last executing test programs:

6.721571201s ago: executing program 3 (id=415):
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000001100)="48b84e000000000000000f23c00f21f83503000e000f23f866b808018ee82e656564f20f38f1a4759a000000260ffa0cb7400f0f4b00aa0f090fc73eb9bb0a00000f32420f09f3400fc773c3", 0x4c}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000dc0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000240)='rcu_utilization\x00'}, 0x10)
stat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(authenc(rmd160-generic,cbc-camellia-aesni-avx2),sha1-avx)\x00'}, 0x58)

6.311608112s ago: executing program 3 (id=417):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000004a00010000000000000000000a000000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
writev(r5, 0x0, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000110000104000000000000000000000200", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010065727370616e00000c0002800600020030000000"], 0x3c}}, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000440))
close_range(r7, r0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002540)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)='v', 0x1}], 0x1}}], 0x1, 0x400c404)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r10, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv6=@loopback, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x468)

5.339983597s ago: executing program 3 (id=421):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000380)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000180)='`', 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
shutdown(r3, 0x0)
r4 = dup3(r3, r2, 0x0)
recvmmsg(r4, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0xf00, 0x0, 0x0) (fail_nth: 16)

4.307332597s ago: executing program 3 (id=423):
timer_settime(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$setperm(0x5, 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$UI_SET_LEDBIT(0xffffffffffffffff, 0x40045569, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x11)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x12)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'})
ioctl$UI_DEV_CREATE(r1, 0x5501)
ioctl$UI_DEV_DESTROY(r1, 0x5502)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x8802, 0x0)
add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0xfffc, 0x0, @remote, 0xffbffffc}, 0x1c)
ioctl$UI_SET_PROPBIT(r1, 0x4004556e, 0x13)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000240)='.\x00', 0x145d00, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc1}})
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x4080)
syz_emit_ethernet(0x1ee, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60922ff501b8210000000000000000000000ffff7f000001fe8000000000000000000000000000aa670804040d480600fc020000000000000000000000000001fc020000000000000000000000000001ff010000000000000000000000000001fc0100000000000000000000000000001120000000000000071800000000000000000000000000000004011000e39a406896431cf8cebb1379b1cfca3ce3334fb0cd81c12766ff8351be2d961c40ce922dd8423e2de93ba96a5c90f772216e5e60c7d2a67cbcbc1d3b195d538eb920fc058775cc06baf8a87b4736fa0cf5161d47d4416aa6a1099c3aa4a927c4d93bcf1f4a781cbde0ee829f1276818415e192376437a6d4854c3c3ad346c7df7dfea9cd0463aa441a1b9cd514fedb8172d54cbf1353cf5f63fe58465c2d0e165df05ada44174919aaffc29df43606f9d49bcc571525c7aecc77ad523da96156400a63d03f15e4254c95ecb66cda9310041006d9d10e6b8a38bbdcac75348fe624c73bd800000000000000000000000000000401000000000000000000000401907800114f84008e269cc52104e4fbd8be11e86055d5cec119bfa161827fb675e43744d104b96e26ecb84a318c4c1d7b4f70305e74abd64694eddc8e552b811b2a1c63e32b811f4e8296000000000000000000"], 0x0)

4.099717899s ago: executing program 0 (id=425):
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000001100)="48b84e000000000000000f23c00f21f83503000e000f23f866b808018ee82e656564f20f38f1a4759a000000260ffa0cb7400f0f4b00aa0f090fc73eb9bb0a00000f32420f09f3400fc773c3", 0x4c}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000dc0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000240)='rcu_utilization\x00'}, 0x10)
stat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(authenc(rmd160-generic,cbc-camellia-aesni-avx2),sha1-avx)\x00'}, 0x58)

4.030909729s ago: executing program 2 (id=426):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000000)={r2, @in={{0x2, 0x0, @empty}}}, 0x90)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff0ff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b70000000000000095000010000000004e62011c3034fdb117168bd07ba08af339d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945ff15d802f5132143c0a9fc7a84452569957c1002ed7d458e17f791f4798c8eb484de03312c69b3edff5be26765ba5f8f2879021c2ea53ac547a654bbd2db5356b971d83dd12742be9087a3e7b7c0efd3e38c794eb06b0b8c392904ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057826ef4e912f01a201e694e3049b8c8fe8b65d8d66bb766f7f3f918c86a702522368d9f81897133af94a5a4cff7f4d8b9d8eaf302f0b2e0c252b0000000000000000ee917bca4885bbf597a14ab6458e6272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36be115be3b325ecd201d2ffb0a7fa4f5d1106560cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b861299fcd9ed9d8679406419406bf0c5329bd5b4697336112b0b8756ce3574046bf611a108f8df4d1a88597840b702b6fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f7faf39a43a66c5540b8762b42007c9ec43193ccf617dbf8a12b4a189edbf9fb7c42b1f435ccd4b19b53b60322af0aa66e8f448e1bd96822e6b70b62912c926dbe417cccd4f696d528fa8a3ea847f10e9b1106f3bb506f1d7fbdf801000000000000006c028eb5b5a073d0de5538ab42e171b3baae34c35987b0dda497ac3f5e97e60eaeea15c6d55badf9b86b1c000100006e60cd06c9ed24313ce607d403bb6030f800000000690db0221b1705c501f802ff59b4e683efa4b6e77e042072ec9eb8166f6e28b49a7705a1befc4d315878f88a8fb1dd679fb4c5557abae6849917dc51a89d47b728502f7e621fc0e3ba04020000c149ee6601728c750930519339b44197c22da865059b475afd96187d881e93b42a5fdfd686d8900c44c67133eeb0109dcb60dddad58037fda65885a15a42560ee3027a5ebf95254744f10fd607bc3100b94932b8d9447c42f6e21ee0e54f8be386bdc09decece910a481e648e0cb074536a25ff581d92af08a06f857311a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6ae00f0000000000006a8194479700a02b92bec8d05eae1f24fdd7b80d3dde04c22f689594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4acd7acf1dfe79d6771903b76e2ae47d972651390c22d641030e1ddac018dc3116e1803af10a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f00000000000000001000ba96edb95ede0e1957c2a2754258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548941d5d16297757310d9daebd5a3dabbced3b051129cd60a37d397643324e6f0aadf978d639650000000000000000570b0acbcaa196e6b46e213a34c1a550e7c2d8cee7a278cee591f360e345d37dc9f8991a16c08d72317e42d2ac9126acd76130ef1086016697e4d51c4b42b2efc8edab88d46bc3d5d6e5a634c912bc40513643bf44cb416b3149040220aa39035ae46d16d879fc815a5cb84b0d5c8ad970128adf8dec1171e860ca54ce5d6a5aa0327bca4f49a710bf8a8399071237fe5d764e2034873c94a4f21287f3bce3eeb69e94df2e14e4ab10cc7834b304bc879b80255991dd7aac2e92c9e7c411c019d229c1f1e563152f1c5ae9cda3e808000000a0c779d624c5a2b7491b8f73e767389ecd1dee951353bb22b7caf89468871520823715cfebd04189c6c6b34bd8a6541f6bc0630000000000f94e85f5111add3a3cb5bcace95f38465402c39df835754ef33056b0e1134187822c001a25304f3e00b44675d0a25a21dc4023c642cc6f5a75c45a29ab933600acf9a2d471b73a73178cdf309e5d53311996215b44295dfddc1dd6b81132e999366e460d15d366e84da02b8afc40c47e733f804460ed8300ec34eab2ed80097bd32ff1a6143ab1476037e474ca876187c85bed4391215cd77e6a1fd6399a498b96b9b0cca93255acb08c67e50004c5af6fd5b4ce7c1ebc9202bd7b329a4d2530486d5999dd7f90ebecca37f2869135438f0540801fd7481daf9ec94b799c12e714d573e2a6331f496254f254a60c52b2026ed6a72c82cd191490fabe7b151f92e5d700f21830d613fbe490f305b3845a78817e59bf7ed36471dbca01d39e50ae2535460e1d2f2614940647233a02d5000000000000000000f70e52f0d56f6a4dcf7e57c03d4b4add0500000000000000320304d0d2b308c5ed3956eae263035d703f862224e9818a3d7ac270793a7bf2af87585293960a80ac63c54e55063bf8d24639e561253ef0caf6c58118120d8acecc0528f0d81d291009fc46401baf9c22d1c452a5b61b7a1b9adfcc17f5ad99dcdf935923185db7b14a7fa7babc1f53df70618bb73aa810b756696f26653b84cf842ae433fda59fbe312be11bb7dfecdc38c1c1f688d2724568cc396fca7c74984b7f7bd000000000000003ff3e5857fc6598c933610be374909dc8622b0722259e922f40d7862f7ea72f1754f07711de7600000000000000000000000000c4cb643e73ad8a45f0c7164484540e66e29943aa72297d831ce6c978866a55ed53130c6747f569c9c9abe724b4fc647b17401d2201e8c201e7d6ffa1fa122677f7393ed4fe8a93306f048b6703b04544e42a9cd937ef8d98ee8d878a12a627791c5c2d9fc6de65356be92fd98fdbe819686c7bd3be5bd0ce627c8357675f752c73a502d25c31c831078f098c34295bfe90e882843003841f4c0c65dc1810a50000000000000015911cb03e743c482199757d35df5b59fe0a0c5240c85498d818578e2d65c4ff4acbee037498222b1f81f3726a244da1fd6b8c195f1303bedb744045f31e1547d7bc3c3eae68b8da059a59c8c37e3639c2c4eb3d8229ac24d2ce12bc0e5db4a8202d72e64d5c5eacd0d0c0cd7a879ed967f5a2bd39ae4cf7daf7c9fa1777d54fb5920c8434163f75062c62455bf6e23817a85d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x90)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r4, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x46, 0x0, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140))
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="31030000000000000000080000000b000900aaaaaaaaaabb0000a9ac455f720b02bd3752f61a"], 0x20}, 0x1, 0x0, 0x0, 0x20044890}, 0x0)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="00000000000080"], 0x7)
r7 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x2, 0x0, &(0x7f0000000100)=ANY=[]}, 0x78)
write$binfmt_aout(r8, &(0x7f00000010c0)=ANY=[], 0x1a3)
write$binfmt_misc(r8, &(0x7f0000000040)=ANY=[], 0xe09)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f00000002c0)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

3.65761982s ago: executing program 0 (id=427):
socketpair(0x1e, 0x5, 0x0, &(0x7f0000000040))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xb, &(0x7f0000000280)=ANY=[@ANYRESDEC=r1, @ANYRES8=r1], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r2}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
select(0x40, &(0x7f0000000000), &(0x7f0000000240)={0xcc}, 0x0, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x2000000000000001, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES16=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket(0x200000100000011, 0xa, 0x0)
pselect6(0x40, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x100000000000000}, 0x0, &(0x7f00000002c0)={0x3fc}, 0x0, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
preadv(r6, &(0x7f0000002340)=[{&(0x7f00000041c0)=""/178, 0xb2}], 0x1, 0x3, 0x0)
socket$kcm(0x2, 0xa, 0x2)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioperm(0x0, 0x40, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x0, 0x0, 0x0, 0x9}, 0x48)
r7 = socket$inet(0x2, 0x3, 0x2)
r8 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0)
setsockopt$inet_mreqsrc(r7, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local, @loopback}, 0xc)

3.281792347s ago: executing program 2 (id=428):
openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r0 = socket(0x2, 0x80805, 0x26c00000)
getsockopt$bt_hci(r0, 0x84, 0x1, &(0x7f0000001180)=""/4102, &(0x7f00000003c0)=0x1006)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000380)={0x1ff, 0x2, 0x2000, 0x2000, &(0x7f0000feb000/0x2000)=nil})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x9, &(0x7f0000000400)=@raw=[@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @exit], &(0x7f0000000480)='syzkaller\x00', 0x2, 0xe5, &(0x7f0000000000)=""/229, 0x0, 0x11}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x84000)
r5 = fcntl$dupfd(r4, 0x0, r4)
write$sndseq(r5, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@tick=0x3}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x80, 0x0, @tick=0x692, {}, {}, @queue={0x8, {0x81, 0x1d2a}}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time={0x8, 0x10}, {}, {0xff}, @quote}, {0x0, 0x0, 0x0, 0xfe, @time, {}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}], 0xa8)
read$snapshot(r5, 0x0, 0xffffffbf)
ioctl$CAPI_NCCI_OPENCOUNT(0xffffffffffffffff, 0x80044326, &(0x7f0000000000))
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffffffffffe, 0x0, 0x3, 0x0)
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x800452d2, &(0x7f0000000100))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e3502020001ffffffff685f1158e2fafc0e1f00020000000c00009c"], 0x38)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
creat(0x0, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280), 0x17)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={r8, <r9=>0xffffffffffffffff}, 0x4)
r10 = socket(0x400000000010, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f00000005c0)=ANY=[@ANYRES16=r10, @ANYRESDEC=r9, @ANYBLOB="8a4d8324c9df5ba89cd84eaf3a103af9192710886940c3106cb7288f82a43ecb27600973eb240251f2b8ac393f329dab323f21747e4e25b16c1566bbe4228d8b3de2eee5cdd29c401bcde555b0c0ef3cfb1e099a835a5d03d9fecc101f8aa290b90119c6601870a2afcb99ae95e44e9b7301398668e24638d90de879250d8491e829b07ce575b335c8478149477a401ac15be46785b445054cf595c69869f7702ba308f5c8bbdaaf81f45a9d8669d24457775a78611acbc6c12fa44edde8958930479ee0e7af61a2242a4166b4f44537b2bb544a31112098235e95972595a6c4cc99ec81ed5303334f6c959daa5bc63cc35aba9db7"], &(0x7f0000000d40)='syzkaller\x00'}, 0x90)

3.08872768s ago: executing program 1 (id=430):
socket(0x0, 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000300)={@link_local, @empty, @void, {@ipv4={0x800, @icmp={{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast, {[@timestamp_addr={0x44, 0xc, 0x9c, 0x1, 0x3, [{@broadcast, 0x5}]}]}}, @timestamp_reply={0x11, 0xe0, 0x0, 0x0, 0x0, 0x20000000}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prctl$PR_GET_CHILD_SUBREAPER(0xe)
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x0, 0x0, '\x00', @string=&(0x7f0000000080)}})
socketpair$unix(0x1, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
socket$inet6_sctp(0xa, 0x0, 0x84)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f00000001c0)=[{0x0, 0xfe}, {0x0, 0x2, 0x0, 0x1ff}, {0x8, 0x0, 0x20}]})
socket$inet_udplite(0x2, 0x2, 0x88)

2.727570099s ago: executing program 1 (id=431):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000077c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
fsync(r3)
fspick(r3, &(0x7f0000000300)='./file0\x00', 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000001c0)={0x9}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000040)={0x0, 0x3}, 0x8)

2.565493844s ago: executing program 1 (id=432):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
get_robust_list(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
readv(r2, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/15, 0x3}, {&(0x7f0000000180)=""/172, 0x2000022c}], 0x2)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r3, r5}, 0x40)
syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x6, 0x4, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r7, 0x2000000, 0xe, 0x0, &(0x7f0000000280)="0c78bca32c37898d78318e236899", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.536415542s ago: executing program 0 (id=433):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa1000000000000070100"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0x9, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r5}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000080), &(0x7f0000000040)='%pI4   \x00'}, 0x20)

2.460341217s ago: executing program 2 (id=434):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000077c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
fsync(r3)
fspick(r3, &(0x7f0000000300)='./file0\x00', 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000001c0)={0x9}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000040)={0x0, 0x3}, 0x8)

2.34131342s ago: executing program 2 (id=435):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000600)=[{&(0x7f0000000640)='<', 0x1}], 0x1)
recvmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000003780)=[{0x0}], 0x1}}], 0x1, 0x40000121, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040))
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xc, &(0x7f0000000140)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r3}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x14}}]}, &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000580)="ddb9547ed38704e9abaf9b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x1)

1.43582953s ago: executing program 1 (id=436):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000600)=[{&(0x7f0000000640)='<', 0x1}], 0x1)
recvmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000003780)=[{0x0}], 0x1}}], 0x1, 0x40000121, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040))
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xc, &(0x7f0000000140)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r3}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x14}}]}, &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000580)="ddb9547ed38704e9abaf9b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x1)

1.43514269s ago: executing program 2 (id=437):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000004a00010000000000000000000a000000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
writev(r5, 0x0, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000110000104000000000000000000000200", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010065727370616e00000c0002800600020030000000"], 0x3c}}, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r8, 0x40605346, &(0x7f0000000440))
close_range(r7, 0xffffffffffffffff, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002540)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)='v', 0x1}], 0x1}}], 0x1, 0x400c404)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r10, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv6=@loopback, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x468)

1.204333931s ago: executing program 0 (id=438):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000004a00010000000000000000000a000000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
writev(r5, 0x0, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000110000104000000000000000000000200", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010065727370616e00000c0002800600020030000000"], 0x3c}}, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r8, 0x40605346, &(0x7f0000000440))
close_range(0xffffffffffffffff, r0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002540)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)='v', 0x1}], 0x1}}], 0x1, 0x400c404)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r10, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv6=@loopback, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x468)

555.594507ms ago: executing program 1 (id=439):
r0 = socket(0x10, 0x803, 0x0)
write(r0, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1f00c0e90101c7bb0000b00000000000", 0x26)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000400), 0x4)
sendto(r0, &(0x7f00000005c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000007280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)

371.172166ms ago: executing program 3 (id=440):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000077c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
fsync(r3)
fspick(r3, &(0x7f0000000300)='./file0\x00', 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000001c0)={0x9}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000040)={0x0, 0x3}, 0x8)

370.785754ms ago: executing program 1 (id=441):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12013f00000000407f04ffff0000000000010902"], 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r2 = epoll_create1(0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0))
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0xa, 0x3, 0x3a)
socket$inet(0x2, 0x0, 0xff)
sendmsg$xdp(r3, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x4, 0x0, 0x1d}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000680)="a4b7bb283a89adc2e0f857dbce961909686903e709a3a0cb8a1851d4f29a2f55ba2c528ccec0c0fa8b0d1a4a1c68875487ef0be50daf2ad5687cd340c489a6f5c94cef9813bd7f0f3b0a3522cfc74533c247b1ddd699c3d72759a7df0d897519e49fcde0f0ff2e1d1e0abff0fc49c0bee1d0993c3795c99a1b65b24e5570ca28343c", 0x82}, {&(0x7f00000001c0)}], 0x2, 0x0, 0x0, 0x4000000}, 0x14)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r0], 0x18}}, 0x44001)
read$FUSE(r3, &(0x7f0000009b00)={0x2020}, 0x2020)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000))
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, 0xffffffffffffffff)
fcntl$getownex(r7, 0x10, &(0x7f0000000140))
r8 = syz_open_procfs(0x0, &(0x7f0000000600)='fd/4\x00')
open_by_handle_at(r8, &(0x7f0000000180)=ANY=[@ANYBLOB="0c00000001000000"], 0x0)

370.160755ms ago: executing program 2 (id=442):
socketpair(0x1e, 0x5, 0x0, &(0x7f0000000040))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xb, &(0x7f0000000280)=ANY=[@ANYRESDEC=r1, @ANYRES8=r1], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r2}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
select(0x40, &(0x7f0000000000), &(0x7f0000000240)={0xcc}, 0x0, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x2000000000000001, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES16=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket(0x200000100000011, 0xa, 0x0)
pselect6(0x40, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x100000000000000}, 0x0, &(0x7f00000002c0)={0x3fc}, 0x0, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
preadv(r6, &(0x7f0000002340)=[{&(0x7f00000041c0)=""/178, 0xb2}], 0x1, 0x3, 0x0)
socket$kcm(0x2, 0xa, 0x2)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioperm(0x0, 0x40, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x0, 0x0, 0x0, 0x9}, 0x48)
r7 = socket$inet(0x2, 0x3, 0x2)
r8 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0)
setsockopt$inet_mreqsrc(r7, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local, @loopback}, 0xc)

275.174961ms ago: executing program 0 (id=443):
timer_create(0x3, 0x0, &(0x7f0000000280)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) (async)
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff})
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040)) (async)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r2}, 0x10) (async)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) (async)
munlockall()
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15) (async)
dup(r1) (async)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) (async)
chdir(&(0x7f00000003c0)='./bus\x00') (async)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$kcm(0x2, 0x0, 0x2)
sendmsg$inet(r5, 0x0, 0x0) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd) (async)
dup(0xffffffffffffffff)

207.238091ms ago: executing program 3 (id=444):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
get_robust_list(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
readv(r2, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/15, 0x3}, {&(0x7f0000000180)=""/172, 0x2000022c}], 0x2)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r3, r5}, 0x40)
syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x6, 0x4, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r7, 0x2000000, 0xe, 0x0, &(0x7f0000000280)="0c78bca32c37898d78318e236899", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

0s ago: executing program 0 (id=445):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e00}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000000c0)='timer_expire_entry\x00'}, 0x10)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f0000000180)={0xdc})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x2, 0xd000, 0x2000, &(0x7f0000001000/0x2000)=nil})
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001480)=ANY=[@ANYBLOB="05000000020c00"/16, @ANYBLOB="334e074fa62fbe9009316dd595b5960e03864277018ee47f1880ff12131a9aa7bfe7c6e6e6f54d6d39fd2ad50eefd0da1bb9e89f6def7b7ec582494d86b3f833dda99ac1aaa4e3f7d8e4800aabd477f3320795997253df4891bf142c67379948eb0824b4f4ece1b38ae3cb788a49d2663fb741ba4e4f19a4d815c3ec766c76651006a3c4de769dadd0ab91f840468f80a95545536628b63f157023dc7d36ad59799c10d94f31d0b0ea70c50a68c1af05d89f0946c2673bc2caf4efcab00b98e53d9c78bd2b117a24c19babbb1f8bddefe97eeacf341a74f4c44b5869e64c06e7afee90f8f6990d256e60c82af6b8771e734e144034ea56b4d0cd7dfd330aadfbb0383a2cf0f6cc9db41a414aba05e61e948fc1cc59f6583091a7e5929abe1514243a330d6b263a246a98d467ffa1fab4bb44f5e94b6165887443c80d83997f541dce58dfbfc47a22dd8c0d2164ad8e53d01fb21281ee7a92bb73c7d275b4145d2dc769d51a43c62c624e3125866d8e5703913e61dbd3dff3042ea483884753499b5e992aa2d698c625e96583b84da4033ed6c173c6d9dc0593c515fbdf6706834fd84075615638b21818df6a28116db70f21512f4b406907f9e63e4d334818dfdd4906b0a8db8967e56b9971bf24c72d8c1d8c3afcbf4dcdefce3443c96fa9170f1c283333a7476e679c2eac2a5fea72cf1d20c8df6caff24e3f555d24e7a38e285cf1963acd12b292d1213c9f4853efd4fec880a433d01aaa62a1f5471e9102a74638d88c911d7c061496cbcef43a2ffe1467eed7ecf598d61d36f46e72b244553c24027a45794703922f3b5a37458c95fca2fb504983e3a0d7210704c0c5c2a1d76f58413f7e83c429495c880bc217e4703f6a64fec2dfad6160443f21144d3fc9782556294018f12e04b37359226f0283fd071a1e545e496f36ec36b08182add9976c18a9d1b5e914d0c1cf565b398ae571b3c9409ec9722c4446a2c15a58bf33d6451c2cf3f4eac45ec89706af58971f0355ffc27f627ca9580fde3589d83430e26ab1996c1d7880c7758a58ef526c556f8f5beae75cdf8a78abe3d7b8630edff670faaf1c9962134abe1ed3ec7b2e32a3b3fe7590dca6819bd247372e918b4cbcf3921e5891b6551dc080250e7b8092156cf30185e2c75f7e7d18d4dce91d8f0c5e88e41163f89f482cace5902692697d59edd1fa4a14819063460832f6c5cf2892f11de738fde121dc0ceade5a5263a3c84e9a700f2aa9bbe41b9d20e752177dab919e222d7781c860e639d5d09235b2c386bcb2b55bb93b884df2ae3f3d5b62bccc954132eb56909b9ac50451a15feb185a923c8c29b1e74576e3b48901f3ba8bf6906d0018a351cbb430195de9fe94b218fb20f7238f48e710ea4f4ab7314aa62b9888a54be22c105d8239c8aef5a4a9448e9e00e38e7ba6dc90dc3f2aaccbd0e5939dff74bef4a1bd508ec8855f0f41b063b71580a0617d0737b3cac435e34b8e87dc754740f25af60f65baaf1787b8b3dfec4760ea98e7302a3c1e97a9c549133a6fec7ef60ba8dc0246ac073e57ecca37d660a34efc6d144f74b9828400b726ff838c1c35bd2fac99f707f58d50cdc5c237919a9ed769fa9eed86a08a3b30596c167724c17589d955cc1efbb90554978637f94bae7636d3997e2b0cb6382d090003b5488bf596bf937f433bdf57b3065078e1090c5d955b5f87a52910b82d58d81600b6720d6f5138fb98f9415e1f8ab86f1a6279e790ecc97e58266223ebdb591412262743bb41325a52ceb53964c580f6d11482ce63c1df04e6a14561bc5215438715b44f4bfd38ca66259c5f9411835d0f2bb805976317a94efb5ca42b6ea458a2dade69f883b6904ae9c88be30d0de9581ea050d18f80e799ea9182385220fd64c827602240207ca97306382133fb964f77f7a2ef809566558bfeaf529ce6d13974ed0c1b4001cba3ec2537fe2db6db2a0db7070567da2b8353b181e2eb1e54eee6b85f588e08196d18b6f62e31df4eded6a33e8d5eb53feaad08188d38a9ea2f9893da231c63bf11958a0f25ff034b1736d8ef3b9ef1894412647248d0ed8875c32be86a803abad908cdd907c7c9e841aa7157290c71204eb077ecefbdade6e69c2adacecac199108dd925aaa78d0e70cc62af90aeef7198ad307105fa06b2e128a41d6828c530a6468d5ebc4e8ea26c39fcf9c52fb1c1cb5ae02855247f8476b27d83b9c77c74924d900ebd278e9c7b3123c67ae3d301477c336fb77b96b3353a4bb1ad54c949958e8f3ac6c6f021e1f343ce3db31c5fa7553fd71db5d0fa0b0e6c985f400f5decb49a405fb553fc51dad66a1353f4cb90d8cf71c686092c236b0012fe14cc95da9bdb6a34c2d765b4d97e9f8f82cb27b116ddff0a69a1cccdd5e24c1a90a561472905f5e2c50f0a8d7e9500ef73911d419595413624828f674df4089bd596f87fd16331380b087e22149a94e3096dc05a6444fd3273de400d021ffb307fd9901b08b6cb8376f5a631941261ad6749eca6c7c5072eabab4356fcc1f96e232e32ac7804e3775672e7bcee863a79c8b06a5ab7febab795648f58df466b4bfe2b4abb0cb9ffb30e949ae6f09a0d708245d59bf4707cea173ba0c2a374de07ac3d25cffcb59834377168c7b709ae728d59afeadbf04b8ddc0a783795428fcb757d838544b5d3e9a112df26c31403fc77e95e594959c6ae040ef5d73044ceeecae33fb45964b27fd370624bc4bbd1a27ffb66806c1d13bc55bf3c2ddc39a1dfafff749ab84efe3205fff043c477d1ccb0f7faed45d85791c896497e7a8bb041f03e340967cd936eed00ad9c1f55fa6f7600194c3052451c565ff664db73f323ec22dbd8115a732e12c2bc17b041ac59e6bfc43e242044042d60243ec56f367e11275a8130d7eb0632f6c27a2febfd9760ac724510ea4db465dee8abe7d7f1bbb4828a7327900581807da639ca367078bd1e79fa32f9a8bd60f57b3611ca68d8311b5663741a1a247825ac6c2553048df71dd5d3006ebb923bea53906cd471d738befff5773aac9a1c7f76b1338e08be7d3649de656d0bf869268992a447cdca78eb7babe95817ed3da08927faf6beb2c1cb2bbbe7c81b2d1586a59d967569256bc891f50fa7e4daad77a02f71aa7655fb0fa7cad9906cb303000affb05dd611dc0de4af8886380de5c5e72355e59f0435bbce0dd8d8931a781a24199c31530e3c0bdbb4279b8707f4bb14cfe37a0275ee13d4f1b61065dccfde8f92f9fd5c3cff4807ed431902091437eda3d3c55fa90f2e69f017720d1089c15e0f6f3787d22e592b44a8422259bce301fc457bbafa2874ddeeb824c3785fc08ba859c567f0524d3a81b1fd7d1eb2062610497378d0211ec11d297c49c6cfbb7ca82e1ec128bb2aca4ed8e4e6110423a64117a64e3987a318b7f332f141ffabd756f89fda06eac7f1569764201a8c030d792cb1b850104e87701b66422e28de632d9cd9fe6aefe79b287180fd539f7d4e5ca645e8f67f1ab36de55a34c1e426ae35720175ebd27f94ec7fad790dc6e327ce13b3594dfb3a662d084e343c1bdb9c176723d369e8746f27728b58678ada65e8d46ed3d30aa28b47d23b57ddc731e9f009845ab27563ae8c40b5436adcc0225409cbca0c34f9354dc69babcb9f5db6672e84064fe84438d0bdabe0fb10375d7d6469a7fdd348a65c96ee5f78b8b248dc70399fa71d044dee492b52d63b1cd73bea051f4daf168b5ea1f502aa7ed744ec807ff189f87ca0f2f514827bbc9236ac942bb622d52e6fdb3826984bf0edce8e19086102bc12163f47f9b371bfa5e5a18c6918972563c2244f4021800f083a1e43958aea6c67b1fb8b368abb54d44a8880a166f588c5ba9b962d12383ef30eba31181c20b47e102ba792f451405bd8e2c47bbff2221c5df9598ba6e3344f75cb16e17ed23976e55085203c72dda502960e26d59535133057f08db96dee2f78fc5d3e943e9b9c979aeeb715045467605b9b80da55c21c2d881cac68466be7c0d2b2e0dda61918a9bed3fea9909087810b4dcd883c0ab65211a950c559153550faafb878e309aefdcdf71ef55334cd822b5773ae8dbaf1f504ffae0821b4cbaed13946421e95b604cf78a4fe16e26c7a18b1df2901b8616cb76403240b3d1aa1a5e41cfee47b0072181d5a7f542ef2ea140ad4028a779901cf630b7213314a4d3e67f4596ae45fe57321cc5ed48736188392bc66ac082e85da77d5fc5a76d17d79a742c9221f5313937f7c3e175be53525617f52a4c3cc35045d98d4f3fc17b1d0819f81a9ba1472f55e7aa532e641c9a27dce328f20c0e701b6c84e655040d39e6f0d90c57dd03ba2d8ede159eb3c8c1e41463413594e097df52378fa2a039dd35c106badd55608ad3596ba2f2a92b6d3860b2ed8e18045b20d083ac56c2c9fe92f213771b17adec49c01b74f347b1d2468828b828594f5cf094ffbbc851ebe8cb0b12524f0687d36b94219e4e2d71fb89d03537618cb03ca6a246f9d7399d3a99cb82e1145f1322a6345fe35429b98060e8b19d22c215d09067cd3370777cf5a4da97b1f8ec4884bfbb6e1ad30098637448641088170be87682376ddabcb22980383455f28a9207aeffa50b9ecad7d11a55d649e508f2f4bb917c82f052a734e2dc2820eb6da0b7dfd100a9398e2b93e3a9a36a70d7d38c13580fbb53b20600d3807b89ef6d2bc73384183a23a9bc95340d602198a386bd2cfea261f4cfaf6bd365e66e892697ab10fe974b85502e5624e1c038ec932506238db79ee7f9f5ecdb504de674fc6d0cbd2497a176b6ec3ad0f05b66c84e2d2ce51566fa57fac787b62fdc1271f1d2fe4861e545024e679590c8a07e7401ef099e3228985cca2aad1987baa6d8fc189d6c814b5ff24f4a4217625f539c89802dc7a289e146a939547bf866e238129ef5527fbd007058aa226cdfc37351084c987fa03d89678dfdbbf7e87a5d7bf853f372b6639594a26e4d4782d85fec09561847d14068ed48e52612da441df9fc2a74da6386bf721ef3e7e22304df9a8b8a96f8970243bdee621213293041b07f3f05a8e945483eb53a4f2c99eb3c1cc7bac3448349cfa73b714709509f8226d9ecbea4f0e028204811f573d880229b5c86ed74ae3dd71d006d36701d0c6bda33c28aedddd0e60304841db9ce794fe2837c8879420aeca583e0d32baa0ca343dc084aabc33af5ae20bcabac197101a76289a2408fe197e54c2b9d6697837dc3e49cb26309d51b318827630ddc6548bedd47496df03d9212cc3ddd442ae96a6b4a75c9fde3278d29088b7feca4b09f4b777f9f9a423b85625c31653d8f320289e8eba82c914e8ba6d989779c3d1febda2c350aa5b9a04adf21ecf808da63ecbf0f3bfc4c97c4949296c9561ec47766e01fdcbadca7970736ef0498b279d50dcbe3003a4256a1d5445641e66a7749c868bc57a597d0471004e0eeca7760ffedc6bedf69c2f99ee88a7f1c9b9cef9a748b19cea8402183d07ac78d04d1abf97b903c1456ce8547776538a450e013877d43adbfd5d2ed992498190567ae355868bd1e5aa00c817c3e86522914e08bdba556ca9935395e252fb54d8c801182780a284f0daa90e7cb76e813a2408f36d06010f8eac0302a98cd15376502b35bc2ea452bea046df591b4490ef71edd9f91b1b888676aef54dd8f77f08031afb8b722811e75b7f17f874dd3c9f1c22dddfda61468f289da45399b45c186a2ff46d3e8d7f2c9a18be109a29a2973f46a682e00763f2d03a", @ANYRESDEC=0x0, @ANYBLOB="d001fb6667e6f56a6ae626bff3cf2eea2f0eef0ffcd8026e474b943609b5a8b41f71f1383749fbce8829df5730d87167a66118212b22a1a582f573bc94a7e0efc23f943b52ca0d98980d501e391f32aa4864732cfa73d7e353c0789d6be76d3237e77515e529d1f594f9f1ea160ae8a281f998275cdd0054bea1154942d84e8f467743da4d0cae86b3fd648b1c89b1a816bf382724d683efe63c597b1aeaef2dbaca80ce5eb1b29e2006721049a181df0d91fa18e27a1dec734d", @ANYRES64=0x0, @ANYBLOB="00000040010000000000000000000000645b01000000931133f6d9919fd48557d76811cd874f3c837bbfc1c8831026d40798a2be4cc414e02216198977dc3d41ed0880c64c39e5f4059bae641ed151129d36fa7aa47a5ded6da6b0330ae404ae876ec1a9f449c96beeb3c7734c99e9d4d76508ea78b1dabebeaa334d7022d422d26a04c39f283d2ecc456283549592b63c00bab20f8e40ae59087575656515162b6016bad8572f2de9955c9966e322447a85352dd27c44e87cda3bdbf60959a2129c942ef71104670f56e997917141299ab91fcfd07676dd0ee78a3e9b7245a5ae3bc9fca0a07f626759649be2d02d14198232b74730a1467ad275305e39936dd36f440f8ddce9f7de8c7dbde8543dc71de1bc41b5877faeac205b8eb7e486d23f0e0b268389d06f15f88c64eb8773b51cd988c1173a6c0feeb887cfc853e23392e108fd122c99337dabdd72a6fb2c70562fef5c66cc8f33b7c1b4c45a9cb83b7bf5020c84e82ebd89ca383e780137aba137e37b7e4d0000000000000000006fb6a4fbc716da11068688ea0285ae6e3888db07728ab99c97936096751b6ba2ff018322774dcf5e9987e0c95182cc20af2ccee4f581f99224ec9002fa0ddca3579bfa7e53edaf9867e526cde393c57a5d5d799ce8fb760f98f79f848f0c0b7ef85857ffbda95cdac8e23c98607515b9205ec9832ea94a695ac706bbf5b6c7baae145e45bc75c9654d0a3e73d5bfe48d00"/539], 0x80}}, 0x0)
ioctl$SIOCGSTAMPNS(r3, 0x8907, &(0x7f0000000100))
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IOCTL_STOP_ACCEL_DEV(0xffffffffffffffff, 0x40096101, &(0x7f0000000080)={{&(0x7f0000000380)={'Accelerator\x00', {&(0x7f00000004c0)=@adf_dec={@bank={'Bank', '0', 'InterruptCoalescingNumResponses\x00'}, {0x5}, {&(0x7f0000000200)=@adf_dec={@normal='NumberDcInstances\x00', {0x6}}}}}, {&(0x7f00000002c0)={'Accelerator0\x00'}}}}, 0x2})
readahead(r4, 0x1, 0x1)
socket(0x11, 0x800000003, 0x0)
syz_pidfd_open(0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000006c0), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000440)={0x0, 0x0, 0x10000})
syz_emit_ethernet(0xa4, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffff000086dd607377c2006e110000000000000000000000ffffac1414aafe8000000000000000000000000000aa00000400006dffff0000000000669078426bccdc65c29a4bc2c1266dea7a5d91556e6bcf99e630bb84dc378b1de38f34f1affaee09000000e10d55665f304f4faf896314ca84b8858ff78dfaa0c8d0ba589745fa531cd4cd84f7069c604890876f018e747742c2d85904376af370"], 0x0)
r6 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r6)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x0, 0x20000, @private0={0xfc, 0x0, '\x00', 0x1}, 0x100001}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000640)={'#! ', './file0', [{0x20, 'cpuacct.usage_sys\x00'}, {0x20, '\xd5\xaf\xc3\x9b\xe3Qk\b?\xe69\x95b\x00\x00\x00\x00M\x19\xbdr\x10Z\x06'}, {0x20, ':'}, {0x20, 'InterruptCoalescingNumResponses\x00'}, {0x20, 'Accelerator\x00'}]}, 0x67)

kernel console output (not intermixed with test programs):

1
[   64.064230][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.068730][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.080374][ T5342] veth0_vlan: entered promiscuous mode
[   64.105152][ T5335] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.108587][ T5335] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.111510][ T5335] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.114409][ T5335] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.141294][ T5342] veth1_vlan: entered promiscuous mode
[   64.145540][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.149487][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.176157][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.179518][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.197039][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.202098][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.205562][   T39] kauditd_printk_skb: 2 callbacks suppressed
[   64.205571][   T39] audit: type=1400 audit(1722169590.418:117): avc:  denied  { mount } for  pid=5333 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   64.218816][   T39] audit: type=1400 audit(1722169590.418:118): avc:  denied  { mounton } for  pid=5333 comm="syz-executor" path="/syzkaller.0652oH/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   64.222733][ T5342] veth0_macvtap: entered promiscuous mode
[   64.230718][   T39] audit: type=1400 audit(1722169590.418:119): avc:  denied  { mount } for  pid=5333 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   64.240305][ T5342] veth1_macvtap: entered promiscuous mode
[   64.241545][   T39] audit: type=1400 audit(1722169590.418:120): avc:  denied  { unmount } for  pid=5333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   64.253210][   T39] audit: type=1400 audit(1722169590.438:121): avc:  denied  { mounton } for  pid=5333 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2389 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   64.264954][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.268233][   T39] audit: type=1400 audit(1722169590.438:122): avc:  denied  { mount } for  pid=5333 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   64.274127][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.315000][   T39] audit: type=1400 audit(1722169590.528:123): avc:  denied  { read write } for  pid=5333 comm="syz-executor" name="loop2" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   64.323641][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.333378][ T5342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.334697][   T39] audit: type=1400 audit(1722169590.528:124): avc:  denied  { open } for  pid=5333 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   64.336680][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.341064][ T5342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.347867][   T39] audit: type=1400 audit(1722169590.528:125): avc:  denied  { ioctl } for  pid=5333 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=662 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   64.355458][ T5342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.371933][   T39] audit: type=1400 audit(1722169590.588:126): avc:  denied  { read } for  pid=5398 comm="syz.2.3" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   64.372664][ T5342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.393990][ T5342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.399014][ T5342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.407860][ T5342] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.419195][ T5342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.423625][ T5342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.430117][ T5342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.433575][ T5342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.437492][ T5342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.442837][ T5342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.451872][ T5342] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.460455][ T5342] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.463676][ T5342] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.467050][ T5342] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.472878][ T5342] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.680953][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.684868][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.718674][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.722091][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.946528][ T5412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'.
[   65.156583][ T5416] netlink: 'syz.1.6': attribute type 30 has an invalid length.
[   65.250621][ T5420] x_tables: duplicate entry at hook 1
[   65.298047][ T5418] ip6gretap0 speed is unknown, defaulting to 1000
[   65.303261][ T5418] ip6gretap0 speed is unknown, defaulting to 1000
[   65.323272][ T5418] ip6gretap0 speed is unknown, defaulting to 1000
[   65.341324][ T5418] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   65.347831][ T5422] netlink: 36 bytes leftover after parsing attributes in process `syz.1.8'.
[   65.352626][ T5418] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   65.387305][ T5418] ip6gretap0 speed is unknown, defaulting to 1000
[   65.393758][ T5418] ip6gretap0 speed is unknown, defaulting to 1000
[   65.398549][ T5418] ip6gretap0 speed is unknown, defaulting to 1000
[   65.402458][ T5418] ip6gretap0 speed is unknown, defaulting to 1000
[   65.597460][ T5429] 9pnet_fd: Insufficient options for proto=fd
[   65.608277][ T5347] Bluetooth: hci0: command tx timeout
[   65.608507][ T4763] Bluetooth: hci1: command tx timeout
[   65.611907][ T5347] Bluetooth: hci3: command tx timeout
[   65.698237][ T5347] Bluetooth: hci2: command tx timeout
[   65.728188][ T5377] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   65.921674][ T5377] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   65.926743][ T5377] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   65.936384][ T5377] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   65.943386][ T5377] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   65.947208][ T5377] usb 6-1: SerialNumber: syz
[   66.139130][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[   66.198686][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[   66.209111][ T5436] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13'.
[   66.212954][ T5436] netlink: 64 bytes leftover after parsing attributes in process `syz.3.13'.
[   66.231706][ T5437] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8'.
[   66.239037][ T5437] veth0_to_bond: entered allmulticast mode
[   66.242019][ T5436] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13'.
[   66.255906][ T5437] netlink: 36 bytes leftover after parsing attributes in process `syz.1.8'.
[   66.285447][ T5377] usb 6-1: 0:2 : does not exist
[   66.288364][ T5377] usb 6-1: unit 5 not found!
[   66.309240][ T5439] Zero length message leads to an empty skb
[   66.314248][ T5377] usb 6-1: USB disconnect, device number 2
[   66.418025][ T5443] sch_tbf: burst 0 is lower than device veth0_to_team mtu (1514) !
[   66.424024][ T5444] atomic_op ffff888046eb4198 conn xmit_atomic 0000000000000000
[   66.468875][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   66.506458][ T5450] FAULT_INJECTION: forcing a failure.
[   66.506458][ T5450] name failslab, interval 1, probability 0, space 0, times 1
[   66.512113][ T5450] CPU: 2 UID: 0 PID: 5450 Comm: syz.0.17 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[   66.516531][ T5450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   66.521522][ T5450] Call Trace:
[   66.523352][ T5450]  <TASK>
[   66.524673][ T5450]  dump_stack_lvl+0x16c/0x1f0
[   66.527000][ T5450]  should_fail_ex+0x497/0x5b0
[   66.529129][ T5450]  ? fs_reclaim_acquire+0xae/0x160
[   66.531788][ T5450]  should_failslab+0xc2/0x120
[   66.534124][ T5450]  kmem_cache_alloc_node_noprof+0x71/0x310
[   66.536741][ T5450]  ? __alloc_skb+0x2b1/0x380
[   66.538856][ T5450]  __alloc_skb+0x2b1/0x380
[   66.540910][ T5450]  ? __pfx___alloc_skb+0x10/0x10
[   66.543168][ T5450]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   66.545805][ T5450]  netlink_alloc_large_skb+0x69/0x130
[   66.548211][ T5450]  netlink_sendmsg+0x689/0xd70
[   66.550602][ T5450]  ? __pfx_netlink_sendmsg+0x10/0x10
[   66.553197][ T5450]  ? __import_iovec+0x1fd/0x6e0
[   66.555392][ T5450]  ____sys_sendmsg+0xab5/0xc90
[   66.557543][ T5450]  ? copy_msghdr_from_user+0x10b/0x160
[   66.560234][ T5450]  ? __pfx_____sys_sendmsg+0x10/0x10
[   66.563033][ T5450]  ? find_held_lock+0x2d/0x110
[   66.565285][ T5450]  ? __pfx___lock_acquire+0x10/0x10
[   66.567734][ T5450]  ___sys_sendmsg+0x135/0x1e0
[   66.570097][ T5450]  ? __pfx____sys_sendmsg+0x10/0x10
[   66.573131][ T5450]  ? ksys_write+0x21c/0x260
[   66.575945][ T5450]  ? __fget_light+0x173/0x210
[   66.578162][ T5450]  __sys_sendmsg+0x117/0x1f0
[   66.580236][ T5450]  ? __pfx___sys_sendmsg+0x10/0x10
[   66.582527][ T5450]  do_syscall_64+0xcd/0x250
[   66.584594][ T5450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.587468][ T5450] RIP: 0033:0x7fc775977299
[   66.589187][ T5450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.597795][ T5450] RSP: 002b:00007fc77678b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   66.601390][ T5450] RAX: ffffffffffffffda RBX: 00007fc775b05f80 RCX: 00007fc775977299
[   66.604913][ T5450] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004
[   66.608486][ T5450] RBP: 00007fc77678b0a0 R08: 0000000000000000 R09: 0000000000000000
[   66.611923][ T5450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.615414][ T5450] R13: 000000000000000b R14: 00007fc775b05f80 R15: 00007fff189bc1b8
[   66.618949][ T5450]  </TASK>
[   66.673455][ T5339] udevd[5339]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   67.101302][ T5463] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   67.389107][ T5471] futex_wake_op: syz.3.23 tries to shift op by -1; fix this program
[   67.528469][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   67.554701][ T5477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.25'.
[   67.558684][ T5477] netlink: 64 bytes leftover after parsing attributes in process `syz.0.25'.
[   67.584207][ T5477] netlink: 28 bytes leftover after parsing attributes in process `syz.0.25'.
[   67.688996][ T5347] Bluetooth: hci0: command tx timeout
[   67.691619][ T5347] Bluetooth: hci3: command tx timeout
[   67.694104][ T5347] Bluetooth: hci1: command tx timeout
[   67.770413][ T5347] Bluetooth: hci2: command tx timeout
[   68.142270][  T831] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[   68.288182][  T831] usb 5-1: device descriptor read/64, error -71
[   68.333991][ T5507] warning: `syz.1.32' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   68.578199][  T831] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[   68.728799][  T831] usb 5-1: device descriptor read/64, error -71
[   68.848500][  T831] usb usb5-port1: attempt power cycle
[   69.299559][  T831] usb 5-1: new low-speed USB device number 4 using dummy_hcd
[   69.338780][  T831] usb 5-1: device descriptor read/8, error -71
[   69.442898][   T39] kauditd_printk_skb: 76 callbacks suppressed
[   69.442954][   T39] audit: type=1400 audit(1722169595.658:203): avc:  denied  { unmount } for  pid=5335 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[   69.485702][   T39] audit: type=1400 audit(1722169595.698:204): avc:  denied  { setopt } for  pid=5512 comm="syz.1.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   69.498362][   T39] audit: type=1400 audit(1722169595.698:205): avc:  denied  { write } for  pid=5512 comm="syz.1.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   69.513864][   T39] audit: type=1400 audit(1722169595.698:206): avc:  denied  { connect } for  pid=5512 comm="syz.1.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   69.535796][   T39] audit: type=1400 audit(1722169595.698:207): avc:  denied  { name_connect } for  pid=5512 comm="syz.1.34" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   69.546460][   T39] audit: type=1400 audit(1722169595.728:208): avc:  denied  { read } for  pid=5512 comm="syz.1.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   69.555368][   T39] audit: type=1400 audit(1722169595.758:209): avc:  denied  { read } for  pid=5512 comm="syz.1.34" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   69.565232][   T39] audit: type=1400 audit(1722169595.758:210): avc:  denied  { open } for  pid=5512 comm="syz.1.34" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   69.575640][   T39] audit: type=1400 audit(1722169595.768:211): avc:  denied  { ioctl } for  pid=5512 comm="syz.1.34" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   69.586419][   T39] audit: type=1400 audit(1722169595.768:212): avc:  denied  { set_context_mgr } for  pid=5512 comm="syz.1.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   69.626000][  T831] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[   69.661084][  T831] usb 5-1: device descriptor read/8, error -71
[   69.781120][  T831] usb usb5-port1: unable to enumerate USB device
[   69.964133][    C0] vkms_vblank_simulate: vblank timer overrun
[   69.994325][    C0] vkms_vblank_simulate: vblank timer overrun
[   70.111763][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   70.493876][    C0] vkms_vblank_simulate: vblank timer overrun
[   71.211993][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   71.216139][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   71.428251][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c8!!!
[   71.450217][ T4763] Bluetooth: hci1: command 0x0406 tx timeout
[   71.533491][ T5535] ALSA: seq fatal error: cannot create timer (-22)
[   71.586517][ T5535] xt_connbytes: Forcing CT accounting to be enabled
[   71.593809][ T5535] Cannot find add_set index 0 as target
[   71.621611][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   71.639349][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   71.812191][ T1117] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.946613][ T1117] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.095691][ T1117] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.137075][ T4763] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   72.142694][ T4763] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   72.147121][ T4763] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   72.152758][ T4763] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   72.157337][ T4763] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   72.162314][ T4763] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   72.202611][ T1117] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.233425][ T5540] ip6gretap0 speed is unknown, defaulting to 1000
[   72.432713][ T5540] chnl_net:caif_netlink_parms(): no params data found
[   72.452268][ T1117] bridge_slave_1: left allmulticast mode
[   72.455087][ T1117] bridge_slave_1: left promiscuous mode
[   72.460921][ T1117] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.476095][ T1117] bridge_slave_0: left allmulticast mode
[   72.479171][ T1117] bridge_slave_0: left promiscuous mode
[   72.482745][ T1117] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.895221][ T1117] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   72.910481][ T1117] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   72.917938][ T1117] bond0 (unregistering): Released all slaves
[   73.259522][ T5540] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.269099][ T5540] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.276928][ T5540] bridge_slave_0: entered allmulticast mode
[   73.289279][ T5540] bridge_slave_0: entered promiscuous mode
[   73.297837][ T5540] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.307234][ T5540] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.316425][ T5540] bridge_slave_1: entered allmulticast mode
[   73.327102][ T5540] bridge_slave_1: entered promiscuous mode
[   73.369798][ T5568] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=4 sclass=netlink_xfrm_socket pid=5568 comm=syz.0.48
[   73.394390][ T5563] ALSA: seq fatal error: cannot create timer (-22)
[   73.406847][ T5563] Cannot find add_set index 0 as target
[   73.494552][ T5540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.504352][ T5540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   73.604660][ T5540] team0: Port device team_slave_0 added
[   73.613107][ T5540] team0: Port device team_slave_1 added
[   73.630076][ T1117] hsr_slave_0: left promiscuous mode
[   73.658582][ T1117] hsr_slave_1: left promiscuous mode
[   73.693581][    C0] vkms_vblank_simulate: vblank timer overrun
[   73.706843][ T1117] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   73.710306][ T1117] batman_adv: batadv0: Removing interface: batadv_slave_0
[   73.717431][ T1117] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   73.720722][ T1117] batman_adv: batadv0: Removing interface: batadv_slave_1
[   73.810494][ T1117] veth1_macvtap: left promiscuous mode
[   73.813312][ T1117] veth0_macvtap: left promiscuous mode
[   73.815879][ T1117] veth1_vlan: left promiscuous mode
[   73.822171][ T1117] veth0_vlan: left promiscuous mode
[   74.258773][ T5347] Bluetooth: hci1: command tx timeout
[   74.637043][ T1117] team0 (unregistering): Port device team_slave_1 removed
[   74.726313][ T1117] team0 (unregistering): Port device team_slave_0 removed
[   75.093537][ T5583] ALSA: seq fatal error: cannot create timer (-22)
[   75.105508][ T5583] xt_connbytes: Forcing CT accounting to be enabled
[   75.109772][ T5583] Cannot find add_set index 0 as target
[   75.665294][ T5540] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.676176][ T5540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.697476][ T5540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.701064][   T39] kauditd_printk_skb: 32 callbacks suppressed
[   75.701077][   T39] audit: type=1400 audit(1722169601.908:245): avc:  denied  { getattr } for  pid=5595 comm="syz.0.56" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=9045 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   75.708045][ T5540] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.725232][ T5540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.733006][   T39] audit: type=1400 audit(1722169601.928:246): avc:  denied  { ioctl } for  pid=5588 comm="syz.3.54" path="socket:[7569]" dev="sockfs" ino=7569 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   75.737800][ T5540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.750814][   T39] audit: type=1400 audit(1722169601.938:247): avc:  denied  { execute } for  pid=5595 comm="syz.0.56" path="/13/bus" dev="tmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   75.767277][ T5596] netlink: 'syz.0.56': attribute type 10 has an invalid length.
[   75.782317][ T5600] netlink: 'syz.3.54': attribute type 1 has an invalid length.
[   75.792478][ T5600] __nla_validate_parse: 1 callbacks suppressed
[   75.792491][ T5600] netlink: 9352 bytes leftover after parsing attributes in process `syz.3.54'.
[   75.801158][ T5600] netlink: 'syz.3.54': attribute type 1 has an invalid length.
[   75.806369][ T5600] netlink: 12 bytes leftover after parsing attributes in process `syz.3.54'.
[   75.902049][ T5540] hsr_slave_0: entered promiscuous mode
[   75.906063][ T5540] hsr_slave_1: entered promiscuous mode
[   75.923550][ T5540] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.930791][ T5540] Cannot create hsr debugfs directory
[   76.329268][ T5347] Bluetooth: hci1: command tx timeout
[   76.341741][ T5616] mmap: syz.0.58 (5616) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   76.447067][ T5620] ALSA: seq fatal error: cannot create timer (-22)
[   76.454133][ T5620] Cannot find add_set index 0 as target
[   76.984136][ T5540] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   77.002192][ T5540] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   77.015121][ T5540] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   77.030459][ T5540] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   77.140949][ T1384] ieee802154 phy0 wpan0: encryption failed: -22
[   77.144901][ T1384] ieee802154 phy1 wpan1: encryption failed: -22
[   77.159936][ T5540] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.174562][   T39] audit: type=1400 audit(1722169603.378:248): avc:  denied  { read } for  pid=5632 comm="syz.0.61" name="fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   77.192086][ T5634] input: syz0 as /devices/virtual/input/input5
[   77.211250][   T39] audit: type=1400 audit(1722169603.378:249): avc:  denied  { open } for  pid=5632 comm="syz.0.61" path="/dev/fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   77.239780][ T5540] 8021q: adding VLAN 0 to HW filter on device team0
[   77.260844][   T39] audit: type=1400 audit(1722169603.388:250): avc:  denied  { ioctl } for  pid=5632 comm="syz.0.61" path="/dev/fb0" dev="devtmpfs" ino=639 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   77.295555][   T39] audit: type=1400 audit(1722169603.398:251): avc:  denied  { ioctl } for  pid=5632 comm="syz.0.61" path="/dev/uinput" dev="devtmpfs" ino=866 ioctlcmd=0x5569 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   77.299175][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.310081][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.327818][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.330902][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.336422][   T39] audit: type=1400 audit(1722169603.478:252): avc:  denied  { read } for  pid=4810 comm="acpid" name="event4" dev="devtmpfs" ino=2408 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   77.375637][   T39] audit: type=1400 audit(1722169603.478:253): avc:  denied  { open } for  pid=4810 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2408 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   77.387239][ T5540] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   77.398571][   T39] audit: type=1400 audit(1722169603.478:254): avc:  denied  { ioctl } for  pid=4810 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2408 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   77.497634][ T5634] dccp_invalid_packet: invalid packet type
[   77.602035][ T5540] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.696638][ T5540] veth0_vlan: entered promiscuous mode
[   77.710659][ T5540] veth1_vlan: entered promiscuous mode
[   77.756343][ T5540] veth0_macvtap: entered promiscuous mode
[   77.770824][ T5540] veth1_macvtap: entered promiscuous mode
[   77.801954][ T5540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.806424][ T5540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.811044][ T5540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.814648][ T5540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.818251][ T5540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.822423][ T5540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.832326][ T5540] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.843884][ T5540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.849946][ T5540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.854201][ T5540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.859186][ T5540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.863346][ T5540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.867641][ T5540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.875789][ T5540] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.886768][ T5540] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.890743][ T5540] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.894187][ T5540] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.897998][ T5540] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.018680][ T1117] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.021967][ T1117] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.070842][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.077545][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.410349][ T5347] Bluetooth: hci1: command tx timeout
[   78.720097][ T5681] FAULT_INJECTION: forcing a failure.
[   78.720097][ T5681] name failslab, interval 1, probability 0, space 0, times 0
[   78.727446][ T5681] CPU: 3 UID: 0 PID: 5681 Comm: syz.2.65 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[   78.732201][ T5681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.736796][ T5681] Call Trace:
[   78.738258][ T5681]  <TASK>
[   78.739539][ T5681]  dump_stack_lvl+0x16c/0x1f0
[   78.741575][ T5681]  should_fail_ex+0x497/0x5b0
[   78.743647][ T5681]  ? fs_reclaim_acquire+0xae/0x160
[   78.745842][ T5681]  should_failslab+0xc2/0x120
[   78.748114][ T5681]  kmem_cache_alloc_noprof+0x6e/0x2f0
[   78.750718][ T5681]  ? __anon_vma_prepare+0x344/0x5e0
[   78.753006][ T5681]  __anon_vma_prepare+0x344/0x5e0
[   78.755264][ T5681]  ? __pfx___pte_alloc+0x10/0x10
[   78.757816][ T5681]  vmf_anon_prepare+0x11c/0x250
[   78.760032][ T5681]  __handle_mm_fault+0x2a19/0x5660
[   78.762747][ T5681]  ? __pfx_mt_find+0x10/0x10
[   78.765011][ T5681]  ? get_pid_task+0xfc/0x250
[   78.767079][ T5681]  ? __pfx___handle_mm_fault+0x10/0x10
[   78.769496][ T5681]  ? find_vma+0xc0/0x140
[   78.771313][ T5681]  ? __pfx_find_vma+0x10/0x10
[   78.774035][ T5681]  handle_mm_fault+0x44e/0x7b0
[   78.790328][ T5681]  ? __pkru_allows_pkey+0x52/0xb0
[   78.792562][ T5681]  do_user_addr_fault+0x7a3/0x13f0
[   78.794843][ T5681]  exc_page_fault+0x5c/0xc0
[   78.796850][ T5681]  asm_exc_page_fault+0x26/0x30
[   78.799020][ T5681] RIP: 0010:__put_user_4+0x11/0x20
[   78.801389][ T5681] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[   78.809845][ T5681] RSP: 0018:ffffc9000356fe70 EFLAGS: 00050202
[   78.812738][ T5681] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020000e80
[   78.815808][ T5681] RDX: 0000000000000000 RSI: ffffffff8153c1cb RDI: ffff888047f8056c
[   78.819896][ T5681] RBP: 1ffff920006adfd2 R08: 0000000000000000 R09: fffffbfff202527b
[   78.826217][ T5681] R10: ffffffff901293df R11: 0000000000000000 R12: 0000000020000e80
[   78.829697][ T5681] R13: 0000000000000002 R14: dffffc0000000000 R15: ffff888047f80000
[   78.832911][ T5681]  ? __do_sys_prctl+0x48b/0x1e40
[   78.837768][ T5681]  __do_sys_prctl+0x4cc/0x1e40
[   78.839901][ T5681]  ? __pfx___do_sys_prctl+0x10/0x10
[   78.842217][ T5681]  do_syscall_64+0xcd/0x250
[   78.844287][ T5681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.847011][ T5681] RIP: 0033:0x7fe3f3177299
[   78.849016][ T5681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.857306][ T5681] RSP: 002b:00007fe3f3ea8048 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[   78.863161][ T5681] RAX: ffffffffffffffda RBX: 00007fe3f3305f80 RCX: 00007fe3f3177299
[   78.866616][ T5681] RDX: 0000000000000000 RSI: 0000000020000e80 RDI: 0000000000000002
[   78.870013][ T5681] RBP: 00007fe3f3ea80a0 R08: 0000000000000000 R09: 0000000000000000
[   78.873063][ T5681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.876295][ T5681] R13: 000000000000000b R14: 00007fe3f3305f80 R15: 00007ffcfb044428
[   78.879664][ T5681]  </TASK>
[   80.196130][ T5704] ALSA: seq fatal error: cannot create timer (-22)
[   80.217923][ T5704] Cannot find add_set index 0 as target
[   80.490941][ T5347] Bluetooth: hci1: command tx timeout
[   80.981885][   T39] kauditd_printk_skb: 17 callbacks suppressed
[   80.981899][   T39] audit: type=1400 audit(1722169607.198:272): avc:  denied  { sqpoll } for  pid=5710 comm="syz.3.72" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   81.004615][   T39] audit: type=1400 audit(1722169607.218:273): avc:  denied  { read write } for  pid=5710 comm="syz.3.72" name="uhid" dev="devtmpfs" ino=1113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   81.021157][   T39] audit: type=1400 audit(1722169607.228:274): avc:  denied  { open } for  pid=5710 comm="syz.3.72" path="/dev/uhid" dev="devtmpfs" ino=1113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   81.034502][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.037791][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.043899][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.047164][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.054717][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.057671][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.061794][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.065938][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.069462][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.072717][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.076081][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.079745][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.083042][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.086427][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.090305][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.093758][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.097838][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.101610][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.104912][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.108767][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.111974][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.115200][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.119075][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.122411][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.125670][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.129552][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.133129][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.136456][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.140225][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.143606][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.146990][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.154266][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.157550][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.160845][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.163994][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.167226][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.171129][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.174121][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.177031][   T39] audit: type=1400 audit(1722169607.388:275): avc:  denied  { connect } for  pid=5718 comm="syz.2.73" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   81.180051][ T5719] fuse: Invalid rootmode
[   81.185494][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.190571][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.193558][   T39] audit: type=1400 audit(1722169607.398:276): avc:  denied  { mounton } for  pid=5718 comm="syz.2.73" path="/14/file0" dev="tmpfs" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   81.208467][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.211853][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.215246][  T833] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.218393][   T39] audit: type=1400 audit(1722169607.408:277): avc:  denied  { write } for  pid=5718 comm="syz.2.73" name="hidraw0" dev="devtmpfs" ino=1116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   81.261919][  T833] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   81.322785][   T39] audit: type=1400 audit(1722169607.538:278): avc:  denied  { getopt } for  pid=5722 comm="syz.2.74" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   81.337730][ T5723] FAULT_INJECTION: forcing a failure.
[   81.337730][ T5723] name failslab, interval 1, probability 0, space 0, times 0
[   81.343547][ T5723] CPU: 3 UID: 0 PID: 5723 Comm: syz.2.74 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[   81.347924][ T5723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.352554][ T5723] Call Trace:
[   81.354009][ T5723]  <TASK>
[   81.355312][ T5723]  dump_stack_lvl+0x16c/0x1f0
[   81.357364][ T5723]  should_fail_ex+0x497/0x5b0
[   81.359433][ T5723]  ? __pfx___ip_dev_find+0x10/0x10
[   81.361396][ T5723]  should_failslab+0xc2/0x120
[   81.363222][ T5723]  kmem_cache_alloc_noprof+0x6e/0x2f0
[   81.365557][ T5723]  ? dst_alloc+0x99/0x1a0
[   81.367481][ T5723]  dst_alloc+0x99/0x1a0
[   81.369105][  T830] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   81.369344][ T5723]  rt_dst_alloc+0x35/0x3a0
[   81.373994][ T5723]  ip_route_output_key_hash_rcu+0x8a5/0x2770
[   81.376604][ T5723]  ? scm_detach_fds+0x2c5/0x780
[   81.378744][ T5723]  ip_route_output_key_hash+0x138/0x2e0
[   81.381146][ T5723]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[   81.383854][ T5723]  ? bpf_test_run+0x49d/0xa90
[   81.385917][ T5723]  ? bpf_prog_test_run_skb+0xb6e/0x20f0
[   81.388338][ T5723]  ? __sys_bpf+0x10d2/0x4a20
[   81.390283][ T5723]  ip_route_output_flow+0x27/0x150
[   81.392415][ T5723]  ip_tunnel_xmit+0x18f6/0x33f0
[   81.394522][ T5723]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[   81.396765][ T5723]  ? rcu_is_watching+0x12/0xc0
[   81.398845][ T5723]  ? trace_kmalloc+0x2d/0xe0
[   81.400700][ T5723]  ? skb_release_data+0x761/0x980
[   81.403718][ T5723]  ? kmalloc_reserve+0x13c/0x2c0
[   81.405636][ T5723]  __gre_xmit+0x89d/0xbd0
[   81.407328][ T5723]  ? __pfx___gre_xmit+0x10/0x10
[   81.409759][ T5723]  ? __pfx_pskb_expand_head+0x10/0x10
[   81.412339][ T5723]  ipgre_xmit+0x578/0xb30
[   81.414832][ T5723]  dev_hard_start_xmit+0x143/0x790
[   81.417544][ T5723]  __dev_queue_xmit+0x7c7/0x4300
[   81.419633][ T5723]  ? __pfx___dev_queue_xmit+0x10/0x10
[   81.422006][ T5723]  ? rcu_is_watching+0x12/0xc0
[   81.424035][ T5723]  ? trace_kmalloc+0x2d/0xe0
[   81.426073][ T5723]  ? __kmalloc_node_track_caller_noprof+0x22d/0x430
[   81.428803][ T5723]  ? pskb_expand_head+0x240/0x11f0
[   81.430876][ T5723]  ? skb_release_data+0x761/0x980
[   81.433407][ T5723]  ? kmalloc_reserve+0x13c/0x2c0
[   81.435972][ T5723]  ? skb_headers_offset_update+0x129/0x260
[   81.439321][ T5723]  ? pskb_expand_head+0x636/0x11f0
[   81.442342][ T5723]  ? __pfx_pskb_expand_head+0x10/0x10
[   81.444953][ T5723]  ? __asan_memcpy+0x3c/0x60
[   81.447038][ T5723]  __bpf_redirect+0x6fa/0xfa0
[   81.449086][ T5723]  bpf_clone_redirect+0x2cb/0x3d0
[   81.451315][ T5723]  ? __pfx_bpf_clone_redirect+0x10/0x10
[   81.453684][ T5723]  ___bpf_prog_run+0x3e51/0xabd0
[   81.455948][ T5723]  ? __pfx_mark_lock+0x10/0x10
[   81.458228][ T5723]  __bpf_prog_run512+0xb7/0x100
[   81.460698][ T5723]  ? __pfx___bpf_prog_run512+0x10/0x10
[   81.462843][ T5723]  ? hlock_class+0x4e/0x130
[   81.465044][ T5723]  ? __pfx___cant_migrate+0x10/0x10
[   81.467426][ T5723]  ? ktime_get+0xfb/0x1a0
[   81.469384][ T5723]  bpf_test_run+0x49d/0xa90
[   81.471631][ T5723]  ? __pfx_bpf_test_run+0x10/0x10
[   81.474029][ T5723]  ? __asan_memset+0x23/0x50
[   81.476148][ T5723]  bpf_prog_test_run_skb+0xb6e/0x20f0
[   81.476797][   T39] audit: type=1400 audit(1722169607.678:279): avc:  denied  { unlink } for  pid=5724 comm="syz.3.75" name="#1" dev="tmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   81.478623][ T5723]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   81.478650][ T5723]  ? fput+0x32/0x390
[   81.478670][ T5723]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   81.478694][ T5723]  __sys_bpf+0x10d2/0x4a20
[   81.487918][   T39] audit: type=1400 audit(1722169607.678:280): avc:  denied  { mount } for  pid=5724 comm="syz.3.75" name="/" dev="overlay" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   81.490359][ T5723]  ? ksys_write+0x21c/0x260
[   81.490378][ T5723]  ? reacquire_held_locks+0x410/0x4c0
[   81.490400][ T5723]  ? __pfx___sys_bpf+0x10/0x10
[   81.490421][ T5723]  ? vfs_write+0x14d/0x1140
[   81.490437][ T5723]  ? __mutex_unlock_slowpath+0x164/0x650
[   81.497951][   T39] audit: type=1400 audit(1722169607.688:281): avc:  denied  { connect } for  pid=5724 comm="syz.3.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   81.505629][ T5723]  ? fput+0x32/0x390
[   81.505652][ T5723]  ? ksys_write+0x1ab/0x260
[   81.505668][ T5723]  ? __pfx_ksys_write+0x10/0x10
[   81.505684][ T5723]  __x64_sys_bpf+0x78/0xc0
[   81.505707][ T5723]  ? lockdep_hardirqs_on+0x7c/0x110
[   81.505731][ T5723]  do_syscall_64+0xcd/0x250
[   81.505748][ T5723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.505768][ T5723] RIP: 0033:0x7fe3f3177299
[   81.505782][ T5723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.523386][  T830] usb 6-1: device descriptor read/64, error -71
[   81.525506][ T5723] RSP: 002b:00007fe3f3ea8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   81.556623][ T5723] RAX: ffffffffffffffda RBX: 00007fe3f3305f80 RCX: 00007fe3f3177299
[   81.560093][ T5723] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a
[   81.564384][ T5723] RBP: 00007fe3f3ea80a0 R08: 0000000000000000 R09: 0000000000000000
[   81.567795][ T5723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   81.571636][ T5723] R13: 000000000000000b R14: 00007fe3f3305f80 R15: 00007ffcfb044428
[   81.575033][ T5723]  </TASK>
[   81.788269][  T830] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   81.878478][ T5741] input: syz0 as /devices/virtual/input/input7
[   81.948169][  T830] usb 6-1: device descriptor read/64, error -71
[   82.037916][ T5741] dccp_invalid_packet: invalid packet type
[   82.079086][  T830] usb usb6-port1: attempt power cycle
[   82.252878][ T1298] cfg80211: failed to load regulatory.db
[   82.498245][  T830] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   82.542268][ T5746] xt_connbytes: Forcing CT accounting to be enabled
[   82.545343][ T5746] Cannot find add_set index 0 as target
[   82.549546][  T830] usb 6-1: device descriptor read/8, error -71
[   82.828188][  T830] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   82.861397][ T5749] ALSA: seq fatal error: cannot create timer (-22)
[   82.876164][ T5749] Cannot find add_set index 0 as target
[   82.878857][  T830] usb 6-1: device descriptor read/8, error -71
[   82.998655][  T830] usb usb6-port1: unable to enumerate USB device
[   83.288259][ T5347] Bluetooth: hci0: command tx timeout
[   83.303714][ T5751] syz.0.83 uses obsolete (PF_INET,SOCK_PACKET)
[   83.307235][ T5751] syzkaller1: entered promiscuous mode
[   83.310603][ T5751] syzkaller1: entered allmulticast mode
[   83.549421][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.552649][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.556887][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.563830][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.567525][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.572043][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.575301][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.579320][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.582539][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.585571][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.588968][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.592872][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.596697][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.599500][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.604924][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.608208][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.611390][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.614395][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.620358][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.626065][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.631877][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.637378][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.657716][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.661233][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.664472][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.667625][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.671866][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.674921][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.686291][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.691021][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.696125][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.700931][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.704045][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.709040][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.714922][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.718494][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.721727][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.725298][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.729000][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.732140][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.735334][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.739048][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.742280][   T58] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   83.749934][   T58] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   84.116688][ T5766] netlink: 8 bytes leftover after parsing attributes in process `syz.0.88'.
[   84.125231][ T5766] 9pnet_fd: Insufficient options for proto=fd
[   84.545371][ T5779] ALSA: seq fatal error: cannot create timer (-22)
[   84.556792][ T5779] xt_connbytes: Forcing CT accounting to be enabled
[   84.561131][ T5779] Cannot find add_set index 0 as target
[   84.835697][ T5787] ALSA: seq fatal error: cannot create timer (-22)
[   84.925768][ T5787] Cannot find add_set index 0 as target
[   85.047262][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.051027][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.054243][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.057313][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.061052][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.064136][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.067023][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.070410][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.073684][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.077136][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.081782][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.085054][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.088463][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.091645][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.094707][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.097759][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.102188][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.105562][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.109140][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.112698][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.116188][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.119658][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.123257][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.126555][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.130762][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.134411][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.137832][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.141487][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.144926][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.148301][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.151575][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.154889][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.158619][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.161828][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.165201][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.168884][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.171993][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.175347][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.179026][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.182555][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.186099][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.190785][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.194248][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   85.212605][   T10] hid-generic 0000:0000:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   85.376622][ T5347] Bluetooth: hci0: command tx timeout
[   85.969649][ T5814] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   86.006483][   T39] kauditd_printk_skb: 11 callbacks suppressed
[   86.006498][   T39] audit: type=1400 audit(1722169612.218:293): avc:  denied  { create } for  pid=5815 comm="syz.3.102" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   86.114346][ T5820] FAULT_INJECTION: forcing a failure.
[   86.114346][ T5820] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   86.120538][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: syz.2.103 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[   86.125626][ T5820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.129842][ T5820] Call Trace:
[   86.132081][ T5820]  <TASK>
[   86.133516][ T5820]  dump_stack_lvl+0x16c/0x1f0
[   86.136201][ T5820]  should_fail_ex+0x497/0x5b0
[   86.138476][ T5820]  _copy_from_user+0x30/0xf0
[   86.140590][ T5820]  restore_sigcontext+0xcc/0x6a0
[   86.144689][ T5820]  ? __pfx_restore_sigcontext+0x10/0x10
[   86.147082][ T5820]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.149153][ T5820]  ? lockdep_hardirqs_on+0x7c/0x110
[   86.153812][ T5820]  __do_sys_rt_sigreturn+0x138/0x230
[   86.156085][ T5820]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[   86.158571][ T5820]  do_syscall_64+0xcd/0x250
[   86.161266][ T5820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.164159][ T5820] RIP: 0033:0x7fe3f3112cb9
[   86.166395][ T5820] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   86.176530][ T5820] RSP: 002b:00007fe3f3ea7380 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   86.181477][ T5820] RAX: ffffffffffffffda RBX: 00007fe3f3305f80 RCX: 00007fe3f3112cb9
[   86.186139][ T5820] RDX: 00007fe3f3ea7380 RSI: 00007fe3f3ea74b0 RDI: 0000000000000021
[   86.190643][ T5820] RBP: 00007fe3f3ea80a0 R08: 0000000000000000 R09: 0000000000000000
[   86.195126][ T5820] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[   86.199227][ T5820] R13: 000000000000000b R14: 00007fe3f3305f80 R15: 00007ffcfb044428
[   86.203581][ T5820]  </TASK>
[   86.266826][   T39] audit: type=1400 audit(1722169612.478:294): avc:  denied  { getopt } for  pid=5826 comm="syz.2.105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   86.282906][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.285442][   T39] audit: type=1400 audit(1722169612.498:295): avc:  denied  { ioctl } for  pid=5826 comm="syz.2.105" path="socket:[10363]" dev="sockfs" ino=10363 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   86.287085][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.290425][ T5827] netdevsim netdevsim2: Direct firmware load for e 024a 012b 0000 0001 0000
[   86.290425][ T5827]  failed with error -2
[   86.290527][ T5827] netdevsim netdevsim2: Falling back to sysfs fallback for: e 024a 012b 0000 0001 0000
[   86.290527][ T5827] 
[   86.315871][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.320775][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.323952][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.327465][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.331181][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.335469][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.340023][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.340266][ T5828] fuse: Bad value for 'user_id'
[   86.343280][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.345398][ T5828] fuse: Bad value for 'user_id'
[   86.348222][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348243][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348261][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348279][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348298][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348315][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348332][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348350][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348367][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348385][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348402][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.348420][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.401535][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.410490][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.413615][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.417335][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.421021][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.424531][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.430288][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.433618][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.436437][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.439728][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.442853][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.445947][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.449248][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.452244][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.455632][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.459511][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.463022][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.466199][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.469399][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.473361][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.476612][  T831] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   86.482709][  T831] hid-generic 0000:0000:0000.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   86.693184][ T5834] ALSA: seq fatal error: cannot create timer (-22)
[   86.698531][ T5834] Cannot find add_set index 0 as target
[   86.772730][ T5836] FAULT_INJECTION: forcing a failure.
[   86.772730][ T5836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.781855][ T5836] CPU: 2 UID: 0 PID: 5836 Comm: syz.0.108 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[   86.786043][ T5836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.790850][ T5836] Call Trace:
[   86.792357][ T5836]  <TASK>
[   86.794041][ T5836]  dump_stack_lvl+0x16c/0x1f0
[   86.796074][ T5836]  should_fail_ex+0x497/0x5b0
[   86.797925][ T5836]  _copy_from_user+0x30/0xf0
[   86.799724][ T5836]  restore_sigcontext+0xcc/0x6a0
[   86.801884][ T5836]  ? __pfx_restore_sigcontext+0x10/0x10
[   86.804292][ T5836]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.806372][ T5836]  ? lockdep_hardirqs_on+0x7c/0x110
[   86.808447][ T5836]  __do_sys_rt_sigreturn+0x138/0x230
[   86.810597][ T5836]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[   86.812871][ T5836]  do_syscall_64+0xcd/0x250
[   86.814737][ T5836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.817167][ T5836] RIP: 0033:0x7fc775912cb9
[   86.819241][ T5836] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   86.827070][ T5836] RSP: 002b:00007fc77678a380 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   86.830453][ T5836] RAX: ffffffffffffffda RBX: 00007fc775b05f80 RCX: 00007fc775912cb9
[   86.833487][ T5836] RDX: 00007fc77678a380 RSI: 00007fc77678a4b0 RDI: 0000000000000021
[   86.836870][ T5836] RBP: 00007fc77678b0a0 R08: 0000000000000000 R09: 0000000000000000
[   86.839925][ T5836] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[   86.843155][ T5836] R13: 000000000000000b R14: 00007fc775b05f80 R15: 00007fff189bc1b8
[   86.846228][ T5836]  </TASK>
[   87.078326][   T10] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   87.278155][   T10] usb 5-1: Using ep0 maxpacket: 8
[   87.282319][   T10] usb 5-1: config 0 has no interfaces?
[   87.284426][   T10] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   87.288534][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.298355][   T10] usb 5-1: config 0 descriptor??
[   87.437584][ T5853] ALSA: seq fatal error: cannot create timer (-22)
[   87.445216][ T5853] Cannot find add_set index 0 as target
[   87.680539][   T10] usb 5-1: USB disconnect, device number 6
[   88.250496][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.257359][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.261017][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.264207][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.264946][   T39] audit: type=1400 audit(1722169614.478:296): avc:  denied  { rename } for  pid=4807 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   88.267542][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.282212][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.285683][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.290868][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.291706][   T39] audit: type=1400 audit(1722169614.478:297): avc:  denied  { unlink } for  pid=4807 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   88.294362][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.306866][   T39] audit: type=1400 audit(1722169614.478:298): avc:  denied  { create } for  pid=4807 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   88.310971][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.324786][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.327739][   T39] audit: type=1400 audit(1722169614.538:299): avc:  denied  { write } for  pid=5857 comm="syz.2.114" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   88.328316][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.351718][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.355079][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.358724][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.361937][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.365203][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.368634][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.371905][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.375310][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.378941][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.384087][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.397899][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.402320][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.406010][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.412458][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.419638][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.428243][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.430999][ T5863] kvm: emulating exchange as write
[   88.431719][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.448144][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.451695][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.455782][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.464600][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.468178][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.471419][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.474804][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.478691][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.481787][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.485114][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.488940][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.491954][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.495464][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.498680][  T831] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   88.503527][ T5866] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[   88.508597][  T831] hid-generic 0000:0000:0000.0006: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   88.790013][ T5879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.119'.
[   88.794337][ T5879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.119'.
[   88.934156][ T5882] ALSA: seq fatal error: cannot create timer (-22)
[   88.946262][ T5882] Cannot find add_set index 0 as target
[   89.108816][   T39] audit: type=1400 audit(1722169615.318:300): avc:  denied  { read } for  pid=5883 comm="syz.3.121" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   89.125523][ T5884] "syz.3.121" (5884) uses obsolete ecb(arc4) skcipher
[   89.128268][   T39] audit: type=1400 audit(1722169615.318:301): avc:  denied  { open } for  pid=5883 comm="syz.3.121" path="/dev/sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   89.139208][   T39] audit: type=1400 audit(1722169615.328:302): avc:  denied  { append } for  pid=5886 comm="syz.2.122" name="nvram" dev="devtmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   89.178216][ T5884] program syz.3.121 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   89.366962][ T5891] netlink: 12 bytes leftover after parsing attributes in process `syz.2.122'.
[   90.030440][ T5902] ALSA: seq fatal error: cannot create timer (-22)
[   90.116744][ T5912] fuse: Unknown parameter '0x0000000000000005'
[   90.126178][ T5902] Cannot find add_set index 0 as target
[   90.210617][ T5347] Bluetooth: hci3: Malformed LE Event: 0x02
[   91.016469][   T39] kauditd_printk_skb: 81 callbacks suppressed
[   91.016484][   T39] audit: type=1400 audit(1722169617.228:384): avc:  denied  { connect } for  pid=5918 comm="syz.1.131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   91.031555][   T39] audit: type=1400 audit(1722169617.238:385): avc:  denied  { listen } for  pid=5918 comm="syz.1.131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   91.043598][   T39] audit: type=1400 audit(1722169617.238:386): avc:  denied  { append } for  pid=5922 comm="syz.0.132" name="nvram" dev="devtmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   91.056960][   T39] audit: type=1400 audit(1722169617.258:387): avc:  denied  { setopt } for  pid=5918 comm="syz.1.131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   91.157365][ T5930] FAULT_INJECTION: forcing a failure.
[   91.157365][ T5930] name failslab, interval 1, probability 0, space 0, times 0
[   91.167735][ T5930] CPU: 2 UID: 0 PID: 5930 Comm: syz.2.134 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[   91.171947][ T5930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.176381][ T5930] Call Trace:
[   91.177889][ T5930]  <TASK>
[   91.179106][ T5930]  dump_stack_lvl+0x16c/0x1f0
[   91.181046][ T5930]  should_fail_ex+0x497/0x5b0
[   91.183250][ T5930]  ? fs_reclaim_acquire+0xae/0x160
[   91.185589][ T5930]  should_failslab+0xc2/0x120
[   91.187750][ T5930]  __kmalloc_noprof+0xcb/0x400
[   91.189856][ T5930]  ? __pfx_lock_acquire+0x10/0x10
[   91.192022][ T5930]  tomoyo_realpath_from_path+0xb9/0x720
[   91.194535][ T5930]  ? tomoyo_profile+0x47/0x60
[   91.196863][ T5930]  tomoyo_path_number_perm+0x245/0x590
[   91.199541][ T5930]  ? tomoyo_path_number_perm+0x232/0x590
[   91.202091][ T5930]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   91.204630][ T5930]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   91.206929][ T5930]  ? __fget_files+0x256/0x400
[   91.208981][ T5930]  security_file_ioctl+0x75/0xc0
[   91.211171][ T5930]  __x64_sys_ioctl+0xbb/0x220
[   91.213244][ T5930]  do_syscall_64+0xcd/0x250
[   91.215157][ T5930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.217821][ T5930] RIP: 0033:0x7fe3f3177299
[   91.219720][ T5930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.228984][ T5930] RSP: 002b:00007fe3f3ea8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   91.232663][ T5930] RAX: ffffffffffffffda RBX: 00007fe3f3305f80 RCX: 00007fe3f3177299
[   91.236103][ T5930] RDX: 0000000020000040 RSI: 00000000c1485544 RDI: 0000000000000003
[   91.240413][ T5930] RBP: 00007fe3f3ea80a0 R08: 0000000000000000 R09: 0000000000000000
[   91.244031][ T5930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.248059][ T5930] R13: 000000000000000b R14: 00007fe3f3305f80 R15: 00007ffcfb044428
[   91.252244][ T5930]  </TASK>
[   91.265574][ T5930] ERROR: Out of memory at tomoyo_realpath_from_path.
[   91.386496][ T5938] fuse: Unknown parameter '0x0000000000000005'
[   91.420320][ T5939] ALSA: seq fatal error: cannot create timer (-22)
[   91.426627][ T5939] Cannot find add_set index 0 as target
[   91.431929][ T5940] ALSA: seq fatal error: cannot create timer (-22)
[   91.508370][ T5940] Cannot find add_set index 0 as target
[   91.607078][ T5944] ALSA: seq fatal error: cannot create timer (-22)
[   91.631914][ T5944] Cannot find add_set index 0 as target
[   91.753810][ T5943] netlink: 12 bytes leftover after parsing attributes in process `syz.0.132'.
[   92.429417][   T39] audit: type=1400 audit(1722169618.648:388): avc:  denied  { mount } for  pid=5948 comm="syz.2.142" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   92.445852][ T5949] overlayfs: missing 'lowerdir'
[   92.510901][   T39] audit: type=1400 audit(1722169618.728:389): avc:  denied  { read append } for  pid=5951 comm="syz.1.144" name="rtc0" dev="devtmpfs" ino=867 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   92.528939][   T39] audit: type=1400 audit(1722169618.728:390): avc:  denied  { open } for  pid=5951 comm="syz.1.144" path="/dev/rtc0" dev="devtmpfs" ino=867 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   92.543383][   T39] audit: type=1400 audit(1722169618.728:391): avc:  denied  { ioctl } for  pid=5951 comm="syz.1.144" path="/dev/rtc0" dev="devtmpfs" ino=867 ioctlcmd=0x7013 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   92.603472][ T5347] Bluetooth: hci2: Malformed LE Event: 0x02
[   92.606324][   T39] audit: type=1400 audit(1722169618.818:392): avc:  denied  { execute } for  pid=5958 comm="syz.0.145" path="/40/cpu.stat" dev="tmpfs" ino=233 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   92.616103][   T39] audit: type=1400 audit(1722169618.828:393): avc:  denied  { module_request } for  pid=5958 comm="syz.0.145" kmod="net-pf-16-proto-16-family-" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   92.815231][ T5968] fuse: Unknown parameter '0x0000000000000005'
[   93.035725][ T5972] ALSA: seq fatal error: cannot create timer (-22)
[   93.051966][ T5972] Cannot find add_set index 0 as target
[   93.612432][ T5979] ALSA: seq fatal error: cannot create timer (-22)
[   93.650823][ T5979] Cannot find add_set index 0 as target
[   93.749304][ T5983] ALSA: seq fatal error: cannot create timer (-22)
[   93.756115][ T5983] Cannot find add_set index 0 as target
[   93.905232][ T5974] netlink: 12 bytes leftover after parsing attributes in process `syz.3.149'.
[   94.242639][ T5988] input: syz0 as /devices/virtual/input/input12
[   94.428634][ T5992] input: syz0 as /devices/virtual/input/input13
[   94.455641][ T5988] dccp_invalid_packet: invalid packet type
[   94.602259][ T5992] dccp_invalid_packet: invalid packet type
[   94.821181][ T6001] fuse: Unknown parameter 'fd0x0000000000000005'
[   94.964332][ T5347] Bluetooth: hci0: Malformed LE Event: 0x02
[   96.062484][ T6016] ALSA: seq fatal error: cannot create timer (-22)
[   96.085110][ T6016] Cannot find add_set index 0 as target
[   96.115860][   T39] kauditd_printk_skb: 9 callbacks suppressed
[   96.115877][   T39] audit: type=1400 audit(1722169622.328:403): avc:  denied  { create } for  pid=6014 comm="syz.3.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   96.963295][ T6025] FAULT_INJECTION: forcing a failure.
[   96.963295][ T6025] name failslab, interval 1, probability 0, space 0, times 0
[   96.969697][ T6025] CPU: 2 UID: 0 PID: 6025 Comm: syz.2.162 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[   96.974237][ T6025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.980950][ T6025] Call Trace:
[   96.982598][ T6025]  <TASK>
[   96.983869][ T6025]  dump_stack_lvl+0x16c/0x1f0
[   96.985991][ T6025]  should_fail_ex+0x497/0x5b0
[   97.001370][ T6025]  ? fs_reclaim_acquire+0xae/0x160
[   97.004649][ T6025]  should_failslab+0xc2/0x120
[   97.006760][ T6025]  kmem_cache_alloc_noprof+0x6e/0x2f0
[   97.009129][ T6025]  ? security_file_alloc+0x41/0x260
[   97.011346][ T6025]  security_file_alloc+0x41/0x260
[   97.013518][ T6025]  ? kmem_cache_alloc_noprof+0x174/0x2f0
[   97.015901][ T6025]  init_file+0x99/0x260
[   97.021650][ T6025]  alloc_empty_file+0x91/0x1e0
[   97.023823][ T6025]  alloc_file_pseudo+0x147/0x210
[   97.026041][ T6025]  ? __pfx_alloc_file_pseudo+0x10/0x10
[   97.028520][ T6025]  ? security_inode_alloc+0x19e/0x240
[   97.031157][ T6025]  ? inode_init_always+0xc77/0xf80
[   97.033786][ T6025]  sock_alloc_file+0x50/0x1d0
[   97.035811][ T6025]  do_accept+0x2a8/0x540
[   97.037696][ T6025]  ? __pfx_do_accept+0x10/0x10
[   97.039819][ T6025]  __sys_accept4+0x102/0x1c0
[   97.041650][ T6025]  ? __pfx___sys_accept4+0x10/0x10
[   97.043556][ T6025]  ? ksys_write+0x1ab/0x260
[   97.045278][ T6025]  ? __pfx_ksys_write+0x10/0x10
[   97.047168][ T6025]  __x64_sys_accept+0x74/0xb0
[   97.048978][ T6025]  ? lockdep_hardirqs_on+0x7c/0x110
[   97.051091][ T6025]  do_syscall_64+0xcd/0x250
[   97.052897][ T6025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.055476][ T6025] RIP: 0033:0x7fe3f3177299
[   97.057501][ T6025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.065247][ T6025] RSP: 002b:00007fe3f3ea8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[   97.069216][ T6025] RAX: ffffffffffffffda RBX: 00007fe3f3305f80 RCX: 00007fe3f3177299
[   97.074340][ T6025] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   97.079046][ T6025] RBP: 00007fe3f3ea80a0 R08: 0000000000000000 R09: 0000000000000000
[   97.084108][ T6025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.088647][ T6025] R13: 000000000000000b R14: 00007fe3f3305f80 R15: 00007ffcfb044428
[   97.092779][ T6025]  </TASK>
[   97.338279][ T6031] ALSA: seq fatal error: cannot create timer (-22)
[   97.353125][ T6031] Cannot find add_set index 0 as target
[   97.703411][ T6034] ALSA: seq fatal error: cannot create timer (-22)
[   97.715050][ T6034] Cannot find add_set index 0 as target
[   97.904087][ T6040] fuse: Unknown parameter 'fd0x0000000000000005'
[   98.326292][ T5347] Bluetooth: hci3: Malformed LE Event: 0x02
[   99.154624][ T6056] Cannot find add_set index 0 as target
[   99.248263][   T39] audit: type=1400 audit(1722169625.458:404): avc:  denied  { read } for  pid=6059 comm="syz.3.172" name="card1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   99.299044][   T39] audit: type=1400 audit(1722169625.458:405): avc:  denied  { open } for  pid=6059 comm="syz.3.172" path="/dev/dri/card1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   99.311781][   T39] audit: type=1400 audit(1722169625.458:406): avc:  denied  { ioctl } for  pid=6059 comm="syz.3.172" path="/dev/dri/card1" dev="devtmpfs" ino=638 ioctlcmd=0x640d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   99.336441][ T6064] input: syz0 as /devices/virtual/input/input16
[   99.349109][   T39] audit: type=1400 audit(1722169625.568:407): avc:  denied  { create } for  pid=6059 comm="syz.3.172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   99.492818][ T6064] dccp_invalid_packet: invalid packet type
[   99.812281][ T6067] netlink: 12 bytes leftover after parsing attributes in process `syz.1.167'.
[  100.192219][ T6074] fuse: Unknown parameter 'fd0x0000000000000005'
[  100.381998][ T6081] input: syz0 as /devices/virtual/input/input19
[  100.570940][ T6081] dccp_invalid_packet: invalid packet type
[  101.064374][ T5347] Bluetooth: hci1: Malformed LE Event: 0x02
[  102.155543][ T6097] ALSA: seq fatal error: cannot create timer (-22)
[  102.170618][ T6097] Cannot find add_set index 0 as target
[  102.990733][ T6103] Cannot find add_set index 0 as target
[  102.999467][ T6102] input: syz0 as /devices/virtual/input/input21
[  103.224056][ T6102] dccp_invalid_packet: invalid packet type
[  103.280222][ T6106] Cannot find add_set index 0 as target
[  103.573547][   T39] audit: type=1400 audit(1722169629.788:408): avc:  denied  { name_bind } for  pid=6110 comm="syz.0.185" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  103.625021][   T39] audit: type=1400 audit(1722169629.788:409): avc:  denied  { setopt } for  pid=6110 comm="syz.0.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  103.874809][   T39] audit: type=1400 audit(1722169630.088:410): avc:  denied  { mount } for  pid=6113 comm="syz.2.186" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  103.951346][   T39] audit: type=1400 audit(1722169630.168:411): avc:  denied  { unmount } for  pid=5333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  104.199024][ T5347] Bluetooth: hci0: Malformed LE Event: 0x02
[  104.332776][ T6122] input: syz0 as /devices/virtual/input/input23
[  104.427954][ T6122] dccp_invalid_packet: invalid packet type
[  105.545074][   T39] audit: type=1400 audit(1722169631.748:412): avc:  denied  { bind } for  pid=6128 comm="syz.2.190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  105.791279][ T6137] netlink: 'syz.0.191': attribute type 8 has an invalid length.
[  105.795068][ T6137] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  105.902444][ T6137] ieee802154 phy0 wpan0: encryption failed: -22
[  105.906499][   T39] audit: type=1400 audit(1722169632.118:413): avc:  denied  { write } for  pid=6134 comm="syz.0.191" path="socket:[11531]" dev="sockfs" ino=11531 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  106.215355][ T6140] input: syz0 as /devices/virtual/input/input25
[  106.392388][ T6140] dccp_invalid_packet: invalid packet type
[  106.450863][ T6149] Cannot find add_set index 0 as target
[  106.835504][ T6153] Cannot find add_set index 0 as target
[  107.152798][   T39] audit: type=1400 audit(1722169633.358:414): avc:  denied  { write } for  pid=6154 comm="syz.3.197" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  107.172280][ T5347] Bluetooth: hci2: unexpected subevent 0x1a length: 10 > 6
[  107.680408][ T5347] Bluetooth: hci2: Malformed LE Event: 0x02
[  108.618217][   T39] audit: type=1400 audit(1722169634.818:415): avc:  denied  { name_bind } for  pid=6172 comm="syz.0.200" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  108.638876][   T39] audit: type=1400 audit(1722169634.818:416): avc:  denied  { node_bind } for  pid=6172 comm="syz.0.200" saddr=224.0.0.1 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  108.765786][ T6178] input: syz0 as /devices/virtual/input/input27
[  108.986871][ T6178] dccp_invalid_packet: invalid packet type
[  109.221925][ T5347] Bluetooth: hci2: command tx timeout
[  109.357824][ T6191] input: syz0 as /devices/virtual/input/input29
[  109.447375][ T6191] dccp_invalid_packet: invalid packet type
[  109.673343][ T6197] Cannot find add_set index 0 as target
[  111.046121][ T6208] netlink: 'syz.2.210': attribute type 10 has an invalid length.
[  111.748436][ T6208] team0: Port device wlan1 added
[  111.851191][ T6209] Cannot find add_set index 0 as target
[  111.997436][    C3] vkms_vblank_simulate: vblank timer overrun
[  112.049167][ T5347] Bluetooth: hci3: Malformed LE Event: 0x02
[  112.452449][ T6224] input: syz0 as /devices/virtual/input/input31
[  112.515822][ T6224] dccp_invalid_packet: invalid packet type
[  112.569163][ T5379] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  112.638571][ T6231] sch_tbf: burst 2 is lower than device netdevsim0 mtu (1514) !
[  112.693329][ T6230] Cannot find add_set index 0 as target
[  112.821084][ T5379] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.832191][ T5379] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.837687][ T5379] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  112.842683][ T5379] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.862737][ T5379] usb 7-1: config 0 descriptor??
[  113.327136][ T5379] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0
[  113.353908][ T5379] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0D8C:0022.0007/input/input33
[  113.400352][ T5379] cm6533_jd 0003:0D8C:0022.0007: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[  113.521253][   T39] audit: type=1400 audit(1722169639.738:417): avc:  denied  { name_bind } for  pid=6214 comm="syz.2.212" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  113.540647][ T6215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.554375][ T6215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.638301][   T39] audit: type=1400 audit(1722169639.838:418): avc:  denied  { accept } for  pid=6244 comm="syz.0.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  113.823327][   T10] usb 7-1: USB disconnect, device number 2
[  113.975213][   T39] audit: type=1400 audit(1722169640.188:419): avc:  denied  { read } for  pid=6244 comm="syz.0.221" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  113.986536][   T39] audit: type=1400 audit(1722169640.188:420): avc:  denied  { open } for  pid=6244 comm="syz.0.221" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  114.336628][ T6257] input: syz0 as /devices/virtual/input/input34
[  114.444152][ T6257] dccp_invalid_packet: invalid packet type
[  114.651916][   T39] audit: type=1400 audit(1722169640.868:421): avc:  denied  { ioctl } for  pid=6263 comm="syz.1.226" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13572 ioctlcmd=0x9420 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  114.672153][ T6264] netlink: 'syz.1.226': attribute type 2 has an invalid length.
[  114.676157][ T6264] netlink: 'syz.1.226': attribute type 1 has an invalid length.
[  114.681921][ T6264] netlink: 60 bytes leftover after parsing attributes in process `syz.1.226'.
[  114.696891][ T6264] netlink: 9412 bytes leftover after parsing attributes in process `syz.1.226'.
[  114.705505][ T6264] netlink: 248 bytes leftover after parsing attributes in process `syz.1.226'.
[  114.937984][   T39] audit: type=1400 audit(1722169641.148:422): avc:  denied  { write } for  pid=6267 comm="syz.1.227" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  115.102195][ T6276] Cannot find add_set index 0 as target
[  115.208312][   T10] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  115.418452][   T10] usb 6-1: Using ep0 maxpacket: 16
[  115.431654][   T10] usb 6-1: config 1 has an invalid interface number: 2 but max is 0
[  115.435748][   T10] usb 6-1: config 1 has no interface number 0
[  115.440999][   T10] usb 6-1: config 1 interface 2 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.446546][   T10] usb 6-1: config 1 interface 2 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 128
[  115.455627][   T10] usb 6-1: config 1 interface 2 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  115.495560][   T10] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  115.508009][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  115.526205][   T10] usb 6-1: SerialNumber: syz
[  115.543314][ T6268] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  115.971988][ T6286] ip6gretap0 speed is unknown, defaulting to 1000
[  116.761364][   T39] audit: type=1400 audit(1722169642.978:423): avc:  denied  { create } for  pid=6292 comm="syz.3.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  116.784204][   T39] audit: type=1400 audit(1722169642.978:424): avc:  denied  { write } for  pid=6292 comm="syz.3.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  116.821548][   T39] audit: type=1400 audit(1722169643.038:425): avc:  denied  { accept } for  pid=6292 comm="syz.3.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  117.019983][   T39] audit: type=1400 audit(1722169643.238:426): avc:  denied  { write } for  pid=6297 comm="syz.2.235" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  117.110616][   T39] audit: type=1400 audit(1722169643.328:427): avc:  denied  { bind } for  pid=6297 comm="syz.2.235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  117.120027][ T6299] Bluetooth: MGMT ver 1.23
[  117.219638][ T5397] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  117.259412][    C0] hrtimer: interrupt took 2964820 ns
[  117.449058][ T5397] usb 8-1: Using ep0 maxpacket: 8
[  117.471329][ T5397] usb 8-1: config 0 has no interfaces?
[  117.495028][ T5397] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  117.499846][ T5397] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.503866][ T5397] usb 8-1: Product: syz
[  117.506484][ T5397] usb 8-1: Manufacturer: syz
[  117.509170][ T5397] usb 8-1: SerialNumber: syz
[  117.516533][ T5397] usb 8-1: config 0 descriptor??
[  117.648204][  T989] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  117.824703][ T6302] netlink: 4 bytes leftover after parsing attributes in process `syz.3.234'.
[  117.850730][  T989] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  117.856069][  T989] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  117.864326][  T989] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  117.870723][  T989] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.881452][  T989] usb 5-1: config 0 descriptor??
[  118.158614][   T10] cdc_acm 6-1:1.2: ttyACM0: USB ACM device
[  118.220032][ T6309] netlink: 28 bytes leftover after parsing attributes in process `syz.0.236'.
[  118.256026][   T10] usb 6-1: USB disconnect, device number 7
[  118.430335][ T5379] usb 8-1: USB disconnect, device number 2
[  119.277968][ T6326] netlink: 'syz.3.242': attribute type 10 has an invalid length.
[  119.308948][ T6326] team0: Port device wlan1 added
[  120.059838][ T6333] input: syz0 as /devices/virtual/input/input36
[  120.101733][  T989] usbhid 5-1:0.0: can't add hid device: -71
[  120.104721][  T989] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  120.119537][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  120.119558][   T39] audit: type=1400 audit(1722169646.338:431): avc:  denied  { mounton } for  pid=6334 comm="syz.2.245" path="/proc/191/task" dev="proc" ino=14398 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  120.123698][  T989] usb 5-1: USB disconnect, device number 7
[  120.138007][   T39] audit: type=1400 audit(1722169646.338:432): avc:  denied  { mount } for  pid=6334 comm="syz.2.245" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  120.170750][ T6333] dccp_invalid_packet: invalid packet type
[  120.822384][  T989] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  121.020572][  T989] usb 6-1: config 0 has no interfaces?
[  121.023452][  T989] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  121.027564][  T989] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.034801][  T989] usb 6-1: config 0 descriptor??
[  121.316122][ T5379] usb 6-1: USB disconnect, device number 8
[  121.388184][  T833] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  121.584729][  T833] usb 7-1: config 0 has no interfaces?
[  121.587250][  T833] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  121.591177][  T833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.596868][  T833] usb 7-1: config 0 descriptor??
[  121.877770][ T6361] netlink: 12 bytes leftover after parsing attributes in process `syz.1.252'.
[  121.882060][ T6361] netlink: 24 bytes leftover after parsing attributes in process `syz.1.252'.
[  121.941005][   T10] usb 7-1: USB disconnect, device number 3
[  122.797727][    C2] vkms_vblank_simulate: vblank timer overrun
[  122.943385][    C2] vkms_vblank_simulate: vblank timer overrun
[  123.014808][ T6385] input: syz0 as /devices/virtual/input/input38
[  123.039375][   T39] audit: type=1400 audit(1722169649.258:433): avc:  denied  { read } for  pid=6388 comm="syz.1.261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  123.156897][ T6385] dccp_invalid_packet: invalid packet type
[  123.158934][ T6394] input: syz1 as /devices/virtual/input/input39
[  123.208231][  T833] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  123.265834][ T6397] use of bytesused == 0 is deprecated and will be removed in the future,
[  123.271000][ T6397] use the actual size instead.
[  123.413490][  T833] usb 7-1: config 0 has no interfaces?
[  123.415913][  T833] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  123.428181][  T833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.438482][  T833] usb 7-1: config 0 descriptor??
[  123.710732][   T35] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  123.751398][  T833] usb 7-1: USB disconnect, device number 4
[  123.941228][   T35] usb 6-1: config 0 has no interfaces?
[  123.943900][   T35] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  123.947697][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.954957][   T35] usb 6-1: config 0 descriptor??
[  124.189284][    C2] vkms_vblank_simulate: vblank timer overrun
[  124.284596][  T833] usb 6-1: USB disconnect, device number 9
[  125.427860][   T39] audit: type=1400 audit(1722169651.638:434): avc:  denied  { setopt } for  pid=6426 comm="syz.2.272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  125.746496][   T39] audit: type=1400 audit(1722169651.958:435): avc:  denied  { sqpoll } for  pid=6433 comm="syz.2.273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  126.201708][   T39] audit: type=1400 audit(1722169652.418:436): avc:  denied  { create } for  pid=6446 comm="syz.1.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  126.350568][  T833] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  126.508190][ T5396] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  126.558904][  T833] usb 7-1: config 0 has no interfaces?
[  126.561862][  T833] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  126.567240][  T833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.585002][  T833] usb 7-1: config 0 descriptor??
[  126.622196][   T39] audit: type=1400 audit(1722169652.838:437): avc:  denied  { write } for  pid=6452 comm="syz.3.279" name="001" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  126.711064][ T5396] usb 5-1: config 0 has no interfaces?
[  126.713372][ T5396] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  126.717005][ T5396] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.827166][ T5396] usb 5-1: config 0 descriptor??
[  126.881337][   T35] usb 7-1: USB disconnect, device number 5
[  127.217474][ T5379] usb 5-1: USB disconnect, device number 8
[  127.731752][   T39] audit: type=1400 audit(1722169653.938:438): avc:  denied  { connect } for  pid=6477 comm="syz.1.283" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  127.807023][   T39] audit: type=1400 audit(1722169654.018:439): avc:  denied  { mounton } for  pid=6477 comm="syz.1.283" path="/55/file1" dev="tmpfs" ino=311 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  127.817227][   T39] audit: type=1400 audit(1722169654.028:440): avc:  denied  { setopt } for  pid=6477 comm="syz.1.283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  129.214031][ T6498] netlink: 8 bytes leftover after parsing attributes in process `syz.1.289'.
[  129.321159][    T8] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  129.560127][    T8] usb 5-1: config 0 has no interfaces?
[  129.563181][    T8] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  129.567755][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.574924][    T8] usb 5-1: config 0 descriptor??
[  129.868307][  T830] usb 5-1: USB disconnect, device number 9
[  130.275192][   T39] audit: type=1400 audit(1722169656.488:441): avc:  denied  { setopt } for  pid=6518 comm="syz.2.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  130.285372][   T39] audit: type=1400 audit(1722169656.498:442): avc:  denied  { create } for  pid=6518 comm="syz.2.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  130.295002][   T39] audit: type=1400 audit(1722169656.508:443): avc:  denied  { setopt } for  pid=6518 comm="syz.2.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  130.450984][   T39] kauditd_printk_skb: 11 callbacks suppressed
[  130.450999][   T39] audit: type=1400 audit(1722169656.668:455): avc:  denied  { write } for  pid=6520 comm="syz.3.295" name="nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  130.469458][   T39] audit: type=1400 audit(1722169656.668:456): avc:  denied  { ioctl } for  pid=6520 comm="syz.3.295" path="/dev/nullb0" dev="devtmpfs" ino=693 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  130.508793][   T39] audit: type=1400 audit(1722169656.728:457): avc:  denied  { setopt } for  pid=6520 comm="syz.3.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  130.746672][   T39] audit: type=1400 audit(1722169656.958:458): avc:  denied  { shutdown } for  pid=6520 comm="syz.3.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  130.923809][ T6539] vlan0: entered promiscuous mode
[  130.926214][ T6539] vlan0: entered allmulticast mode
[  130.939176][ T6539] veth0_vlan: entered allmulticast mode
[  130.948679][ T6539] team0: Port device vlan0 added
[  130.955673][   T39] audit: type=1400 audit(1722169657.168:459): avc:  denied  { ioctl } for  pid=6538 comm="syz.1.301" path="socket:[15403]" dev="sockfs" ino=15403 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  130.966885][   T39] audit: type=1400 audit(1722169657.178:460): avc:  denied  { mounton } for  pid=6538 comm="syz.1.301" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  131.021049][   T39] audit: type=1400 audit(1722169657.238:461): avc:  denied  { create } for  pid=6541 comm="syz.1.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  131.101221][   T39] audit: type=1400 audit(1722169657.308:462): avc:  denied  { unmount } for  pid=5540 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  131.690239][ T6561] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  131.708249][   T39] audit: type=1400 audit(1722169657.928:463): avc:  denied  { bind } for  pid=6558 comm="syz.3.308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  131.718873][   T39] audit: type=1400 audit(1722169657.938:464): avc:  denied  { name_bind } for  pid=6558 comm="syz.3.308" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  131.858418][ T5379] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  132.032999][ T6569] Cannot find add_set index 0 as target
[  132.051689][ T5379] usb 7-1: config 0 has no interfaces?
[  132.053875][ T5379] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  132.057390][ T5379] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.063505][ T5379] usb 7-1: config 0 descriptor??
[  132.435263][    T8] usb 7-1: USB disconnect, device number 6
[  134.289190][ T6598] Cannot find add_set index 0 as target
[  134.424901][ T6600] netlink: 12 bytes leftover after parsing attributes in process `syz.0.318'.
[  135.118265][ T1298] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  135.316722][ T1298] usb 7-1: config 0 has no interfaces?
[  135.319344][ T1298] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  135.323508][ T1298] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.334217][ T1298] usb 7-1: config 0 descriptor??
[  135.614683][ T5347] Bluetooth: hci2: Malformed LE Event: 0x02
[  135.640718][  T989] usb 7-1: USB disconnect, device number 7
[  136.251951][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  136.251961][   T39] audit: type=1400 audit(1722169662.468:468): avc:  denied  { connect } for  pid=6627 comm="syz.2.327" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  136.268170][   T39] audit: type=1400 audit(1722169662.478:469): avc:  denied  { name_connect } for  pid=6627 comm="syz.2.327" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  136.521745][ T6643] Cannot find add_set index 0 as target
[  136.623073][ T6644] netlink: 8 bytes leftover after parsing attributes in process `syz.2.331'.
[  136.628511][   T39] audit: type=1400 audit(1722169662.838:470): avc:  denied  { shutdown } for  pid=6636 comm="syz.2.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  136.668369][   T39] audit: type=1400 audit(1722169662.838:471): avc:  denied  { name_connect } for  pid=6636 comm="syz.2.331" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  136.693652][ T5347] Bluetooth: hci3: Malformed LE Event: 0x02
[  137.339645][    C3] vkms_vblank_simulate: vblank timer overrun
[  137.358253][ T1298] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  137.396721][    C3] vkms_vblank_simulate: vblank timer overrun
[  137.586515][ T1298] usb 7-1: config 0 has no interfaces?
[  137.589142][ T1298] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  137.596909][ T1298] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.614548][ T1298] usb 7-1: config 0 descriptor??
[  137.816359][ T6655] netlink: 8 bytes leftover after parsing attributes in process `syz.0.335'.
[  137.952157][  T989] usb 7-1: USB disconnect, device number 8
[  138.017771][ T5347] Bluetooth: hci2: Malformed LE Event: 0x02
[  138.540762][ T6695] Cannot find add_set index 0 as target
[  138.572539][ T1384] ieee802154 phy0 wpan0: encryption failed: -22
[  138.575437][ T1384] ieee802154 phy1 wpan1: encryption failed: -22
[  139.060010][ T6711] netlink: 24 bytes leftover after parsing attributes in process `syz.2.352'.
[  139.075585][ T6711] netlink: 20 bytes leftover after parsing attributes in process `syz.2.352'.
[  139.083436][ T6711] netlink: 8 bytes leftover after parsing attributes in process `syz.2.352'.
[  139.089828][ T6711] fuse: Unknown parameter '
­ð0xffffffffffffffff'
[  139.101533][   T39] audit: type=1400 audit(1722169665.308:472): avc:  denied  { create } for  pid=6712 comm="syz.3.353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  139.111718][   T39] audit: type=1400 audit(1722169665.308:473): avc:  denied  { bind } for  pid=6712 comm="syz.3.353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  139.120717][   T39] audit: type=1400 audit(1722169665.308:474): avc:  denied  { name_bind } for  pid=6712 comm="syz.3.353" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  139.146463][   T39] audit: type=1400 audit(1722169665.308:475): avc:  denied  { node_bind } for  pid=6712 comm="syz.3.353" saddr=::ffff:172.20.20.187 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  139.194378][ T6715] CIFS: VFS: Malformed UNC in devname
[  139.196216][ T6711] =======================================================
[  139.196216][ T6711] WARNING: The mand mount option has been deprecated and
[  139.196216][ T6711]          and is ignored by this kernel. Remove the mand
[  139.196216][ T6711]          option from the mount to silence this warning.
[  139.196216][ T6711] =======================================================
[  139.211872][   T39] audit: type=1326 audit(1722169665.428:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6714 comm="syz.3.354" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0bfef77299 code=0x0
[  139.244126][   T39] audit: type=1400 audit(1722169665.458:477): avc:  denied  { remount } for  pid=6710 comm="syz.2.352" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  139.317928][ T6722] loop0: detected capacity change from 0 to 7
[  139.333204][ T6722] Dev loop0: unable to read RDB block 7
[  139.335764][ T6722]  loop0: AHDI p4
[  139.337382][ T6722] loop0: partition table partially beyond EOD, truncated
[  139.422089][ T5347] Bluetooth: hci3: Malformed LE Event: 0x02
[  139.429916][ T6724] Cannot find add_set index 0 as target
[  139.935202][ T6728] FAULT_INJECTION: forcing a failure.
[  139.935202][ T6728] name failslab, interval 1, probability 0, space 0, times 0
[  139.941933][ T6728] CPU: 3 UID: 0 PID: 6728 Comm: syz.2.358 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  139.946847][ T6728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  139.952317][ T6728] Call Trace:
[  139.954127][ T6728]  <TASK>
[  139.955473][ T6728]  dump_stack_lvl+0x16c/0x1f0
[  139.957585][ T6728]  should_fail_ex+0x497/0x5b0
[  139.959981][ T6728]  ? fs_reclaim_acquire+0xae/0x160
[  139.962259][ T6728]  should_failslab+0xc2/0x120
[  139.964370][ T6728]  kmem_cache_alloc_node_noprof+0x71/0x310
[  139.966995][ T6728]  ? __alloc_skb+0x2b1/0x380
[  139.969123][ T6728]  __alloc_skb+0x2b1/0x380
[  139.971465][ T6728]  ? __pfx___alloc_skb+0x10/0x10
[  139.973681][ T6728]  ? hlock_class+0x4e/0x130
[  139.975714][ T6728]  ? __lock_acquire+0x1620/0x3cb0
[  139.977958][ T6728]  __ip6_append_data.isra.0+0x2976/0x4450
[  139.981773][ T6728]  ? __pfx_raw6_getfrag+0x10/0x10
[  139.984089][ T6728]  ? __pfx___ip6_append_data.isra.0+0x10/0x10
[  139.987314][ T6728]  ? ip6_mtu+0x231/0x4a0
[  139.989244][ T6728]  ? ip6_setup_cork+0xbdc/0x1370
[  139.991477][ T6728]  ip6_append_data+0x1e6/0x500
[  139.993686][ T6728]  ? __pfx_raw6_getfrag+0x10/0x10
[  139.995931][ T6728]  rawv6_sendmsg+0x1565/0x43f0
[  139.998180][ T6728]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  140.000553][ T6728]  ? avc_has_perm_noaudit+0x143/0x3a0
[  140.000641][ T6729] Cannot find add_set index 0 as target
[  140.003157][ T6728]  ? avc_has_perm+0x11b/0x1c0
[  140.007678][ T6728]  ? __pfx_avc_has_perm+0x10/0x10
[  140.009944][ T6728]  ? __pfx___lock_acquire+0x10/0x10
[  140.012244][ T6728]  ? hlock_class+0x4e/0x130
[  140.014228][ T6728]  ? mark_lock+0xb5/0xc60
[  140.016099][ T6728]  ? sock_has_perm+0x25a/0x2f0
[  140.018330][ T6728]  ? __pfx_sock_has_perm+0x10/0x10
[  140.020570][ T6728]  ? __import_iovec+0x1fd/0x6e0
[  140.022693][ T6728]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  140.024906][ T6728]  ? inet_sendmsg+0x119/0x140
[  140.027041][ T6728]  inet_sendmsg+0x119/0x140
[  140.029023][ T6728]  ____sys_sendmsg+0x992/0xc90
[  140.031180][ T6728]  ? copy_msghdr_from_user+0x10b/0x160
[  140.033439][ T6728]  ? __pfx_____sys_sendmsg+0x10/0x10
[  140.035775][ T6728]  ? __lock_acquire+0x1620/0x3cb0
[  140.037937][ T6728]  ___sys_sendmsg+0x135/0x1e0
[  140.039813][ T6728]  ? __pfx____sys_sendmsg+0x10/0x10
[  140.041850][ T6728]  ? __pfx___might_resched+0x10/0x10
[  140.044166][ T6728]  ? __might_fault+0xe3/0x190
[  140.046253][ T6728]  __sys_sendmmsg+0x1a1/0x450
[  140.048400][ T6728]  ? __pfx___sys_sendmmsg+0x10/0x10
[  140.050591][ T6728]  ? vfs_write+0x14d/0x1140
[  140.052402][ T6728]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  140.055085][ T6728]  ? fput+0x32/0x390
[  140.056838][ T6728]  ? ksys_write+0x1ab/0x260
[  140.058940][ T6728]  ? __pfx_ksys_write+0x10/0x10
[  140.061077][ T6728]  __x64_sys_sendmmsg+0x9c/0x100
[  140.063308][ T6728]  ? lockdep_hardirqs_on+0x7c/0x110
[  140.065626][ T6728]  do_syscall_64+0xcd/0x250
[  140.067688][ T6728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.070393][ T6728] RIP: 0033:0x7fe3f3177299
[  140.072322][ T6728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.080963][ T6728] RSP: 002b:00007fe3f3ea8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  140.085668][ T6728] RAX: ffffffffffffffda RBX: 00007fe3f3305f80 RCX: 00007fe3f3177299
[  140.089464][ T6728] RDX: 00000000000002e9 RSI: 0000000020000480 RDI: 0000000000000003
[  140.093004][ T6728] RBP: 00007fe3f3ea80a0 R08: 0000000000000000 R09: 0000000000000000
[  140.096701][ T6728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.100187][ T6728] R13: 000000000000000b R14: 00007fe3f3305f80 R15: 00007ffcfb044428
[  140.104320][ T6728]  </TASK>
[  141.110028][ T5347] Bluetooth: hci3: Malformed LE Event: 0x02
[  141.467613][   T39] kauditd_printk_skb: 8 callbacks suppressed
[  141.467623][   T39] audit: type=1400 audit(1722169667.678:486): avc:  denied  { create } for  pid=6757 comm="syz.0.367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  141.478204][   T39] audit: type=1400 audit(1722169667.688:487): avc:  denied  { write } for  pid=6757 comm="syz.0.367" name="kcm" dev="proc" ino=4026533179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  141.486717][   T39] audit: type=1400 audit(1722169667.698:488): avc:  denied  { setopt } for  pid=6757 comm="syz.0.367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  141.709047][ T6775] netlink: 12 bytes leftover after parsing attributes in process `syz.2.371'.
[  141.907007][ T6783] Cannot find add_set index 0 as target
[  142.036421][ T5347] Bluetooth: hci3: Malformed LE Event: 0x02
[  142.502504][   T39] audit: type=1400 audit(1722169668.698:489): avc:  denied  { write } for  pid=6800 comm="syz.3.380" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  142.511967][   T39] audit: type=1400 audit(1722169668.698:490): avc:  denied  { ioctl } for  pid=6800 comm="syz.3.380" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  142.548542][   T39] audit: type=1400 audit(1722169668.698:491): avc:  denied  { setopt } for  pid=6800 comm="syz.3.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  142.562499][   T39] audit: type=1400 audit(1722169668.778:492): avc:  denied  { write } for  pid=6803 comm="syz.0.381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  142.562846][ T6804] netlink: 104 bytes leftover after parsing attributes in process `syz.0.381'.
[  142.572365][   T39] audit: type=1400 audit(1722169668.778:493): avc:  denied  { nlmsg_write } for  pid=6803 comm="syz.0.381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  142.576252][ T6806] netlink: 'syz.0.381': attribute type 29 has an invalid length.
[  142.587490][   T39] audit: type=1400 audit(1722169668.778:494): avc:  denied  { getopt } for  pid=6800 comm="syz.3.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  142.591494][ T6804] netlink: 'syz.0.381': attribute type 29 has an invalid length.
[  142.601633][ T6806] netlink: 'syz.0.381': attribute type 29 has an invalid length.
[  142.605319][ T6804] netlink: 'syz.0.381': attribute type 29 has an invalid length.
[  142.610001][ T6806] netlink: 'syz.0.381': attribute type 29 has an invalid length.
[  142.639686][ T5347] Bluetooth: hci3: unexpected subevent 0x01 length: 23 > 18
[  142.936083][ T6815] overlayfs: missing 'lowerdir'
[  143.186897][ T6828] Cannot find add_set index 0 as target
[  143.266142][ T6826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.388'.
[  143.283481][ T6826] batman_adv: batadv2: Adding interface: netdevsim0
[  143.286081][ T6826] batman_adv: batadv2: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.298334][ T6826] batman_adv: batadv2: Interface activated: netdevsim0
[  143.550541][ T4763] Bluetooth: hci0: Malformed LE Event: 0x02
[  143.701829][ T6837] NILFS (nullb0): couldn't find nilfs on the device
[  144.187056][   T39] audit: type=1400 audit(1722169670.398:495): avc:  denied  { ioctl } for  pid=6846 comm="syz.2.395" path="/dev/binderfs/binder-control" dev="binder" ino=2 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  144.263585][ T6848] loop0: detected capacity change from 0 to 7
[  144.271389][ T6848] Dev loop0: unable to read RDB block 7
[  144.273918][ T6848]  loop0: AHDI p4
[  144.275636][ T6848] loop0: partition table partially beyond EOD, truncated
[  144.628192][ T6860] ALSA: seq fatal error: cannot create timer (-22)
[  144.634425][ T6860] Cannot find add_set index 0 as target
[  145.281315][    C3] vkms_vblank_simulate: vblank timer overrun
[  145.484860][ T4763] Bluetooth: hci0: Malformed LE Event: 0x02
[  146.041596][ T6888] cgroup: Bad value for 'name'
[  146.098429][ T6888] Process accounting resumed
[  146.155435][ T6891] program syz.2.409 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  146.299728][ T6892] xt_policy: too many policy elements
[  146.306214][ T6892] usb usb8: usbfs: process 6892 (syz.2.409) did not claim interface 0 before use
[  146.346115][ T6894] netlink: 36 bytes leftover after parsing attributes in process `syz.3.410'.
[  146.544152][ T6899] FAULT_INJECTION: forcing a failure.
[  146.544152][ T6899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.549767][ T6899] CPU: 1 UID: 0 PID: 6899 Comm: syz.0.412 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  146.553816][ T6899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.558444][ T6899] Call Trace:
[  146.559756][ T6899]  <TASK>
[  146.560906][ T6899]  dump_stack_lvl+0x16c/0x1f0
[  146.563316][ T6899]  should_fail_ex+0x497/0x5b0
[  146.566005][ T6899]  _copy_from_user+0x30/0xf0
[  146.568672][ T6899]  copy_msghdr_from_user+0x99/0x160
[  146.571319][ T6899]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  146.573917][ T6899]  ? find_held_lock+0x2d/0x110
[  146.576018][ T6899]  ? __pfx___lock_acquire+0x10/0x10
[  146.578285][ T6899]  ___sys_sendmsg+0xff/0x1e0
[  146.580279][ T6899]  ? __pfx____sys_sendmsg+0x10/0x10
[  146.582971][ T6899]  ? ksys_write+0x21c/0x260
[  146.585312][ T6899]  ? __fget_light+0x173/0x210
[  146.587493][ T6899]  __sys_sendmsg+0x117/0x1f0
[  146.589545][ T6899]  ? __pfx___sys_sendmsg+0x10/0x10
[  146.591781][ T6899]  do_syscall_64+0xcd/0x250
[  146.593790][ T6899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.596359][ T6899] RIP: 0033:0x7fc775977299
[  146.598356][ T6899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.606696][ T6899] RSP: 002b:00007fc77678b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  146.610804][ T6899] RAX: ffffffffffffffda RBX: 00007fc775b05f80 RCX: 00007fc775977299
[  146.615004][ T6899] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[  146.619043][ T6899] RBP: 00007fc77678b0a0 R08: 0000000000000000 R09: 0000000000000000
[  146.622510][ T6899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.626052][ T6899] R13: 000000000000000b R14: 00007fc775b05f80 R15: 00007fff189bc1b8
[  146.629960][ T6899]  </TASK>
[  146.790099][ T6902] ALSA: seq fatal error: cannot create timer (-22)
[  146.796093][ T6902] Cannot find add_set index 0 as target
[  147.429237][   T39] kauditd_printk_skb: 2 callbacks suppressed
[  147.429251][   T39] audit: type=1400 audit(1722169673.638:498): avc:  denied  { write } for  pid=6903 comm="syz.1.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  147.448627][   T39] audit: type=1400 audit(1722169673.638:499): avc:  denied  { nlmsg_write } for  pid=6903 comm="syz.1.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  147.697737][ T4763] Bluetooth: hci3: Malformed LE Event: 0x02
[  148.045696][ T6916] Cannot find add_set index 0 as target
[  148.870407][   T39] audit: type=1400 audit(1722169675.088:500): avc:  denied  { read } for  pid=6927 comm="syz.3.421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  148.880507][ T6929] FAULT_INJECTION: forcing a failure.
[  148.880507][ T6929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.888520][ T6929] CPU: 3 UID: 0 PID: 6929 Comm: syz.3.421 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  148.893470][ T6929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.898196][ T6929] Call Trace:
[  148.899602][ T6929]  <TASK>
[  148.900906][ T6929]  dump_stack_lvl+0x16c/0x1f0
[  148.903772][ T6929]  should_fail_ex+0x497/0x5b0
[  148.906228][ T6929]  _copy_from_user+0x30/0xf0
[  148.908252][ T6929]  copy_msghdr_from_user+0x99/0x160
[  148.910737][ T6929]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  148.913541][ T6929]  ? rcu_is_watching+0x12/0xc0
[  148.915801][ T6929]  ? __pfx___lock_acquire+0x10/0x10
[  148.918149][ T6929]  ___sys_recvmsg+0xdc/0x1a0
[  148.920761][ T6929]  ? __pfx____sys_recvmsg+0x10/0x10
[  148.923691][ T6929]  ? find_held_lock+0x2d/0x110
[  148.925944][ T6929]  ? __pfx___might_resched+0x10/0x10
[  148.928221][ T6929]  ? __might_fault+0xe3/0x190
[  148.930892][ T6929]  do_recvmmsg+0x2ba/0x750
[  148.933546][ T6929]  ? __pfx_do_recvmmsg+0x10/0x10
[  148.935814][ T6929]  ? vfs_write+0x14d/0x1140
[  148.937906][ T6929]  ? __mutex_unlock_slowpath+0x164/0x650
[  148.940544][ T6929]  __x64_sys_recvmmsg+0x239/0x290
[  148.943089][ T6929]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  148.945747][ T6929]  do_syscall_64+0xcd/0x250
[  148.947848][ T6929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.950754][ T6929] RIP: 0033:0x7f0bfef77299
[  148.953116][ T6929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.964715][ T6929] RSP: 002b:00007f0bffd8b048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  148.968925][ T6929] RAX: ffffffffffffffda RBX: 00007f0bff106058 RCX: 00007f0bfef77299
[  148.972775][ T6929] RDX: 0000000000000f00 RSI: 00000000200004c0 RDI: 0000000000000004
[  148.976502][ T6929] RBP: 00007f0bffd8b0a0 R08: 0000000000000000 R09: 0000000000000000
[  148.980060][ T6929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  148.983448][ T6929] R13: 000000000000006e R14: 00007f0bff106058 R15: 00007fff02174408
[  148.987080][ T6929]  </TASK>
[  149.959866][ T6938] input: syz0 as /devices/virtual/input/input41
[  149.963254][ T6938] input: failed to attach handler leds to device input41, error: -6
[  149.964085][ T6939] ALSA: seq fatal error: cannot create timer (-22)
[  149.992646][ T6939] Cannot find add_set index 0 as target
[  150.068038][ T6938] dccp_invalid_packet: invalid packet type
[  150.180387][ T4763] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  150.184448][ T4763] Bluetooth: hci0: Injecting HCI hardware error event
[  150.188859][ T4763] Bluetooth: hci0: hardware error 0x00
[  150.234823][ T6945] loop0: detected capacity change from 0 to 7
[  150.249680][ T6945] Dev loop0: unable to read RDB block 7
[  150.252171][ T6945]  loop0: AHDI p4
[  150.253822][ T6945] loop0: partition table partially beyond EOD, truncated
[  150.396948][ T4825] Dev loop0: unable to read RDB block 7
[  150.399744][ T4825]  loop0: AHDI p4
[  150.401497][ T4825] loop0: partition table partially beyond EOD, truncated
[  151.033142][ T5347] Bluetooth: hci0: Malformed LE Event: 0x02
[  151.553060][   T39] audit: type=1326 audit(1722169677.768:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6969 comm="syz.1.432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7829377299 code=0x7ffc0000
[  151.586372][   T39] audit: type=1326 audit(1722169677.768:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6969 comm="syz.1.432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7829377299 code=0x7ffc0000
[  151.613423][   T39] audit: type=1326 audit(1722169677.818:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6969 comm="syz.1.432" exe="/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f7829377299 code=0x7ffc0000
[  151.628157][   T39] audit: type=1326 audit(1722169677.828:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6969 comm="syz.1.432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7829377299 code=0x7ffc0000
[  151.639095][   T39] audit: type=1326 audit(1722169677.828:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6969 comm="syz.1.432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7829377299 code=0x7ffc0000
[  151.648726][   T39] audit: type=1326 audit(1722169677.828:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6969 comm="syz.1.432" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7829377299 code=0x7ffc0000
[  151.659195][   T39] audit: type=1326 audit(1722169677.868:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6969 comm="syz.1.432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7829377299 code=0x7ffc0000
[  152.248358][ T4763] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  152.783620][ T6987] ALSA: seq fatal error: cannot create timer (-22)
[  152.802898][ T6987] Cannot find add_set index 0 as target
[  153.006277][ T6990] ALSA: seq fatal error: cannot create timer (-22)
[  153.016956][ T6990] Cannot find add_set index 0 as target
[  153.906871][   T39] kauditd_printk_skb: 10 callbacks suppressed
[  153.906886][   T39] audit: type=1326 audit(1722169680.118:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  153.930179][   T39] audit: type=1326 audit(1722169680.118:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  153.941125][   T39] audit: type=1326 audit(1722169680.128:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  153.953077][   T39] audit: type=1326 audit(1722169680.128:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  153.962932][   T39] audit: type=1326 audit(1722169680.128:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  153.971926][   T39] audit: type=1326 audit(1722169680.138:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  153.982030][   T39] audit: type=1326 audit(1722169680.138:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  153.992046][   T39] audit: type=1326 audit(1722169680.148:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  154.006453][   T39] audit: type=1326 audit(1722169680.218:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  154.020172][   T35] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  154.069422][   T39] audit: type=1326 audit(1722169680.218:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7006 comm="syz.3.444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfef77299 code=0x7ffc0000
[  154.253656][   T35] usb 6-1: config 0 has no interfaces?
[  154.256258][   T35] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  154.261125][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.273909][   T35] usb 6-1: config 0 descriptor??
[  154.584947][  T830] usb 6-1: USB disconnect, device number 10
[  155.883160][    C1] ==================================================================
[  155.886780][    C1] BUG: KASAN: stack-out-of-bounds in xdp_do_check_flushed+0x41c/0x4e0
[  155.890441][    C1] Read of size 4 at addr ffffc9000344fa50 by task syz.3.444/7007
[  155.895708][    C1] 
[  155.896786][    C1] CPU: 1 UID: 0 PID: 7007 Comm: syz.3.444 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  155.901174][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.905862][    C1] Call Trace:
[  155.907362][    C1]  <IRQ>
[  155.908659][    C1]  dump_stack_lvl+0x116/0x1f0
[  155.910737][    C1]  print_report+0xc3/0x620
[  155.912696][    C1]  ? __virt_addr_valid+0x5e/0x590
[  155.914922][    C1]  kasan_report+0xd9/0x110
[  155.916923][    C1]  ? xdp_do_check_flushed+0x41c/0x4e0
[  155.919122][    C1]  ? xdp_do_check_flushed+0x41c/0x4e0
[  155.921346][    C1]  xdp_do_check_flushed+0x41c/0x4e0
[  155.923918][    C1]  __napi_poll.constprop.0+0xd1/0x550
[  155.926428][    C1]  net_rx_action+0xa92/0x1010
[  155.928519][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  155.930758][    C1]  ? lock_acquire+0x1b1/0x560
[  155.932712][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  155.934736][    C1]  ? sched_clock+0x38/0x60
[  155.936475][    C1]  ? sched_clock_cpu+0x6d/0x4d0
[  155.938408][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  155.940356][    C1]  handle_softirqs+0x216/0x8f0
[  155.942477][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  155.944801][    C1]  ? irqtime_account_irq+0x18d/0x2e0
[  155.947181][    C1]  ? bpf_test_run+0x3a4/0xa90
[  155.949233][    C1]  do_softirq+0xb2/0xf0
[  155.951003][    C1]  </IRQ>
[  155.952306][    C1]  <TASK>
[  155.953684][    C1]  __local_bh_enable_ip+0x100/0x120
[  155.956058][    C1]  bpf_test_run+0x3a9/0xa90
[  155.958338][    C1]  ? __pfx_bpf_test_run+0x10/0x10
[  155.960584][    C1]  ? __asan_memset+0x23/0x50
[  155.962629][    C1]  bpf_prog_test_run_skb+0xb6e/0x20f0
[  155.964988][    C1]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  155.967805][    C1]  ? fput+0x32/0x390
[  155.969609][    C1]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  155.972153][    C1]  __sys_bpf+0x10d2/0x4a20
[  155.974109][    C1]  ? kmem_cache_free+0xc0/0x3a0
[  155.976107][    C1]  ? __pfx___sys_bpf+0x10/0x10
[  155.977972][    C1]  ? audit_log_end+0x14a/0x2b0
[  155.979823][    C1]  ? audit_seccomp+0x21b/0x280
[  155.981722][    C1]  ? xfd_validate_state+0x5d/0x180
[  155.983699][    C1]  __x64_sys_bpf+0x78/0xc0
[  155.985864][    C1]  do_syscall_64+0xcd/0x250
[  155.987861][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.990448][    C1] RIP: 0033:0x7f0bfef77299
[  155.992417][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.000450][    C1] RSP: 002b:00007f0bffdac048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  156.004051][    C1] RAX: ffffffffffffffda RBX: 00007f0bff105f80 RCX: 00007f0bfef77299
[  156.007529][    C1] RDX: 0000000000000050 RSI: 0000000020000180 RDI: 000000000000000a
[  156.010817][    C1] RBP: 00007f0bfefe48e6 R08: 0000000000000000 R09: 0000000000000000
[  156.013825][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  156.016840][    C1] R13: 000000000000000b R14: 00007f0bff105f80 R15: 00007fff02174408
[  156.019863][    C1]  </TASK>
[  156.021163][    C1] 
[  156.022108][    C1] The buggy address belongs to stack of task syz.3.444/7007
[  156.024912][    C1]  and is located at offset 112 in frame:
[  156.027139][    C1]  bpf_test_run+0x0/0xa90
[  156.028840][    C1] 
[  156.029787][    C1] This frame has 5 objects:
[  156.031536][    C1]  [32, 36) 'ret'
[  156.031548][    C1]  [48, 64) 'run_ctx'
[  156.033142][    C1]  [80, 104) 't'
[  156.035318][    C1]  [144, 168) 'item'
[  156.036865][    C1]  [208, 320) '__bpf_net_ctx'
[  156.038597][    C1] 
[  156.041989][    C1] The buggy address belongs to the virtual mapping at
[  156.041989][    C1]  [ffffc90003448000, ffffc90003451000) created by:
[  156.041989][    C1]  kernel_clone+0xfd/0x980
[  156.050059][    C1] 
[  156.051474][    C1] The buggy address belongs to the physical page:
[  156.054625][    C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x2afe7
[  156.058457][    C1] memcg:ffff888020553282
[  156.060318][    C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  156.063474][    C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  156.067577][    C1] raw: 0000000000000002 0000000000000000 00000001ffffffff ffff888020553282
[  156.071465][    C1] page dumped because: kasan: bad access detected
[  156.074284][    C1] page_owner tracks the page as allocated
[  156.076786][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 6999, tgid 6999 (syz.0.443), ts 153853839503, free_ts 153848874554
[  156.084569][    C1]  post_alloc_hook+0x2d1/0x350
[  156.087155][    C1]  get_page_from_freelist+0x1351/0x2e50
[  156.089583][    C1]  __alloc_pages_noprof+0x22b/0x2460
[  156.091886][    C1]  alloc_pages_mpol_noprof+0x275/0x610
[  156.094276][    C1]  __vmalloc_node_range_noprof+0xa6a/0x1520
[  156.096883][    C1]  copy_process+0x2f3b/0x8de0
[  156.099112][    C1]  kernel_clone+0xfd/0x980
[  156.101363][    C1]  __do_sys_clone3+0x1f5/0x270
[  156.103221][    C1]  do_syscall_64+0xcd/0x250
[  156.105163][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.107934][    C1] page last free pid 6999 tgid 6999 stack trace:
[  156.110730][    C1]  free_unref_page+0x64a/0xe40
[  156.112846][    C1]  rcu_core+0x828/0x16b0
[  156.114690][    C1]  handle_softirqs+0x216/0x8f0
[  156.116779][    C1]  irq_exit_rcu+0xbb/0x120
[  156.118868][    C1]  sysvec_apic_timer_interrupt+0x95/0xb0
[  156.121024][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  156.123598][    C1] 
[  156.124635][    C1] Memory state around the buggy address:
[  156.127075][    C1]  ffffc9000344f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  156.130259][    C1]  ffffc9000344f980: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[  156.133464][    C1] >ffffc9000344fa00: 04 f2 00 00 f2 f2 00 00 00 f2 f2 f2 f2 f2 00 00
[  156.136974][    C1]                                                  ^
[  156.139840][    C1]  ffffc9000344fa80: 00 f2 f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 00
[  156.143204][    C1]  ffffc9000344fb00: 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00
[  156.146516][    C1] ==================================================================
[  156.150216][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  156.153316][    C1] CPU: 1 UID: 0 PID: 7007 Comm: syz.3.444 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  156.157626][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.162229][    C1] Call Trace:
[  156.163803][    C1]  <IRQ>
[  156.165304][    C1]  dump_stack_lvl+0x3d/0x1f0
[  156.167469][    C1]  panic+0x6f5/0x7a0
[  156.169331][    C1]  ? irqtime_account_irq+0x18d/0x2e0
[  156.171634][    C1]  ? __pfx_panic+0x10/0x10
[  156.173811][    C1]  ? check_panic_on_warn+0x1f/0xb0
[  156.176430][    C1]  check_panic_on_warn+0xab/0xb0
[  156.178814][    C1]  end_report+0x117/0x180
[  156.180654][    C1]  kasan_report+0xe9/0x110
[  156.182620][    C1]  ? xdp_do_check_flushed+0x41c/0x4e0
[  156.184984][    C1]  ? xdp_do_check_flushed+0x41c/0x4e0
[  156.187368][    C1]  xdp_do_check_flushed+0x41c/0x4e0
[  156.189711][    C1]  __napi_poll.constprop.0+0xd1/0x550
[  156.192067][    C1]  net_rx_action+0xa92/0x1010
[  156.194168][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  156.196414][    C1]  ? lock_acquire+0x1b1/0x560
[  156.198325][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  156.200319][    C1]  ? sched_clock+0x38/0x60
[  156.202027][    C1]  ? sched_clock_cpu+0x6d/0x4d0
[  156.203949][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  156.206040][    C1]  handle_softirqs+0x216/0x8f0
[  156.208159][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  156.210618][    C1]  ? irqtime_account_irq+0x18d/0x2e0
[  156.212929][    C1]  ? bpf_test_run+0x3a4/0xa90
[  156.215327][    C1]  do_softirq+0xb2/0xf0
[  156.217208][    C1]  </IRQ>
[  156.218543][    C1]  <TASK>
[  156.219848][    C1]  __local_bh_enable_ip+0x100/0x120
[  156.222154][    C1]  bpf_test_run+0x3a9/0xa90
[  156.224162][    C1]  ? __pfx_bpf_test_run+0x10/0x10
[  156.226413][    C1]  ? __asan_memset+0x23/0x50
[  156.228473][    C1]  bpf_prog_test_run_skb+0xb6e/0x20f0
[  156.230867][    C1]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  156.233424][    C1]  ? fput+0x32/0x390
[  156.235220][    C1]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  156.237701][    C1]  __sys_bpf+0x10d2/0x4a20
[  156.239437][    C1]  ? kmem_cache_free+0xc0/0x3a0
[  156.241354][    C1]  ? __pfx___sys_bpf+0x10/0x10
[  156.243215][    C1]  ? audit_log_end+0x14a/0x2b0
[  156.245075][    C1]  ? audit_seccomp+0x21b/0x280
[  156.246937][    C1]  ? xfd_validate_state+0x5d/0x180
[  156.249694][    C1]  __x64_sys_bpf+0x78/0xc0
[  156.251746][    C1]  do_syscall_64+0xcd/0x250
[  156.253823][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.256402][    C1] RIP: 0033:0x7f0bfef77299
[  156.258410][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.270171][    C1] RSP: 002b:00007f0bffdac048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  156.274321][    C1] RAX: ffffffffffffffda RBX: 00007f0bff105f80 RCX: 00007f0bfef77299
[  156.278003][    C1] RDX: 0000000000000050 RSI: 0000000020000180 RDI: 000000000000000a
[  156.284413][    C1] RBP: 00007f0bfefe48e6 R08: 0000000000000000 R09: 0000000000000000
[  156.287714][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  156.291201][    C1] R13: 000000000000000b R14: 00007f0bff105f80 R15: 00007fff02174408
[  156.294791][    C1]  </TASK>
[  156.306550][    C1] Kernel Offset: disabled
[  156.308506][    C1] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:28:02  Registers:
info registers vcpu 0

CPU#0
RAX=000000000026efc5 RBX=0000000000000000 RCX=ffffffff8b115529 RDX=0000000000000000
RSI=ffffffff8b4cc500 RDI=ffffffff8bb08b40 RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20
R8 =0000000000000001 R9 =ffffed100d606fe1 R10=ffff88806b037f0b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff901293d8 R15=0000000000000000
RIP=ffffffff8b11691f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f9dc212703a CR3=00000000261be000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=2eebbcb7e9fd5709 24dfeb6acc758f72 2eebbcb7e9fd5709 24dfeb6acc758f72 2eebbcb7e9fd5709 24dfeb6acc758f72 2eebbcb7e9fd5709 24dfeb6acc758f72
ZMM18=24ac513ace42234a e1fd4c37faf10c39 24ac513ace42234a e1fd4c37faf10c39 24ac513ace42234a e1fd4c37faf10c39 24ac513ace42234a e1fd4c37faf10c39
ZMM19=5704000000000000 0000000000000005 5704000000000000 0000000000000004 5704000000000000 0000000000000003 5704000000000000 0000000000000002
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=24dfeb6a24dfeb6a 24dfeb6a24dfeb6a 24dfeb6a24dfeb6a 24dfeb6a24dfeb6a 24dfeb6a24dfeb6a 24dfeb6a24dfeb6a 24dfeb6a24dfeb6a 24dfeb6a24dfeb6a
ZMM22=e9fd5709e9fd5709 e9fd5709e9fd5709 e9fd5709e9fd5709 e9fd5709e9fd5709 e9fd5709e9fd5709 e9fd5709e9fd5709 e9fd5709e9fd5709 e9fd5709e9fd5709
ZMM23=2eebbcb72eebbcb7 2eebbcb72eebbcb7 2eebbcb72eebbcb7 2eebbcb72eebbcb7 2eebbcb72eebbcb7 2eebbcb72eebbcb7 2eebbcb72eebbcb7 2eebbcb72eebbcb7
ZMM24=faf10c39faf10c39 faf10c39faf10c39 faf10c39faf10c39 faf10c39faf10c39 faf10c39faf10c39 faf10c39faf10c39 faf10c39faf10c39 faf10c39faf10c39
ZMM25=e1fd4c37e1fd4c37 e1fd4c37e1fd4c37 e1fd4c37e1fd4c37 e1fd4c37e1fd4c37 e1fd4c37e1fd4c37 e1fd4c37e1fd4c37 e1fd4c37e1fd4c37 e1fd4c37e1fd4c37
ZMM26=ce42234ace42234a ce42234ace42234a ce42234ace42234a ce42234ace42234a ce42234ace42234a ce42234ace42234a ce42234ace42234a ce42234ace42234a
ZMM27=24ac513a24ac513a 24ac513a24ac513a 24ac513a24ac513a 24ac513a24ac513a 24ac513a24ac513a 24ac513a24ac513a 24ac513a24ac513a 24ac513a24ac513a
ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=5604000056040000 5604000056040000 5604000056040000 5604000056040000 5604000056040000 5604000056040000 5604000056040000 5604000056040000
info registers vcpu 1

CPU#1
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fdd905 RDI=ffffffff95198720 RBP=ffffffff951986e0 RSP=ffffc900008b0788
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000030 R14=ffffffff84fdd8a0 R15=0000000000000000
RIP=ffffffff84fdd92f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f0bffdac6c0 ffffffff 00c00000
GS =0000 ffff88806b100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b315e6ff8 CR3=000000002d9bc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc760a2190 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f78293e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f78293e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f78293e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f78293e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f78293e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f78293e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000001e81c3 RBX=0000000000000002 RCX=ffffffff8b115529 RDX=0000000000000000
RSI=ffffffff8b4cc500 RDI=ffffffff8bb08b40 RBP=ffffed100305b000 RSP=ffffc90000197e08
R8 =0000000000000001 R9 =ffffed100d646fe1 R10=ffff88806b237f0b R11=0000000000000000
R12=0000000000000002 R13=ffff8880182d8000 R14=ffffffff901293d8 R15=0000000000000000
RIP=ffffffff8b11691f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b315e2ff8 CR3=000000002fb18000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff02174790 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0bfefe56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0bfefe56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0bfefe56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0bfefe56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0bfefe5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0bfefe5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000001c6f01 RBX=0000000000000003 RCX=ffffffff8b115529 RDX=0000000000000000
RSI=ffffffff8b4cc500 RDI=ffffffff8bb08b40 RBP=ffffed100305b488 RSP=ffffc900001a7e08
R8 =0000000000000001 R9 =ffffed100d666fe1 R10=ffff88806b337f0b R11=0000000000000000
R12=0000000000000003 R13=ffff8880182da440 R14=ffffffff901293d8 R15=0000000000000000
RIP=ffffffff8b11691f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fec93ee9440 CR3=0000000023e06000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcfb0447b0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3f31e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3f31e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3f31e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3f31e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3f31e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3f31e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000048
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000048
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000