.2553': attribute type 1 has an invalid length.
[  189.790935][T12742] FAULT_INJECTION: forcing a failure.
[  189.790935][T12742] name failslab, interval 1, probability 0, space 0, times 0
[  189.795919][T12742] CPU: 3 UID: 0 PID: 12742 Comm: syz.1.2554 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  189.795943][T12742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  189.795953][T12742] Call Trace:
[  189.795959][T12742]  <TASK>
[  189.795965][T12742]  dump_stack_lvl+0x16c/0x1f0
[  189.795993][T12742]  should_fail_ex+0x512/0x640
[  189.796013][T12742]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  189.796036][T12742]  should_failslab+0xc2/0x120
[  189.796062][T12742]  __kmalloc_cache_noprof+0x6a/0x3e0
[  189.796081][T12742]  ? ww_mutex_lock_interruptible+0x37/0x160
[  189.796105][T12742]  ? vkms_atomic_crtc_duplicate_state+0x78/0x1d0
[  189.796141][T12742]  vkms_atomic_crtc_duplicate_state+0x78/0x1d0
[  189.796165][T12742]  drm_atomic_get_crtc_state+0x16e/0x450
[  189.796185][T12742]  drm_atomic_get_plane_state+0x436/0x590
[  189.796204][T12742]  drm_atomic_set_property+0xa29/0x34e0
[  189.796228][T12742]  ? __pfx_drm_atomic_set_property+0x10/0x10
[  189.796247][T12742]  ? __might_fault+0xe3/0x190
[  189.796271][T12742]  ? __might_fault+0xe3/0x190
[  189.796294][T12742]  ? __might_fault+0x13b/0x190
[  189.796347][T12742]  drm_mode_atomic_ioctl+0x66f/0x25f0
[  189.796377][T12742]  ? avc_has_extended_perms+0x47c/0x1090
[  189.796399][T12742]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  189.796418][T12742]  ? __lock_acquire+0xaa4/0x1ba0
[  189.796451][T12742]  ? drm_is_current_master+0x2c/0x40
[  189.796471][T12742]  ? do_raw_spin_unlock+0x172/0x230
[  189.796493][T12742]  drm_ioctl_kernel+0x1f1/0x3e0
[  189.796515][T12742]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  189.796536][T12742]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  189.796566][T12742]  drm_ioctl+0x5c9/0xc30
[  189.796593][T12742]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  189.796613][T12742]  ? __pfx_drm_ioctl+0x10/0x10
[  189.796647][T12742]  ? selinux_file_ioctl+0x180/0x270
[  189.796663][T12742]  ? selinux_file_ioctl+0xb4/0x270
[  189.796681][T12742]  ? __pfx_drm_ioctl+0x10/0x10
[  189.796705][T12742]  __x64_sys_ioctl+0x190/0x200
[  189.796725][T12742]  do_syscall_64+0xcd/0x260
[  189.796750][T12742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.796766][T12742] RIP: 0033:0x7f3d5698d169
[  189.796780][T12742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.796795][T12742] RSP: 002b:00007f3d5775f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  189.796811][T12742] RAX: ffffffffffffffda RBX: 00007f3d56ba6080 RCX: 00007f3d5698d169
[  189.796821][T12742] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 000000000000000e
[  189.796831][T12742] RBP: 00007f3d5775f090 R08: 0000000000000000 R09: 0000000000000000
[  189.796841][T12742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  189.796850][T12742] R13: 0000000000000000 R14: 00007f3d56ba6080 R15: 00007ffeec969f88
[  189.796874][T12742]  </TASK>
[  189.974672][   T57] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  190.093484][T12750] ubi: mtd0 is already attached to ubi31
[  190.099597][T12750] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=12750 comm=syz.0.2558
[  190.104347][T12750] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2558'.
[  190.126112][   T57] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.129664][   T57] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1160, setting to 1024
[  190.133641][   T57] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  190.138418][   T57] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  190.141678][   T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.155033][   T57] usb 8-1: config 0 descriptor??
[  190.157039][T12735] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  190.159619][T12756] netlink: 'syz.2.2560': attribute type 1 has an invalid length.
[  190.193183][T12756] 8021q: adding VLAN 0 to HW filter on device bond25
[  190.197559][T12756] bond24: (slave bond25): making interface the new active one
[  190.199873][T12756] bond24: (slave bond25): Enslaving as an active interface with an up link
[  190.205190][T12756] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2560'.
[  190.208808][T12756] 8021q: adding VLAN 0 to HW filter on device bond24
[  190.516527][T12780] FAULT_INJECTION: forcing a failure.
[  190.516527][T12780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.520382][T12780] CPU: 3 UID: 0 PID: 12780 Comm: syz.2.2569 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  190.520401][T12780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.520407][T12780] Call Trace:
[  190.520411][T12780]  <TASK>
[  190.520415][T12780]  dump_stack_lvl+0x16c/0x1f0
[  190.520433][T12780]  should_fail_ex+0x512/0x640
[  190.520449][T12780]  _copy_from_iter+0x2a4/0x15b0
[  190.520464][T12780]  ? anon_pipe_write+0x15d/0x1870
[  190.520479][T12780]  ? __pfx__copy_from_iter+0x10/0x10
[  190.520490][T12780]  ? __pfx___mutex_lock+0x10/0x10
[  190.520504][T12780]  ? __pfx_avc_has_perm+0x10/0x10
[  190.520522][T12780]  copy_page_from_iter+0xa5/0x120
[  190.520536][T12780]  anon_pipe_write+0xc03/0x1870
[  190.520555][T12780]  ? __pfx_anon_pipe_write+0x10/0x10
[  190.520569][T12780]  ? selinux_file_permission+0x11f/0x580
[  190.520581][T12780]  ? bpf_lsm_file_permission+0x9/0x10
[  190.520595][T12780]  ? security_file_permission+0x71/0x210
[  190.520605][T12780]  ? rw_verify_area+0xcf/0x680
[  190.520617][T12780]  ? __pfx_anon_pipe_write+0x10/0x10
[  190.520630][T12780]  io_write+0x6b8/0x1650
[  190.520640][T12780]  ? rcu_is_watching+0x12/0xc0
[  190.520655][T12780]  io_issue_sqe+0x171/0x1350
[  190.520668][T12780]  io_submit_sqes+0x921/0x25d0
[  190.520685][T12780]  __do_sys_io_uring_enter+0xd6a/0x1630
[  190.520697][T12780]  ? __fget_files+0x20e/0x3c0
[  190.520711][T12780]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  190.520723][T12780]  ? fput+0x70/0xf0
[  190.520731][T12780]  ? ksys_write+0x1b9/0x240
[  190.520743][T12780]  ? __pfx_ksys_write+0x10/0x10
[  190.520759][T12780]  do_syscall_64+0xcd/0x260
[  190.520775][T12780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.520785][T12780] RIP: 0033:0x7fee9fb8d169
[  190.520793][T12780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.520803][T12780] RSP: 002b:00007feea0a29038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  190.520812][T12780] RAX: ffffffffffffffda RBX: 00007fee9fda5fa0 RCX: 00007fee9fb8d169
[  190.520818][T12780] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000015
[  190.520824][T12780] RBP: 00007feea0a29090 R08: 0000000000000000 R09: 0000000000000000
[  190.520829][T12780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.520835][T12780] R13: 0000000000000000 R14: 00007fee9fda5fa0 R15: 00007ffe5e6f1028
[  190.520848][T12780]  </TASK>
[  190.563560][   T57] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  190.593329][   T57] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[  190.598447][   T57] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  190.605915][T12782] FAULT_INJECTION: forcing a failure.
[  190.605915][T12782] name failslab, interval 1, probability 0, space 0, times 0
[  190.605934][T12782] CPU: 3 UID: 0 PID: 12782 Comm: syz.2.2570 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  190.605946][T12782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.605953][T12782] Call Trace:
[  190.605956][T12782]  <TASK>
[  190.605960][T12782]  dump_stack_lvl+0x16c/0x1f0
[  190.605978][T12782]  should_fail_ex+0x512/0x640
[  190.605990][T12782]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  190.606005][T12782]  should_failslab+0xc2/0x120
[  190.606021][T12782]  __kmalloc_cache_noprof+0x6a/0x3e0
[  190.606034][T12782]  ? ww_mutex_lock+0x37/0x160
[  190.606049][T12782]  ? virtio_gpu_plane_duplicate_state+0x6c/0xc0
[  190.606062][T12782]  virtio_gpu_plane_duplicate_state+0x6c/0xc0
[  190.606073][T12782]  drm_atomic_get_plane_state+0x20b/0x590
[  190.606085][T12782]  drm_client_modeset_commit_atomic+0x237/0x7e0
[  190.606101][T12782]  ? trace_contention_end+0xdd/0x130
[  190.606111][T12782]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  190.606121][T12782]  ? __mutex_lock+0x1ca/0xb90
[  190.606134][T12782]  ? __mutex_lock+0x1ca/0xb90
[  190.606156][T12782]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  190.606175][T12782]  drm_client_modeset_commit_locked+0x14d/0x580
[  190.606188][T12782]  drm_fb_helper_pan_display+0x32d/0xa40
[  190.606203][T12782]  ? clear_pending_if_disabled+0xa8/0x210
[  190.606221][T12782]  fb_pan_display+0x479/0x7d0
[  190.606230][T12782]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  190.606246][T12782]  bit_update_start+0x49/0x1f0
[  190.606258][T12782]  fbcon_switch+0xbf5/0x14c0
[  190.606272][T12782]  ? __pfx_fbcon_switch+0x10/0x10
[  190.606289][T12782]  ? __pfx_bit_cursor+0x10/0x10
[  190.606299][T12782]  ? fbcon_cursor+0x409/0x5f0
[  190.606312][T12782]  csi_J+0x863/0xad0
[  190.606331][T12782]  do_con_write+0x3b96/0x7c90
[  190.606342][T12782]  ? rcu_is_watching+0x12/0xc0
[  190.606362][T12782]  ? __pfx_do_con_write+0x10/0x10
[  190.606373][T12782]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  190.606395][T12782]  ? con_write+0x93/0xb0
[  190.606407][T12782]  con_write+0x23/0xb0
[  190.606417][T12782]  n_tty_write+0x41f/0x1150
[  190.606436][T12782]  ? __pfx_n_tty_write+0x10/0x10
[  190.606447][T12782]  ? rcu_is_watching+0x12/0xc0
[  190.606460][T12782]  ? __pfx_woken_wake_function+0x10/0x10
[  190.606473][T12782]  ? kfree+0x252/0x4d0
[  190.606483][T12782]  ? file_tty_write.constprop.0+0x6f1/0x9b0
[  190.606495][T12782]  ? __pfx_n_tty_write+0x10/0x10
[  190.606508][T12782]  file_tty_write.constprop.0+0x503/0x9b0
[  190.606522][T12782]  vfs_write+0x5ba/0x1180
[  190.606535][T12782]  ? __pfx_tty_write+0x10/0x10
[  190.606546][T12782]  ? __pfx_vfs_write+0x10/0x10
[  190.606556][T12782]  ? find_held_lock+0x2b/0x80
[  190.606579][T12782]  ksys_write+0x12a/0x240
[  190.606591][T12782]  ? __pfx_ksys_write+0x10/0x10
[  190.606602][T12782]  ? rcu_is_watching+0x12/0xc0
[  190.606619][T12782]  do_syscall_64+0xcd/0x260
[  190.606635][T12782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.606644][T12782] RIP: 0033:0x7fee9fb8d169
[  190.606654][T12782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.606663][T12782] RSP: 002b:00007feea0a29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  190.606672][T12782] RAX: ffffffffffffffda RBX: 00007fee9fda5fa0 RCX: 00007fee9fb8d169
[  190.606679][T12782] RDX: 0000000000001006 RSI: 0000200000001040 RDI: 0000000000000003
[  190.606684][T12782] RBP: 00007feea0a29090 R08: 0000000000000000 R09: 0000000000000000
[  190.606690][T12782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.606696][T12782] R13: 0000000000000000 R14: 00007fee9fda5fa0 R15: 00007ffe5e6f1028
[  190.606709][T12782]  </TASK>
[  190.660415][T12789] netlink: 'syz.1.2572': attribute type 1 has an invalid length.
[  190.743296][T12790] bond33 (unregistering): Released all slaves
[  190.763866][T12789] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2572'.
[  190.768780][T12789] 8021q: adding VLAN 0 to HW filter on device bond33
[  191.226545][T12804] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.231715][T12804] batadv_slave_1: entered promiscuous mode
[  191.241078][T12804] CUSE: info not properly terminated
[  191.528357][   T40] audit: type=1326 audit(1743402067.822:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  191.641934][T12823] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2582'.
[  191.933913][   T40] audit: type=1400 audit(1743402068.222:580): avc:  denied  { ioctl } for  pid=12832 comm="syz.2.2587" path="socket:[56228]" dev="sockfs" ino=56228 ioctlcmd=0x9413 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  192.162031][T12839] tc_dump_action: action bad kind
[  192.198837][   T40] audit: type=1326 audit(1743402068.492:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  192.207648][   T40] audit: type=1326 audit(1743402068.492:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  192.216777][   T40] audit: type=1326 audit(1743402068.492:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  192.225940][   T40] audit: type=1326 audit(1743402068.492:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  192.236256][   T40] audit: type=1326 audit(1743402068.492:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  192.242610][   T40] audit: type=1326 audit(1743402068.492:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  192.250322][   T40] audit: type=1326 audit(1743402068.492:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  192.256823][   T40] audit: type=1326 audit(1743402068.492:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  192.263110][   T40] audit: type=1326 audit(1743402068.492:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.1.2581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5698d169 code=0x7fc00000
[  192.316349][T12849] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2595'.
[  192.435998][   T58] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  192.448624][T12861] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2599'.
[  192.489696][T12866] netlink: 750 bytes leftover after parsing attributes in process `syz.3.2600'.
[  192.495524][T12866] netlink: 'syz.3.2600': attribute type 7 has an invalid length.
[  192.498448][T12866] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2600'.
[  192.594658][   T58] usb 5-1: Using ep0 maxpacket: 16
[  192.597991][   T58] usb 5-1: config 0 has no interfaces?
[  192.601272][   T58] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  192.604112][   T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.607748][   T58] usb 5-1: Product: syz
[  192.609168][   T58] usb 5-1: Manufacturer: syz
[  192.610481][   T58] usb 5-1: SerialNumber: syz
[  192.612962][   T58] usb 5-1: config 0 descriptor??
[  192.657302][ T6116] usb 8-1: USB disconnect, device number 12
[  192.834519][T12330] ==================================================================
[  192.836682][   T58] usb 5-1: USB disconnect, device number 16
[  192.837275][T12330] BUG: KASAN: slab-use-after-free in drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  192.842879][T12330] Read of size 1 at addr ffff888050f77409 by task kworker/u32:22/12330
[  192.846863][T12330] 
[  192.847814][T12330] CPU: 0 UID: 0 PID: 12330 Comm: kworker/u32:22 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  192.847829][T12330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  192.847837][T12330] Workqueue: events_unbound commit_work
[  192.847854][T12330] Call Trace:
[  192.847858][T12330]  <TASK>
[  192.847862][T12330]  dump_stack_lvl+0x116/0x1f0
[  192.847886][T12330]  print_report+0xc3/0x670
[  192.847901][T12330]  ? __virt_addr_valid+0x5e/0x590
[  192.847916][T12330]  ? __phys_addr+0xc6/0x150
[  192.847930][T12330]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  192.847944][T12330]  kasan_report+0xe0/0x110
[  192.847959][T12330]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  192.847975][T12330]  drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  192.847991][T12330]  ? preempt_schedule_thunk+0x16/0x30
[  192.848002][T12330]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  192.848018][T12330]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  192.848031][T12330]  ? drm_atomic_helper_commit_hw_done+0x330/0x490
[  192.848047][T12330]  drm_atomic_helper_commit_tail+0xcb/0xf0
[  192.848061][T12330]  commit_tail+0x35b/0x400
[  192.848076][T12330]  process_one_work+0x9cc/0x1b70
[  192.848094][T12330]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  192.848106][T12330]  ? __pfx_process_one_work+0x10/0x10
[  192.848119][T12330]  ? assign_work+0x1a0/0x250
[  192.848130][T12330]  worker_thread+0x6c8/0xf10
[  192.848144][T12330]  ? __pfx_worker_thread+0x10/0x10
[  192.848155][T12330]  kthread+0x3c2/0x780
[  192.848165][T12330]  ? __pfx_kthread+0x10/0x10
[  192.848175][T12330]  ? __pfx_kthread+0x10/0x10
[  192.848184][T12330]  ? __pfx_kthread+0x10/0x10
[  192.848194][T12330]  ? __pfx_kthread+0x10/0x10
[  192.848203][T12330]  ? rcu_is_watching+0x12/0xc0
[  192.848216][T12330]  ? __pfx_kthread+0x10/0x10
[  192.848226][T12330]  ret_from_fork+0x45/0x80
[  192.848236][T12330]  ? __pfx_kthread+0x10/0x10
[  192.848246][T12330]  ret_from_fork_asm+0x1a/0x30
[  192.848263][T12330]  </TASK>
[  192.848267][T12330] 
[  192.904889][T12330] Allocated by task 12841:
[  192.906117][T12330]  kasan_save_stack+0x33/0x60
[  192.907424][T12330]  kasan_save_track+0x14/0x30
[  192.908767][T12330]  __kasan_kmalloc+0xaa/0xb0
[  192.910048][T12330]  drm_atomic_helper_crtc_duplicate_state+0x70/0xd0
[  192.911911][T12330]  drm_atomic_get_crtc_state+0x16e/0x450
[  192.913479][T12330]  drm_atomic_get_plane_state+0x436/0x590
[  192.915036][T12330]  drm_atomic_set_property+0xa29/0x34e0
[  192.916566][T12330]  drm_mode_atomic_ioctl+0x66f/0x25f0
[  192.918058][T12330]  drm_ioctl_kernel+0x1f1/0x3e0
[  192.919404][T12330]  drm_ioctl+0x5c9/0xc30
[  192.920593][T12330]  __x64_sys_ioctl+0x190/0x200
[  192.922048][T12330]  do_syscall_64+0xcd/0x260
[  192.923304][T12330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.924916][T12330] 
[  192.925594][T12330] Freed by task 12840:
[  192.926779][T12330]  kasan_save_stack+0x33/0x60
[  192.928588][T12330]  kasan_save_track+0x14/0x30
[  192.930214][T12330]  kasan_save_free_info+0x3b/0x60
[  192.931643][T12330]  __kasan_slab_free+0x51/0x70
[  192.933354][T12330]  kfree+0x2b6/0x4d0
[  192.934819][T12330]  drm_atomic_state_default_clear+0x455/0xe40
[  192.937023][T12330]  __drm_atomic_state_free+0x185/0x2b0
[  192.938682][T12330]  drm_client_modeset_commit_atomic+0x6b2/0x7e0
[  192.940645][T12330]  drm_client_modeset_commit_locked+0x14d/0x580
[  192.942929][T12330]  drm_client_modeset_commit+0x4f/0x80
[  192.944804][T12330]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  192.947412][T12330]  drm_fbdev_client_restore+0x2c/0x40
[  192.949288][T12330]  drm_client_dev_restore+0x1f3/0x2a0
[  192.950754][T12330]  drm_release+0x2c4/0x360
[  192.952390][T12330]  __fput+0x3ff/0xb70
[  192.953962][T12330]  task_work_run+0x14d/0x240
[  192.955304][T12330]  syscall_exit_to_user_mode+0x27b/0x2a0
[  192.956869][T12330]  do_syscall_64+0xda/0x260
[  192.958022][T12330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.959528][T12330] 
[  192.960152][T12330] The buggy address belongs to the object at ffff888050f77400
[  192.960152][T12330]  which belongs to the cache kmalloc-512 of size 512
[  192.964620][T12330] The buggy address is located 9 bytes inside of
[  192.964620][T12330]  freed 512-byte region [ffff888050f77400, ffff888050f77600)
[  192.968372][T12330] 
[  192.969005][T12330] The buggy address belongs to the physical page:
[  192.970753][T12330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x50f74
[  192.973806][T12330] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  192.976850][T12330] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  192.979167][T12330] page_type: f5(slab)
[  192.980271][T12330] raw: 00fff00000000040 ffff88801b442c80 ffffea0001110c00 dead000000000002
[  192.982714][T12330] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  192.985052][T12330] head: 00fff00000000040 ffff88801b442c80 ffffea0001110c00 dead000000000002
[  192.987417][T12330] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  192.989793][T12330] head: 00fff00000000002 ffffea000143dd01 ffffffffffffffff 0000000000000000
[  192.992557][T12330] head: ffff888000000004 0000000000000000 00000000ffffffff 0000000000000000
[  192.995769][T12330] page dumped because: kasan: bad access detected
[  192.998208][T12330] page_owner tracks the page as allocated
[  193.000380][T12330] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 11133, tgid 11131 (syz.3.1956), ts 158160346312, free_ts 152625470173
[  193.008223][T12330]  post_alloc_hook+0x181/0x1b0
[  193.010088][T12330]  get_page_from_freelist+0x10fc/0x35c0
[  193.012181][T12330]  __alloc_frozen_pages_noprof+0x223/0x2370
[  193.014445][T12330]  alloc_pages_mpol+0x1fb/0x550
[  193.016305][T12330]  new_slab+0x23c/0x330
[  193.017903][T12330]  ___slab_alloc+0xd9c/0x1940
[  193.019715][T12330]  __slab_alloc.constprop.0+0x56/0xb0
[  193.021806][T12330]  __kmalloc_cache_noprof+0xfb/0x3e0
[  193.023832][T12330]  rxrpc_alloc_peer+0xa7/0x400
[  193.025702][T12330]  rxrpc_service_prealloc_one+0xb3d/0xee0
[  193.027866][T12330]  rxrpc_kernel_charge_accept+0xd7/0x120
[  193.030012][T12330]  afs_charge_preallocation+0xce/0x330
[  193.032049][T12330]  afs_open_socket+0x2b2/0x380
[  193.033865][T12330]  afs_net_init+0x746/0x9f0
[  193.035582][T12330]  ops_init+0x1df/0x5f0
[  193.037197][T12330]  setup_net+0x21e/0x850
[  193.038510][T12330] page last free pid 15 tgid 15 stack trace:
[  193.040177][T12330]  __free_frozen_pages+0x69d/0xf90
[  193.041645][T12330]  tlb_remove_table_rcu+0x116/0x1a0
[  193.043498][T12330]  rcu_core+0x799/0x14e0
[  193.044870][T12330]  handle_softirqs+0x216/0x8e0
[  193.046154][T12330]  run_ksoftirqd+0x3a/0x60
[  193.047417][T12330]  smpboot_thread_fn+0x3f4/0xae0
[  193.048811][T12330]  kthread+0x3c2/0x780
[  193.049956][T12330]  ret_from_fork+0x45/0x80
[  193.051269][T12330]  ret_from_fork_asm+0x1a/0x30
[  193.053040][T12330] 
[  193.053940][T12330] Memory state around the buggy address:
[  193.055567][T12330]  ffff888050f77300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  193.057752][T12330]  ffff888050f77380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  193.059947][T12330] >ffff888050f77400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  193.062646][T12330]                       ^
[  193.064263][T12330]  ffff888050f77480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  193.066651][T12330]  ffff888050f77500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  193.068803][T12330] ==================================================================
[  193.073352][T12330] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  193.076266][T12330] CPU: 0 UID: 0 PID: 12330 Comm: kworker/u32:22 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) 
[  193.080962][T12330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.085133][T12330] Workqueue: events_unbound commit_work
[  193.087051][T12330] Call Trace:
[  193.088059][T12330]  <TASK>
[  193.088960][T12330]  dump_stack_lvl+0x3d/0x1f0
[  193.090362][T12330]  panic+0x71c/0x800
[  193.091628][T12330]  ? __pfx_panic+0x10/0x10
[  193.093060][T12330]  ? irqentry_exit+0x3b/0x90
[  193.094360][T12330]  ? lockdep_hardirqs_on+0x7c/0x110
[  193.095789][T12330]  ? preempt_schedule_thunk+0x16/0x30
[  193.097272][T12330]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  193.099271][T12330]  ? preempt_schedule_common+0x44/0xc0
[  193.100813][T12330]  ? check_panic_on_warn+0x1f/0xb0
[  193.102211][T12330]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  193.104190][T12330]  check_panic_on_warn+0xab/0xb0
[  193.105583][T12330]  end_report+0x107/0x170
[  193.106790][T12330]  kasan_report+0xee/0x110
[  193.108030][T12330]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  193.110009][T12330]  drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  193.111917][T12330]  ? preempt_schedule_thunk+0x16/0x30
[  193.113369][T12330]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  193.115432][T12330]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  193.117049][T12330]  ? drm_atomic_helper_commit_hw_done+0x330/0x490
[  193.118802][T12330]  drm_atomic_helper_commit_tail+0xcb/0xf0
[  193.120539][T12330]  commit_tail+0x35b/0x400
[  193.121794][T12330]  process_one_work+0x9cc/0x1b70
[  193.123173][T12330]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  193.124886][T12330]  ? __pfx_process_one_work+0x10/0x10
[  193.126378][T12330]  ? assign_work+0x1a0/0x250
[  193.127662][T12330]  worker_thread+0x6c8/0xf10
[  193.128989][T12330]  ? __pfx_worker_thread+0x10/0x10
[  193.130461][T12330]  kthread+0x3c2/0x780
[  193.131600][T12330]  ? __pfx_kthread+0x10/0x10
[  193.132871][T12330]  ? __pfx_kthread+0x10/0x10
[  193.134129][T12330]  ? __pfx_kthread+0x10/0x10
[  193.135412][T12330]  ? __pfx_kthread+0x10/0x10
[  193.136698][T12330]  ? rcu_is_watching+0x12/0xc0
[  193.138020][T12330]  ? __pfx_kthread+0x10/0x10
[  193.139323][T12330]  ret_from_fork+0x45/0x80
[  193.140583][T12330]  ? __pfx_kthread+0x10/0x10
[  193.141855][T12330]  ret_from_fork_asm+0x1a/0x30
[  193.143189][T12330]  </TASK>
[  193.145951][T12330] Kernel Offset: disabled
[  193.147157][T12330] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:21:09  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854b8065 RDI=ffffffff9ae04360 RBP=ffffffff9ae04320 RSP=ffffc90006bef508
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000064616552
R12=0000000000000000 R13=0000000000000037 R14=ffffffff9ae04320 R15=ffffffff854b8000
RIP=ffffffff854b808f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69d4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00002000000000c0 CR3=000000002b5e4000 CR4=00352ef0
DR0=0100000100000000 DR1=0000000000000006 DR2=0000000000000005 DR3=0000000000000011 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff816b62aa ffffffff816b62f7
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff816b62f7 ffffffff816b62aa
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff816b62aa
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee9fc0f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee9fc0f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee9fc0f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee9fc0f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee9fc0f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee9fc0f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000100050000000a 000500050000007f 001500058007000c 00000000319b7973
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000070693a 6873616800030011 0000000600040008 000c00130014000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007f00150005 8007000c00000000 319b797300020009 0000000000040005
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000080000 RBX=00002000003bf000 RCX=ffffc900074f2000 RDX=0000000000080000
RSI=ffffffff820c2a32 RDI=0000000000000007 RBP=000000005008e067 RSP=ffffc90003606b20
R8 =0000000000000007 R9 =0000000000000000 R10=000000005008e007 R11=0000000000000000
R12=000000005008e007 R13=ffff888025914008 R14=ffffc90003606db0 R15=00002000003bf000
RIP=ffffffff81bb31fa RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007fd34104f6c0 ffffffff 00c01300
GS =0000 ffff8880d6ad4000 ffffffff 00c01300
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2ef03ff8 CR3=00000000567dc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000c 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004000040 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeec96a310 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d56a0f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d56a0f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d56a0f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d56a0f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d56a0f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d56a0f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000001ccfa9 RBX=0000000000000002 RCX=ffffffff8b6e82d9 RDX=0000000000000000
RSI=ffffffff8dbe4889 RDI=ffffffff8bf42120 RBP=ffffed1003ad2910 RSP=ffffc90000187e00
R8 =0000000000000001 R9 =ffffed100d4c65bd R10=ffff88806a632deb R11=0000000000000000
R12=0000000000000002 R13=ffff88801d694880 R14=ffffffff90859d10 R15=0000000000000000
RIP=ffffffff8b6e96cf RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6bd4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3353c2 CR3=0000000048860000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004000040 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda9760ba0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd34020f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd34020f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd34020f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd34020f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd34020f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd34020f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88806a73afc0 RCX=ffffffff81af33ae RDX=ffff88801d68c880
RSI=ffffffff81af3388 RDI=0000000000000005 RBP=ffffc90000157d10 RSP=ffffc90000157c40
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1c793ee
R12=1ffff9200002af8c R13=0000000000000001 R14=0000000000000001 R15=ffffed100d4e75f9
RIP=ffffffff81af3394 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6cd4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00002000008e5000 CR3=000000004b756000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee8924ab0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac4380f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac4380f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac4380f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac4380f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac4380f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac4380f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a8
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a8
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000