last executing test programs:

4m43.974283007s ago: executing program 1 (id=458):
syz_emit_ethernet(0xbe, &(0x7f00000001c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x2, 0x0, @broadcast=0x1000000, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty, {[@cipso={0x86, 0x41, 0x0, [{0x2, 0xe, "7386f541c397a4f0a8a5798a"}, {0x6, 0x2}, {0x2, 0xb, "e5b7255d2cd879c6e2"}, {0x0, 0xd, "ec58ce93944591c32189da"}, {0x0, 0xd, "5d923003340e2364a271cf"}, {0x1, 0x6, "cd939609"}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@dev}, {@empty}, {@dev}, {@dev}, {@loopback}]}]}}}}}}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="cf0400090000000000021300000008000300", @ANYRES32=r3, @ANYBLOB="040013000a000600080211000001000006001200000000000600b500c90200000600120108000000"], 0x44}, 0x1, 0x0, 0x0, 0x20004055}, 0x0)

4m43.894260505s ago: executing program 1 (id=459):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
r4 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r5}, 0x10)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8)
close(r7)
ioctl$sock_SIOCGPGRP(r7, 0x8904, &(0x7f0000000440)=<r8=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r8, 0x1, &(0x7f0000000480))
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB="225ada57e76307daeabb12000000000000000100000000000000000008", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r10}, 0xc)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000003200)={&(0x7f0000003140)={0x38, r3, 0x200, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @local}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}]}, 0x38}}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, r3, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_SECCTX={0x25, 0x7, 'system_u:object_r:udev_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast2}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000001)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r1], 0x40}}, 0x0)
sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00042abd7000ffdbdf250e0000000c000600030000000000000008000e000c00000008000300", @ANYRES32=r5, @ANYBLOB="90452fd23ae4daaa850dd213db8062f971113d92f3f4c4ebdaef5fb358d87eb7b04515668d0d1284cdc23a2a7dce54b6ca25c29bfed7e3964cae4060c81b477d96ad40e39170ec8e2009e7ac599e535879e804764b15decc655a8da60878086dd280952f4ff29dee44b297d2a61fd74b468a43e4ee166ef4d55f86f4925e514ecc380e39db855e2e7a1b14"], 0x30}, 0x1, 0x0, 0x0, 0x24048001}, 0x80)

4m43.834202353s ago: executing program 1 (id=461):
bpf$PROG_LOAD(0x5, 0x0, 0xffffffe4)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00), 0x8)

4m43.833867505s ago: executing program 1 (id=462):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xc1, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x0, 0x9)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
r3 = getpgid(r1)
kcmp$KCMP_EPOLL_TFD(r3, r1, 0x7, r2, &(0x7f0000000080)={0xffffffffffffffff, r2, 0x3a69ec03})
fstat(r0, &(0x7f00000022c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0xffffffffffffffff)
r5 = socket(0xa, 0x1, 0x0)
ioctl(r5, 0x8936, 0x0)

4m43.768738668s ago: executing program 1 (id=465):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket(0x10, 0x3, 0x0)
sendmmsg$unix(r0, &(0x7f0000005400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}}], 0x1, 0xa4ff) (fail_nth: 1)

4m43.623081303s ago: executing program 1 (id=469):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x118, 0x0, 0x330, 0x298, 0x330, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'pimreg0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_bridge\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) (async, rerun: 64)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) (rerun: 64)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (async)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) (async, rerun: 32)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async, rerun: 32)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000200)=0x1, 0x12) (async)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x7, &(0x7f0000000140)=@framed={{0x18, 0x7}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @alu={0x6}, @exit={0x95, 0x0, 0x7b00}, @call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

11.889055939s ago: executing program 3 (id=1246):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d000000000000010902240001"], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000380)={{0x0, 0x0, 0xffffffffffffffff, 0xee01, 0x0, 0x165, 0x3a3e}, 0x7, 0x0, 0x1f, 0x1, 0x0, 0x0, 0xff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x3, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0)=[0x1], 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={0x0, &(0x7f0000000480)=""/127, 0x79, 0x7f, 0x0, 0xa946, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b00000000000000000000000200000000000000", @ANYRES32, @ANYBLOB="0400"/20, @ANYRES32=0x0, @ANYRES32=r5, @ANYBLOB], 0x50)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_window_scaling\x00', 0x1, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000240)='numa_maps\x00')
read$FUSE(r6, &(0x7f0000001100)={0x2020}, 0x204a)

8.791574808s ago: executing program 3 (id=1259):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="0815000000050104000000000000000001000005540201"], 0x1508}}, 0x0) (fail_nth: 4)

8.661957309s ago: executing program 3 (id=1261):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)={0x54, r1, 0x1, 0x0, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x2c, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x95}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xed}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x94}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x391c48a0}]}]}]}, 0x54}}, 0x0)

8.661504785s ago: executing program 3 (id=1262):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$fb0(0xffffffffffffff9c, &(0x7f0000001280), 0xaa000, 0x0)
r3 = socket(0x11, 0x800000003, 0x0)
r4 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)={'team0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f00)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x4, [], 0x2}}}}]}, 0x88}}, 0x0)

7.741448454s ago: executing program 3 (id=1265):
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
getgid()
mount$fuse(0x0, 0x0, &(0x7f00000000c0), 0x80008, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='tracefs\x00', 0x3, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f000000c3c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f00000000c0)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f000000e400)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000141bdb7989c08b32000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ed10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000889049938edebcd600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x15}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000004140)="02f00c1d0dda83190c8b2969e5d107b997d557314c4da896298ff72343456d7ad8d0a3c9d50de42ef139d0d06f47aefa86d39e623e4983730bc4acd2a3453e9ce8ab83ca57bba44ef9418053978935925402ab801b6979708a525ed019908b34e02f859ad4fe7ea4a350535a413c192c59200cfe1146cfce7eecb4623aeba4b78d98a60a06859f115f185f5849bc4bf657cc34fdbd22e7093ab80cc806d17ca48f8eece4181c9ac3c9683567bd26348a00f13b4227b52da5dbbff4d3903749eb428bb6a464379db2f0332abbfe4d5a1d8f3175def20fd81e00e99af5cd23e1fe1a02affae45d2fcca7311570b269f073fc727285b6eeaacd862f40f1e5b84abec8f63212c89e4458c61ab5c32f7347d7d537d267708129701bdc744d35218ce52988699adf1e34f61493fd397296b4ca0aefbeeea873eff80fe26c0bf3c058ab0ae570ac08e3c53079d31669f34bee6d68b92398fe21c1d76a24d858af557d7723d27c0435f70fe46b18d17f3c207ad809bf3cf81c3074be87ba9d2beb513903109a9dae4a56576ae7bd3ecd4917a2f22c756f100eb0f3b48f3c506aa5d717b9683762e8d268ecddcf5121ab06300b1cf3586c910bf23de3defeedfcc1e899c899eb483c9b30cc56181f34937c70e9a2482ce13531bb80293f85fe080e722bb628b67a1cc9a9e7607313f0ce60a8f79fb0807139f503622c7cdfbdef26fc004897ca200a9b4328e0961a79e46ea7734a51d3c8930ff903d4779a48b338f43ba5d6b50f27f69802ffeb5473b15e66835035b7bf41489804e99eab0fc7579f569b1ba37151913454be46c6cb12b4e5f8c7a0a64c992fe18e07088d4ae91fbe6ef05d74d63173823bcd63948ebd29b70f144c7a03c951de8e3873623c14c4a99b52a9ad881206005e66f8588b0d73994cbfd6aefddbf8cec9622f948fe21287b38b9daf40c6ccb3feedf50f90e8f4da6a6bbc14b87e514cd976302e223a3c9165ec4b79f341908a97e13331582f39da15f2e9a6ea5a836bff4a42cd816f7f2028763bee37e7bbd0ccdf419edd48c55a6883825cb3373eb0b222187fdbf7a0dd4c862e9c658a5590c62b95b2467b155a87013ad20d47bfc8e8049f8bee091cb893b5d507772ccaadabf407a25647019312cad64b940137ceb603e9854a41d540649d52e5b2a39e7865ac1ab41cc1304712520e8e2827403b01dbee87b8b0caffa3c1bdd3b81538743a5422be517a5c679543282fdb46b29cf256a9d7e1c3dfb69c399db615e2e785d5a3cc719cafaa7973a542679b3185f5f86e4864637ececc4557a5465b05bfbdfe433546fe822d00f41b45c1473fe88d8a6911cd673f3d71518d3d3918ed766030448f01ad5e5ab66a6eac88720f7205491f9bd15d448172de258c865534b0dad6e607819aca86211254ecaafe4597af845c1c92098320dc14d1bae44486a02b8e81733a2be227acf940df9a2e717d9373a52a82ae0863af2320ec820fa8778b1e0123d41e6a79055adbe1b63da8e84ad6eb7906ab65b92c493a8150685dab1e2f2a16da54abe9cddf141dc41ea8a600a5e28bd8a342be318fa91d2e98c36a681c98f5676b27583d49f4948666c80f3b49b2ef6b71896e980c6cf93856d2dfb59cdeab1d8940296207d1f15cf75d7beb6f744fdb38f34e00148f48b3b92d65dab43f3514761864c693e6fdf1e08be74ec507d180301d419cf151901bf2bbc1245bedfe9f8b91f64c869d0741026acb0499a4a7cb167107f609141c349a7810d16b417727ded0decd32b4d48a624d027a3d057a9763ac5139adb0042d70caf9969c7a6bad7afe5d8a48d0e5726396d379a2bfaf957468748c9944bad2dcbefb1474a7d782b2e8e278a10dc6d6dc921476d661cea4439d8ba17c95c9189ef879b52a1889574f70c022b0cb973587a70e5d4147aaf1d1f58836540eb0824e73386d2c3a94d253b99d4532c97c2a75588c536cbc24e47088dfebf31ffc0cb23076bb2f515546b3721d8063e3b88d3a8ea196b88564f65e5f808eff5ab6a30095d6e0978a286b9d693a6053231d71dbf96967b5a2c6eec44117078851bab60718ff22a3e8c522fa8d85d6df1a816b62a557b47b05c5df626a47928523541c23e9f0a0a86515437bc0eb7b9b4b7bb866206e093fb4a5dba6ad9d2424d7fb2f8f220b00be734c781a91ad4555f2714c6c59588300ad47d3ecb86fae178609fe60d9f604be31c05cf3cf1edffb45cc2ce24ec44434107834c6335ac09e2e931b0a8c6cea5ddee3686ec9bf9ef6693fc85e36a7fe1146aa93da6f4dd5f36ab0dcbc28d29ddeb481d5d4f8a2817733a8dff3cb07ac1256bd43dab768c1661e4c8bd3ede3aa548f90424fea8e39c6d5d639b49b7b4da6a95700ac6d9f66bae43320ebe5add0c0cf5fb8a1482c60a21d1ed54ca7967bc22362ccad5c9aca0a7151b53546618500ab0a32151c7e61fc1cd7207f165449d4935337ac69259142d952d83e415bf39227224f208ccd4f6476804b7a9ed45f14f7414e36c9c1000ae4ff34e5ccfa224875c81bf30a73300a22c9dbba7770d0078ff37c965b2d9f97e50e64072d7db371fe4cd364e305f64c1fc70b682cde8fa865fdd7cefbc528f3177a67a4f31f3085ab385705a5008d7572b8f6690c07a9f0d8754614bf036d4efa96b09258cc43787df3259138f995a6d9dd13728fa1745c8e4af63e48853bc63106859defe07c53ead96f2bbd300ace2df4281ee764ba0c2234d4e0da8c0bce90ee74322d50a5653001a6706c8f4f315219bbc7fa42ee186ac031ae2a7f806e539f6d498514c3b657f6b6864ba1cc94879bc70ec199ce4124907bbaf5087280f9288a51f6d2849a2ad906aac9e98874fa678c66e0d71479f71d81aea11acca91b1a80e1517f6ce93d63deb7712a15232856db2e4e33b0c50f638c5c0b11fb81c4d9d1f4ba9914b8cdb1ee091b320db91850700a5ee1f8b837deaf3eac758b1aa03ceaf559cd87f5bea97897b97661746fd0e08713fd5fe42a87de04a2c9256571a14818750dc51d3c5190d8c2055860c0470309ebdbcdf1c050e0de01e6111bafd83eed68935fa61dea3dc55c278080935ee9d36233148dcc1ea0a3867ece386248ffb58ad2c198ef8ba29ea07983740e584daad92c62ec10c3dc16be4283bae22ed5e39a9821a29a40952950abf6b41732933950312719749ad06eee0c08eae0136eb4f16cee5ed167df66482ece475632dd25cc43782df12a8573492fa46da81b527213b098e3d9b0bfc9da02bde9c8f0672778cc418f4c0a113a513b358674de8b218fd3345ccf4179a9db6c0e1858e558e749036ea70c045d572ead75e60cf08fb26551741fdb86ff3c0bfcda029aecb789c9b8e27f360ce04159b9814674a3b5ac823546d4ac467ae878d2d4482e4d5bbf8945155410b8e7ec05619c3d6e254e30879f4dcc3d93b5c3e3f73230e2bb406accf83cc5a3f4b8388b851a98fafa03ddf392b9c0c5232445a313f440f158b20cbc34c29a0e36a062a10ec77d0bbeeba5771da4dfdf3654140f53e85d98f6a065850ff5afec907eddae8b7128ba9dd0821acc8511f3e3c68e9ef9da35df09315619ab781192a648baf254fd5f35cb650b7672a9a82f989bf2039961f68763e34db401c903a40a5ee9495b7011893639ed3c3b83998503905cdc1dcfbc223bec4cbb5e1459ec4bfc6eb14dec0741e2364eb9cd9d988013ae2740b722704d99576f897aca6b3d5c34a057d8a5f51c1bce080936a21fe214c3516c6edda99c4fd104e033fb553839a386fa74549921ff4216589dfee205fec1031e121bb58ede2fad12805785abedd162396e11d36dcdb1993853eefb6e1c8c72afecf98969db8216da5276e347a327c60ec97865e2397127198151feeb9e0e6268fa6e88c50ec8d681450e642fc01455fa216f9835d6e309f9e4b5129a2a56db042f0c0486a47033b52f59513094864c0c6c313c7edebebc28db44679c3544e93375c80cb782763f37d85eba6c0bae5934875444245d467de5d6a463443933ae95400f88441d70891e6455f73356717f68e408b0cf91f0deb9aabce6c1cbb1459d8095433a1e08039132fb8ec30687f856e524ca8ba00b6a20225da41bfd260fa214c26de5844246d44ac5ee2af44f158da1f55188277161d7158fcb97b1e37ff3088cad7e79e78b19c7440ae76356f0b094f928a61e9195fe87a0330baa29dc5e1370abc024577a521ad224074f5ee52c30326e2d1e87044b2027232ac28ba099e211a7b33df9fb6d2fd662b7d38a14c40538dcad133f4f75ce114cf8e583f74d2d5251547541af0236aa59075263e2611fc807ff898163c56ef01e7454da2a6000ac229530ea7bf1eb75529d3c98e6f7fbf3d4cba327ed5cdcb83df0c11fbead1de4ec3ac5c2cb8dda8591f4c316e23a0668ca25149f8a55a47649daf9e40f784319e8b901e70a8a31bb4f8c0a86a4999bdfcb0e9f297e753bdb2a275ef98a92b8dbab2d6eedc06ce92502ae7ae76f6b13264ba41e717f8257e34bf1ba512b335d5d178d74742cc0ec6e7b16942095cde010cd90b5c8a158b65fc51d958a96a7d20446c1fd8d1b0fc9f2de8f404a80b504098dc68e2c60b0f43ab538cba0ca5409dacfbdff2267374775605dce498514ee7b32a7f55452986b12dc6178d6a926dfbac6bbdcc051d0cd54bc3aca47bd665e01bf1f050f7903f031197594c513ce5ba931e2819f5bb63c5238c19c1be9f4d9668e5c075804fd43ea60f0ab9f00e06683b8e29379a9326b40e8fe05161adf1cb519c31ecebcb042ed1fbb4b9f1b12470bef6e964855baaff5a7dd6146f07caa8097c778bd10e5ce995884d1f3b91962a7974d84de6157d3f54735d5b82e11e6fc000874ecd396114c693ce2297caf7a9c6a6814a890e4d74e17a16339ba103c0d2da87e522ed67cd23047c7d9bd1562234aec98b85ad4534522cca58ee17ccb9c8fe7cd68ad3d6d6e0edbb550ec957772ee1109d501ab76e364a988e02e6b4a5b62f72e61fa7cc6120d12414d3c8ea09bfaac8e806d19dd76f940b769863d200861e44c72bfd870005f6663a7a6d1d60ac1e376806293d5143968d37af14301c9d6506985eb7bdd607dfa4d3cb5cb058019cc5502c534d3a5a1337bbf6306184230cc21e3ef7744b839cd82fc6347316e098e05ced0f25b9cf5721f2d003bdb4e0a79eff90ec4aacd6afbb78ca6f129cd16c8b2f3aefb5a2036951db7ebb40d36723a75723b3d1011e6085493664bf5d336c5cb4079ae1ca2412c53c464831844c27f089ffe345a2029118672b2fd2a24c72f9088dc5f92cc5f3bcd6c7359f52d32ea15172e95af7e6c81c52f20995877cafed48dd49762701c88c225bbffbbc3160d838957588fc2d41efab4148bc961e8d66b5b21e7eb4228a132d61a1c9f6e2baf7430d92478a3948fca4e10594167ca5e72678189cb4e90a0b0e45caada64d15010d73157cd8b4d04099ecefb1ed187d673d1bd33f13dbe4b44d351a34738280f21a79b3146b0071a0924e643c1dffe0d8c72b3bdcc00f203153f63c249f18e0e9e7ed1c0237411893832fc5be40d308b194bb04a17e38f0717a0808058b7291d20b6f0f1e5ba11e2351d985138c61806b41ea5a77ef80feb1f6f7383000e97549487f1bc9c3b5e8ccb6ed7ab8e08b258c75d5aad2a01fe8b5777ef5c7ec1eb3feca16dabf8eb50312f8786d5018d7bb7c9776f028af7b3423af3410696587f3feba823e5e3ccacfeb23fd4359c252b2ab5136d2fa7a6633758b5c45099f70a672999329eba1c89f07af0eb7c3fea5ac468ce042d699b6f391eaccadcf6d14e97c620a5eff7d92946f09d79d31cc876da261182a73a3234d5e53709185680c8b5376e4d8445fe4fff988062f23e42e4b7908ec079a840f0be839062074c22c44b7f4c4b23be2b6656abbb103acc0bd5058e0112a7d55cdce5042a76fe24ba5e9a1105c68dab94dddd44cc6c860172847f20e6ebc49787ed8ca19824b09468933ae9a496e960b7c592e783b6a5f10a9d9c2265794c5891ae7eb9cca9b3f99981a252d522047b95fdb518fe681829948a9d329b9cc7cb2f806ee81a3c930c73c8f12a05b47f1470ff08d5a03f37dacc1e4a7f65563f8825f9ffc316c2ed7a5ea434cab348c850d1b8eaaa0ab2ef7460269aef06f9c46a1957575cee49e1aa72d470dc9763b4abd61d34693e462353c1d023249bb7085f1362ec6bab9d349633d5f9637e6a12690e502f8af9c2d37a3f573411595539c66e9f82d5b39c01606af258e769b2391c3cd0bb0d93eaa36e168136b301d516724ecb173a0766ea9e9d5be5dcbf58e0322261e584d22594cfac91d16bcf38b8cb69e022b0956fb4be2981a526bb1832749ea1f7b188dce590927620ad9d6162ea52bbdbd14b45ff967f183c1af4269dc16a1be7b0b5278ec02a259aed022039e70a9c1456997fc1d053b1ab54238d8282dd11b68b806c745a257a7c0fcfad3277245b1f7749243f457121b3d17122f27be6b1c56e9bc151f52db66c92246072ca4e5d10619a6730b1609f133b5db1f2b0bb4a86dee2c44a6e25299ee74b99eeab5f195728aa45dc7bd300bccb48819bd40b12152b40e1395ac25d8b0cd1ae12b9cd46a8e54f495cca85a680cd43f70f55505f1a72c030dcebbb2e5b26ec971cd58c76ee67d86fe075bcad475658f1cdf09c94bcb5b4db83b3147882f65f67921267f8471d8deb7b159761c83fb9547db71b6878a21287aef6a2e01134e735c073645d2488138f280754ddf66cf8c0208e51a96696e185120a6b84a73d2c9bfbfa9e501f1126b44c491ec437a0b490cbcec5e8e0e0c21f803354d2d1923fe82509706ab34eb03101dded5f6421a6b90dea3db643a22eee1549e30d44184bbe7b842a656b91184ebbea76d00942b429dc07c704750fcab290c43bfdd2aed8257c21312933a11a76d0be361753a49ccbad5fab68eef867e11fa99a1d8021218809c0ce0bd52bed2d5c97fff7283e549afee371b7f1b3973ebebcf11f9687c7086129ada7bc09bca2da4fc02c0af28aa043f3f2c1e02dadfbc3a245dfd2e30e6050e05388006852e871b6890ddc006072d1a062978240df6166ba6ccb732195f21bec579d3d2b3f13e818e9fac77be72152fd441f6ab772b7fd3f888a91f8420f336e5a69e36dfdcc23b066506167960dcd1e5c84d4f236bb83f8daf03007d86d5b34aee798755077dea9b4faf98daa725cc3ab671b3b2b95c193530e0d018309a460a518878ee82e8495622028383ee97fe6a0111521b9a60fe51011bd0c62ee11e7a3dc5a0e8e8b82e476e752f63c5ba75a32e7b5b40d8ed1f539b3262351ce42d1bbcae0371ca72790ca4deff1441404f072947970ed3f23894e6c894c9fc7644c4082188b1ac8ef1e5c045bf438b9b81c7333859fcd071100785e14568c784ca30c4aea8a728a7796a201aa1b65a9355cf368b440498c433414141aaeaf722b9ee70b7cd28a3c2beb61ed99b619a4486b4b7210fe5b1cffa4474421b41303f6de7432874327532cbaecd0e1e9e90f00cf03161e9748807f3728e947c1ce281f3417a3a162deb2d01a5aa330e95b5624769d278aabfdfe6e8089c62ee1c26be5c121cfef2fcb549c1671497a05c2a397f5090caf6913fb39f01a095d55d33ae31d36bf223cd506ef2eaa48b1729c2dbdd7cf84bd1c2d0ebed7b6487991de616517c4e53665e60e6bbf559dd5cddd5eb88087fe6d0e2632f10b9e0f653bafbf992f55dd2592bea82a9a5958ae3e767bcf2c50b691e33dab8d2b1b2fb33419b5dae945a7d4a0169ec64817cc02b02139d7f70bfb42516c913311b42323cca46e690467c894a26ea624432b3c536f48ad569d56d8bf131048f81c0bf77460bf7acdf513087bcca1366bbfd05136ab5456f7e99f545f343eebf57299bfb4ef4a3af05357037e7080ba36084505eaa7339fc981cb99e381c3456d3de6cec5c5dc76427b13db53c9bfe516577b51411602146929e08c8762e6c99325a00242bd15f511f25eed7aac3537aca0407c70f362a0583fa10bb259f758feca1edb4f8adff7626bbf67fa0d940bb773d1afd523033b25107fe02161faa7a2bfcd629e58d681be5e980f8d563daac8532bc747a4242fa539416bfedf38cd8e3aab1764102c87627308abc41f6ebf8f03126d26ef90c10f0dd0fb5be22ee794fffb3ef0537f640b92c2ec335ff99422fe5fa41467e1a95fdc98e13881e1912f73afb489f237acfa971f6f64d9dc0066552167ebad1a7797412998a748d3b236e41ee5a8c223a1fa033389dfd2beb582987344db19988096e3bc0c44c8fcc4ef4a1d60b3991a5e3eb08d476c6dbdef30ce2b7f84de6925e28eed23daafe6be895d9b9c055519f9f3dd5c67cfafb5138380f581ec2bcd15c415087c85c32db56fd589883d3f1c81d56fe2436e910bc873596d4fc5abe0046e00934912f70c028c41390091988fe9fc46df6f10edb697bd1408486860fb6e77c76b4778a151769be25d891c1bde084ddcf964a7d3e528fb39835d8a003ee95e31f7c6c8f22e2d97454b8bff0450f6d9d3f3066041f19aa7e99cd00bcdb238e493912ffa5992eaa0c10dc4e0c4277ad8b5b9be74f72a0b2b89cb5df3ff6e06d84b4db052a1846a2b8284d49c0562f561dde8fe38bde79afa4eb12095c9fcfb9805ff76db4c63f2c737bb97117f880284feac51aeb26e21071a8770cffb4670fb94894c5b7cb6b60c3cc6a0e04458371bf59669f07be5517d5aafd2485aac11e29332bc9c0d9aab851d40aa713665be691c1887ed057e63bdb4da732f70dfe503a009c6c431d6780559273215a222228082dbe613d2dc235908927b1693adf812ddd267d1f7b64abc5e174b057e550c60d5b4e5f4aed8fe16dc5ecd7d7fbc3647efe8abbd9f2ce4f21a14d2e76af8a0551d99f1d35cfee6a068f521af0340750658b415685ae99459744c3b29e24f70977ca21e8638045a3dcb88556904f4cdb31920b89dadc5b846d7a1306d1f86d179e1f611d0c061146e3df0aac42cc6710231d844e167a57b99f68ca174152d088d5af232d5d4e186f026dbd0fff228e7de1ce0e5d28f439e94b6cf106306a740071a03ee25387d1c0b2da3b24dfbbbf078458e3db1c42d1c369b3f57946cfba615151c118e5bc31d43f9621bc30ab6fca226285c50eaca6daedb148d0c4acf1d9691e875338221074630d9ac117fc704b06da6b595f9906681f5a598d0308da0d56e45a216860a3acbb2e00376d2931a21695239a8216347d39f649c0d990191a62a32563cc967a03e606ada7dc76e67a1e867ace9e05e8a27d96987b93eec3cbce6c8c4021ef2a7a862bcb49b2450c63802c41bbfd8ae9f3c9a55a570470c41a9ac7ec88c83d5c1f2c9342b30ab09e50271a7be04feedf85abac9efaf1422a045f6383886d3014c6436c7986f264d119b1f8aec8c67be8147feebbb94266c009d98db54dcfd9b6f275f13c210d10d808b55cb558faaa2a89f90023fb7aff01dcd6143c7fb985e286ae7bcd521916794ac148bf85ef14d8a54fe91739a4b0c3bfa4e77d70ebe0bd187364be48953bbcbb220dd43f2e9382d430dd0baf069b6e3fa46d696317b4b0dc030c7edf27c416f33082ae1b0b13290580b5c513adb90fd373af0403f268521fcad12940dec7f0532aff0f78813416cf965937f7ca0eaeee97dcf7a7ec603b892ba55801a6637ff1a8e4d99bbb969ae06bfadc232f131b19cece7b8c998d6c57b9b68d2252d7e543091583b67b868c8dc079c1c95294c5e039c637b1a02e58d614fdb79f3f08a29f9f90ba09370675ac1b071f07bbf97e48d3e3d102590c2fc4ccf5354c088f41f1abe507901a1b5e246c88f81e297a2876182669b16f1be10e68f3bc66c7e20f34ea5a5252ea013f71ef78931ea4e99f5ee9e4761cc3f773eb02fce9065c333eb58da334a67525d9f885747aeeb3193c3e6b60e037b7006435be7bf1eb5ac592e288984885b5f9781a900885c59ee235785501ab93d73ce758aba261f5cf1d732246096412a0a9334fc113b1fdedd0a15961a252479a91a889dd312a4fe44a49a5c8f3364740e2c84ad375226b0a8070d6e5f316320c6f33461e7c32395c60b531aef2690da2ce0a965df38756c26be257f62e89404ce58a62846e11ae30490ed476a484c5b798d0c67cbd795b7e02d460fc1be0dbf85180fbc7d650c14cc86cfe65259fde8d330ff96a175c49ccdca9dcc9886dcfdd763a8ac7bf4c02cec7ca5f808406a9a04ea18cab07febdb8f1f65e987de2cf830ed782ee590f857385f3514798bd3c98bc0bf3c9ceb63b7d2c4d084332f0f4702c185fe9b1a5780f8b11f18b10c9eae1d18a5d45d2677cda5c927906c507f21b987026965d5a9edc182cf6b104878aa8afe22731b2ec16b692cd2819b37a50036db1b6a47f6c47299a8bd35735d180eb1d75d956e8d020db4279fe1332664dfc01cedb5742545a3f2173a159841e11552564c3fbd39fdff26c4438d0b2f66b65f4ddd5778734562eb2bf1d56f5970a8463b520cbbc55dbacdf37a6a16e5c7135f3120c7bd4bf2fcefdf47d55d5a7ac628341ecf694098fd457d23bcce0b2296bf99ab9aff749af11b22fa2f24d4ee95659f3faf48978aea794a80415c845a6d7f924c68a62972db65b9185ff527719c5f8bae299fd50bb7ee1ced73528ab0648b870d8e8ff0acecabf2de8fd4ad30b1fce4084d8e1cfcee237f13a27e4d238f6d2eff350f2393f5ed9918cc35917f2035b1a5faf297bff886b6716db37215b822c8af5142ac94849e5484adb4e59ef85dd56473b1f6e1f6065c8e744377d98815f53244558c42af67e3502865bc81c37741c5ed3ed07e33c64a9d8b2f527e54e3c7e10666dd95eed759e8a3244c5a704a9349ee929752226d01c10bfa94d31ac2ced8261e5fc3a15f68500a9e7b5ad53fe3de581ae3fc9a03fc4da706c17b40ba5d9505938dd55f09989812e25ee54f7668fe8bd274e0c0b040a15c18b9d8bcee0cc88590637a8e7b6792ea8aa8dfd4fa8cfa183f3ce15308acc9d91d02e7f7b46f472c8fabead73ebe033fcc507384948a1eaf03548d79b649be7715b1aa0814a59183424e49e86bc9781ce2e9e8277a85f9b0b4faff231453829faa628ab00daedf8b8aeaeef758bbcbeaf8863ba179e1054b3da56466486fd9b8dcc42ca1bae2d4ff8e0877d9a726744080e125f7a1bbca906bcc59e8798e73bd79e5de3b4a79aa2bc2e8be40b695b5add3a8fc0952053bfc352849fe1ba9da83daca4c904c66fe91e55709ebca2a36356912a285f2206446b3216d78c9fe498431025b1af22d99537d5f86efb23e11e6e8e7d6cd97069c533e908cfb234c26a3424915459c53bf76ff18d7cceca11511b689611ff74118844aed1d4882f5d2a9d051bc3e051a53b7633138d0325082263497c9102cd33fb16c27a93055617ad14befe6321d40251d239d45a89bb079e24b04470fa75454d91bcc39c233eb0ad4a03d5667b9c7eea0d927d665dc2db377c71cfee93bbcd77f6096a2dd14452f1d74a9ebc7288670943ce9910f", 0x2000, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x18, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x147982, 0x40)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8, 0x12, r3, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_DEFER_SETUP(r4, 0x112, 0x7, &(0x7f0000000000)=0x1, &(0x7f0000000040)=0x4)
ioctl$FS_IOC_GETFSLABEL(r0, 0x800452d3, &(0x7f0000000100))

4.632594678s ago: executing program 3 (id=1281):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000f00)={'filter\x00', 0x7, 0x4, 0x410, 0x218, 0x110, 0x0, 0x328, 0x328, 0x110, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, {{@uncond, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00'}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@dev, @rand_addr, @multicast2}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x460)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
readv(r4, &(0x7f00000004c0)=[{&(0x7f0000000240)=""/18, 0x12}], 0x1)
ioctl$TCSETSW(r4, 0x5403, &(0x7f0000000200)={0x0, 0x0, 0x0, 0xffffffff, 0x0, "f7ef9ffbd8e6700354ce0000000000e5ff00"})
ioctl$TCSETAF(r4, 0x5408, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x7, 0x0, "ffffde00"})
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000000c0))
socket$igmp6(0xa, 0x3, 0x3a)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x0)

3.010117582s ago: executing program 0 (id=1289):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f00000001c0), 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000180)=0x2, 0x4)
shutdown(r0, 0x1)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x240088d6)

3.005608204s ago: executing program 0 (id=1290):
bpf$ITER_CREATE(0x21, &(0x7f0000000240), 0x8)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300)=0xffffffffffffffff, 0x4)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB="00000cd54128669827e356e3885f6020d1b372de6e00000020", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x19, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$kcm(0x10, 0x400000002, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000500)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
iopl(0x3)
r2 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
pwritev2(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="d0600b401f39b97bf93ecf49759e94b4519a0de2f87e5c417273a5dce55efb335b22dce602ca972f116438489fdab766171401f130eb1c9e78ec70db15755f97ca197fc3da0b85ea0d2f7bdffcc1caa5810430b5448f4ae272489f5c7ac1e4660c4f7b0446d5457181924a3d4dbfdfee93a14379adfe7c1effdacb69a945", 0x7e}], 0x1, 0xa, 0x6e6f2b53, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0xc, 0x141341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x20, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000001600)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000600)="ef3d2b2ab3", 0x5}, 0x68)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r4, 0x18000000000002a0, 0x21, 0x0, &(0x7f0000000140)="e6ff03316844268cb89e14f0ea00cb865646d501c3cf6e73629e8a162892ae0b17", 0x0, 0x2000000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.721657452s ago: executing program 2 (id=1294):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x2, 0x103)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000120000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705f69643d20d82c6c9d3c0282dd9da2f6ba69707cf4f00e1b3ceaa9e5ae1409b836bc5a63efdfae5585f04e8d106aef5022a1328552f40f38cf67938ce46c18193d89d03e274f2146d7433288e28656ca68426b9f30eb264bfc586cd9cb36ec58516edbc082678e37a9014e2aeb80c5a0b418074c", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r1, &(0x7f0000002300)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000001200)={0x50, 0x0, r2, {0x7, 0x27, 0x0, 0x500000}}, 0x50)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000004340)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f0000000200)={0x10, 0xffffffffffffffda, r3}, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000480), 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmmsg$sock(r5, &(0x7f0000002b40)=[{{0x0, 0x0, &(0x7f0000002a80)=[{&(0x7f00000029c0)="4c37bfc48b1b876028ac95ea475f54d3a01403f95458a1cbb3722984a54031fc", 0x20}], 0x1}}], 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)=ANY=[], 0x48)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000000080)=0x200000000)
r7 = dup2(r1, r1)
ioctl$VHOST_VSOCK_SET_RUNNING(r7, 0x4004af61, &(0x7f0000000000)=0x5)
readv(r7, &(0x7f0000000440)=[{&(0x7f0000000200)=""/85, 0x55}], 0x1)
ioctl$VHOST_VSOCK_SET_RUNNING(r7, 0x4004af61, &(0x7f0000000040)=0x1)
write$vhost_msg_v2(r7, &(0x7f0000000280)={0x2, 0x0, {&(0x7f0000000140)=""/128, 0x80, 0x0, 0x0, 0x2}}, 0x48)

1.56171272s ago: executing program 2 (id=1295):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000980)=ANY=[@ANYBLOB="180200000000000000000000000000008500000030000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0xfffff000, 0x0, 0x0, 0x0, 0x0}, 0x48)

1.561314942s ago: executing program 2 (id=1296):
r0 = syz_usb_connect(0x6, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix_mp={0x0, 0x0, 0x32315258}})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
write$binfmt_script(r5, &(0x7f0000000340), 0xfe07)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0xc0145b0e, &(0x7f0000000040))
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r9 = syz_open_dev$I2C(&(0x7f0000000040), 0x7f9f, 0x0)
ioctl$I2C_SMBUS(r9, 0x720, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_CLEAR_HALT(r8, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
sendto$inet(r5, &(0x7f0000000180)="923bf3a8fe14fe31cf047e2a34b121ac00d2c79bd45ca8a09fbf448f43c033264c417fa2c2bb8efbe8fe650c019aee5bb3a9bab0dc0e152099007637c135e5e81c6c950d6ff5445333f006fb7e9729c267dc0aa9687565d7fc38fc1d13b80ce3e9e5c10694ac0a5e3a7e6e49147bb74ae17b1ea39d95", 0x76, 0x44881, 0x0, 0x0)
r10 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil)
shmat(r10, &(0x7f0000ffd000/0x3000)=nil, 0x4000)
shmctl$IPC_RMID(r10, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
remap_file_pages(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
lsm_list_modules(0x0, &(0x7f0000000040), 0x0)
connect$llc(r5, &(0x7f0000000000)={0x1a, 0x7, 0x80, 0x6, 0x81, 0x77, @random="0bff0d0ab7f3"}, 0x10)

1.197008229s ago: executing program 0 (id=1297):
r0 = socket(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x65, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x6, 0x13, &(0x7f00000003c0)=@raw=[@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @cb_func={0x18, 0x8, 0x4, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @generic={0x80, 0x0, 0x9, 0x1, 0x3}, @alu={0x7, 0x0, 0x9, 0x3, 0x1, 0x100, 0xfffffffffffffff0}, @generic={0x9, 0x9, 0x2, 0x6, 0xb8000000}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_query], &(0x7f0000000180)='syzkaller\x00', 0x4, 0x1a, &(0x7f0000000240)=""/26, 0x3da5c00043f1ffb4, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x8, 0x7fffffff}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0xc, 0x7ff, 0x8}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000500)=[{0x1, 0x5, 0x0, 0x7}], 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f00000006c0), &(0x7f0000000100)=r2}, 0x20)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, 0x0, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)={0x6, 0x7ab0715dca68fedf, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0xff, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x80}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
dup(0xffffffffffffffff)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/stat\x00', 0x0, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r7, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, 0x0, 0x0)
connect$inet(r7, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r7, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000140)="53a1b228144d4835415007b390c577cc8a52baa9acba00f1dd7513f66663907dd44196b10d83678ae900d813987c30ec", 0x30}, {&(0x7f0000000540)="0b8b61a9d3983220d21a6c51b2595f671ffd4f674d81bec0e74d44fc1f87c6699a37d7dc912a573f5160648d2dc6dcb9b7fadbfa5f6d0b77afb8e72fc808ca522704d3a40c10a4ec42cef49e0f14cfed658cd906fbfbd5662ad2d46f866d5822", 0x60}, {&(0x7f0000000700)="ecb0cf337e24fac56e2538eeef46cfc55416975a2b339dc2fd50692d3a8701efab83f5d5522b4d66e05b95861dbd39ec103f21789acad70354be14337dee47726ee004957151164ff869fd080c8aba3cbbb98dc6833516bd27cea00e2bcf832865128a661ee2d8bb45952d584728fc7b3d9031f3fca7780d3345a6386a1380b311cbf7dcfcc6f0cc62cef4971d77e32d4df628932e98b716b22833c4f753ae66f24ad52ad704929d72860c28223013a4e9e1f1d0457b2ced6397ba", 0xbb}, {&(0x7f0000000340)="88b1b408f4505cceda1a52bd9275c1cee323958beab018ed3fcfbda5a40856fff0e5775f3964edba0dffc9d6d5781f0cd36e643553f83c877d4abcf0197bdc9e0420107e5ce648500ee9d4e1d6f9b70f882178e1d16aedb5ac18916125c173da0679e5256e3494915f76f31d", 0x6c}, {&(0x7f0000000880)="f3800fa39c041d1b847639be7e710c9d84b36d726fd1c0c270e96d7301800d1474a8eb421e917e4356d41fe994c2f77cbe4d1c995b1457fe265375b93d0921e88a50b1ecd43d26e80ac566f640c663150d78beb087b3b94a4abfe1f4595f787d80ddb07bd31da39d135514a9bb1489bef35ef7a524ce59fcada09cab615172ab3d844b24bb76d2b1443a7942708f845d143499446d609aba4d95531eb7396d6606b9d0e6f559fb04ec9352e6dc104d1f6d89e4157200fea77e", 0xb9}, {&(0x7f00000009c0)="91e63bba648258706160117885363debd7e23684aa6e7c41fd6873ca56f4cffd1550819bdaee6c6d923c1ccd95950a085ca74094eee665b3a23811bb4e193946573ddf786db600d95230e5e4771638575d297fc5d7055a5aac2323a863e69f0843e1978fcf5a8501bf0a587601a0019e315d68a38b2fbbc07016fbc5938551d39b5dafe31a7c50f47d8c9d8b0c152d5bbe2194208c2093faa1447e1bff7f78e8e715b29dc3f4ff086a0570bf519be43633f57dfa1628a5665fd75f78295733525e2952887565d265698c93b1c551e71d5b04074a6af623f6b7142de0f4608c4cfb12e49e17f0d2598ea42337393f690fe4f4f29ae7b31753f769c85387c0f22e28df35968d6353e2f0db11339b7d136bff95efb22dae41c46f2d0046486e2ab1ae862a5fe46f32ce0f40d710ef0ffe579497a49404094f2161d17b4401b85481b2d72001ff", 0x145}, {&(0x7f00000007c0)="3efce8a8cebdc7241cb440f11fea781548d34d5e722a5dba696e4537ea944559f4e059a3fe4330959c11510fa33e1c42452283b13d4c83a23330b6408a9be851c6236b43a9ea7afb34e1a990513670a5c28bc7e3214ef988fed2004e84214e139f098cdd67c5f34c9080698ef5b3624d7da6c42114782f19b032ea52", 0x7c}, {&(0x7f0000000940)="c8", 0x1}, {&(0x7f0000000640)='i', 0x1}], 0x9}}], 0x1, 0x7c9ce320e12db95)
sendfile(r7, r6, 0x0, 0x4000000000010046)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
fcntl$lock(r4, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0xffffffffffffffff})

1.000518266s ago: executing program 0 (id=1298):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f00000001c0), 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000180)=0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x240088d6)

1.000057177s ago: executing program 0 (id=1299):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}], 0x0, 0x0, 0x2}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8004, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r0=>0x0], 0x0, 0x0, 0x0, 0x1})
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000080)={r0, r3})
ioctl$DRM_IOCTL_MODE_DIRTYFB(0xffffffffffffffff, 0xc01864b1, &(0x7f0000000280)={r3, 0x2, 0x41, 0x6, &(0x7f0000000100)=[{0x4a9, 0xffff, 0xfffa, 0x5}, {0x3, 0x3, 0x7, 0x8001}, {0x4, 0x3, 0x7f8f}, {0x5, 0xd8, 0x5, 0x4}, {0x8a2, 0x0, 0x1, 0xbe}, {0x0, 0x1, 0x4, 0x8}]})
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
ioctl$sock_SIOCBRDELBR(r5, 0x89a1, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r6, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r9 = dup3(r8, r7, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f00000002c0)={0x44, 0x0, &(0x7f0000000440)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0xfeffffffffffff, &(0x7f0000000600)=','})
getsockopt$inet6_IPV6_XFRM_POLICY(r9, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast2, @in6}}, {{@in=@remote}, 0x0, @in6=@private1}}, &(0x7f0000000040)=0xe8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r10 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
pwritev2(r10, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x100000}], 0x2, 0x0, 0xa1, 0xb)

949.000811ms ago: executing program 2 (id=1300):
r0 = syz_open_dev$vim2m(&(0x7f0000000500), 0x800, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000680)={0x2, @win={{0x0, 0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0}})

878.044812ms ago: executing program 2 (id=1301):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r0, 0x6, 0x9, &(0x7f0000000740), 0x4)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x42)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, &(0x7f0000000300)={{0x3, 0x0, 0xc, 0x1, 0x4}, 0xfffffffe, 0xfffffffe, 'id0\x00', 'timer1\x00', 0x0, 0x4343, 0x5, 0x6, 0x5})
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="140100000000b2000500000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
timer_create(0x7, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r4}, 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x0)
r6 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
splice(r5, 0x0, r6, 0x0, 0x10000000000016, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000200)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x4, 0x0, 0x0, 0xfffffffe, 0x2c, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback={0xfec0ffff00000000, 0xffff8881114a4aa8}, 0x0, 0x20}})
open(&(0x7f0000001b80)='./bus\x00', 0x14927e, 0x16)

539.65µs ago: executing program 2 (id=1302):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x2c}, 0x4)
syz_socket_connect_nvme_tcp()
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_LOOPBACK(r1, 0x65, 0x3, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

0s ago: executing program 0 (id=1303):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000001280), 0xaa000, 0x0)
r4 = socket(0x11, 0x800000003, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)={'team0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f00)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x4, [], 0x2}}}}]}, 0x88}}, 0x0)
ioctl$FBIOBLANK(r3, 0x4611, 0x2)
ioctl$FBIO_WAITFORVSYNC(r3, 0x40044620, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0d00000004000000040000000600000000000000", @ANYRES32=r7, @ANYBLOB="ad6a00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0d00000504000000040000000900000000000000", @ANYRES32=r8, @ANYBLOB="0899310d35", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
close_range(r8, r4, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000d86dd6000000400282c00fe8000000000000084000000000000bb"], 0x0)
r9 = openat$ubi_ctrl(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup3(0xffffffffffffffff, r9, 0x0)
getsockopt$netlink(r9, 0x10e, 0x5, &(0x7f0000000140)=""/21, &(0x7f0000000180)=0x15)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)

kernel console output (not intermixed with test programs):

    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  398.679712][ T9114] overlay: filesystem on ./bus not supported
[  398.679972][   T39] audit: type=1400 audit(1729684835.118:865): avc:  denied  { mounton } for  pid=9111 comm="syz.2.857" path="/4/file1/bus" dev="autofs" ino=36359 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  398.944527][   T65] Bluetooth: hci1: command 0x040f tx timeout
[  399.024202][   T65] Bluetooth: hci2: command tx timeout
[  399.303577][ T9120] xt_socket: unknown flags 0x3c
[  399.584308][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  400.343800][ T9123] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  400.346135][ T9123] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  400.350336][ T9123] vhci_hcd vhci_hcd.0: Device attached
[  400.365377][ T9116] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  400.367042][ T9116] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  400.368647][ T9116] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  400.370373][ T9116] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  400.371986][ T9116] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  400.373669][ T9116] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  400.378621][ T9116] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  400.383246][ T9116] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  400.524346][ T5402] vhci_hcd: vhci_device speed not set
[  400.584660][ T5402] usb 13-1: new full-speed USB device number 5 using vhci_hcd
[  400.624299][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  400.644307][ T8587] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  400.804169][ T8587] usb 5-1: Using ep0 maxpacket: 8
[  400.814965][ T8587] usb 5-1: config index 0 descriptor too short (expected 12336, got 27)
[  400.817186][ T8587] usb 5-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  400.819460][ T8587] usb 5-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  400.822169][ T8587] usb 5-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  400.844259][ T8587] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  400.846844][ T8587] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  401.064342][ T9124] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 4
[  401.066996][ T8587] usb 5-1: string descriptor 0 read error: -71
[  401.069087][ T8587] usb 5-1: USB disconnect, device number 30
[  401.070534][   T45] vhci_hcd: stop threads
[  401.073312][   T45] vhci_hcd: release socket
[  401.075922][   T45] vhci_hcd: disconnect device
[  401.715940][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  402.384452][ T5341] Bluetooth: hci2: command 0x0c1a tx timeout
[  402.386310][ T5344] Bluetooth: hci1: command 0x040f tx timeout
[  402.387757][ T5344] Bluetooth: hci0: command 0x0c1a tx timeout
[  402.389232][ T5344] Bluetooth: hci6: command 0x0c1a tx timeout
[  402.392682][ T4773] Bluetooth: hci4: command 0x0c1a tx timeout
[  402.395492][   T65] Bluetooth: hci3: command 0x0c1a tx timeout
[  402.428437][   T39] audit: type=1400 audit(1729684838.868:866): avc:  denied  { setopt } for  pid=9142 comm="syz.3.865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  402.561006][   T39] audit: type=1400 audit(1729684838.998:867): avc:  denied  { getopt } for  pid=9144 comm="syz.0.866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  402.566878][   T39] audit: type=1400 audit(1729684839.008:868): avc:  denied  { read } for  pid=9144 comm="syz.0.866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  402.704384][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  403.614227][ T1288] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  403.754480][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  403.791910][ T1288] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  403.795747][ T1288] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  403.800464][ T1288] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  403.803606][ T1288] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.807330][ T1288] usb 5-1: config 0 descriptor??
[  404.180440][ T9154] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  404.182649][ T9154] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  404.185633][ T9154] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  404.188246][ T9154] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  404.190607][ T9154] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  404.192802][ T9154] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  404.267629][ T9164] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  404.270432][ T9164] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  404.274957][ T9164] vhci_hcd vhci_hcd.0: Device attached
[  404.454647][ T7003] vhci_hcd: vhci_device speed not set
[  404.515925][ T7003] usb 17-1: new full-speed USB device number 5 using vhci_hcd
[  404.518760][   T25] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  404.664172][   T25] usb 7-1: Using ep0 maxpacket: 8
[  404.666890][   T25] usb 7-1: config index 0 descriptor too short (expected 12592, got 27)
[  404.669094][   T25] usb 7-1: config 55 has too many interfaces: 55, using maximum allowed: 32
[  404.671355][   T25] usb 7-1: config 55 has an invalid descriptor of length 55, skipping remainder of the config
[  404.674088][   T25] usb 7-1: config 55 has 0 interfaces, different from the descriptor's value: 55
[  404.677046][   T25] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  404.679425][   T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.835565][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  404.885122][ T9165] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 4
[  404.887872][  T204] vhci_hcd: stop threads
[  404.888994][  T204] vhci_hcd: release socket
[  404.890998][   T25] usb 7-1: string descriptor 0 read error: -71
[  404.891163][  T204] vhci_hcd: disconnect device
[  404.897038][   T25] usb 7-1: USB disconnect, device number 29
[  405.734288][ T5402] vhci_hcd: vhci_device speed not set
[  405.851723][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  406.064300][ T5347] Bluetooth: hci3: command 0x0c1a tx timeout
[  406.224282][ T5347] Bluetooth: hci2: command 0x0c1a tx timeout
[  406.224466][   T65] Bluetooth: hci4: command 0x0c1a tx timeout
[  406.226439][ T5344] Bluetooth: hci0: command 0x0c1a tx timeout
[  406.228898][   T65] Bluetooth: hci6: command 0x0c1a tx timeout
[  406.230050][ T5341] Bluetooth: hci1: command 0x040f tx timeout
[  406.864336][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  407.572007][   T30] usb 5-1: USB disconnect, device number 31
[  407.689387][   T45] bridge_slave_1: left allmulticast mode
[  407.690910][   T45] bridge_slave_1: left promiscuous mode
[  407.692442][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  407.700989][   T45] bridge_slave_0: left allmulticast mode
[  407.702454][   T45] bridge_slave_0: left promiscuous mode
[  407.703941][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.157279][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  408.163262][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  408.173750][   T45] bond0 (unregistering): Released all slaves
[  408.258125][   T45] tipc: Disabling bearer <udp:s>
[  408.259588][   T45] tipc: Left network mode
[  408.305684][ T4773] Bluetooth: hci2: command 0x0c1a tx timeout
[  408.587933][   T45] hsr_slave_0: left promiscuous mode
[  408.590098][   T45] hsr_slave_1: left promiscuous mode
[  408.592829][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  408.595046][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  408.609589][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  408.611901][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  408.833775][   T45] veth1_macvtap: left promiscuous mode
[  408.836158][   T45] veth0_macvtap: left promiscuous mode
[  408.838228][   T45] veth1_vlan: left promiscuous mode
[  408.841026][   T45] veth0_vlan: left promiscuous mode
[  409.666944][ T7003] vhci_hcd: vhci_device speed not set
[  410.136486][   T45] team0 (unregistering): Port device team_slave_1 removed
[  410.264977][   T45] team0 (unregistering): Port device team_slave_0 removed
[  410.951446][ T9172] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  410.959037][ T9172] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  410.968858][ T9172] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  410.976713][ T9172] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  410.983401][ T9172] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  410.986382][ T9172] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  411.594243][ T9216] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  411.596175][ T9216] IPv6: NLM_F_CREATE should be set when creating new route
[  411.598054][ T9216] IPv6: NLM_F_CREATE should be set when creating new route
[  411.791860][ T9219] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  411.803454][ T9219] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  411.806045][ T9219] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  411.808341][ T9219] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  411.810902][ T9219] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  411.813513][ T9219] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  411.818526][ T9219] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  411.907348][ T6488] usb 8-1: USB disconnect, device number 21
[  412.071465][ T9234] netlink: 8 bytes leftover after parsing attributes in process `syz.2.887'.
[  412.130820][ T9213] chnl_net:caif_netlink_parms(): no params data found
[  412.313532][   T45] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.330217][ T9213] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.339885][ T9213] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.346935][ T9213] bridge_slave_0: entered allmulticast mode
[  412.353273][ T9213] bridge_slave_0: entered promiscuous mode
[  412.363985][ T9213] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.366656][ T9213] bridge0: port 2(bridge_slave_1) entered disabled state
[  412.369568][ T9213] bridge_slave_1: entered allmulticast mode
[  412.372089][ T9213] bridge_slave_1: entered promiscuous mode
[  412.382066][   T39] audit: type=1400 audit(1729684848.738:869): avc:  denied  { read } for  pid=9236 comm="syz.3.888" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  412.408622][ T9213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  412.420178][ T9213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  412.470739][ T9213] team0: Port device team_slave_0 added
[  412.476834][ T9213] team0: Port device team_slave_1 added
[  412.525540][ T9213] batman_adv: batadv0: Adding interface: batadv_slave_0
[  412.527632][ T9213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  412.561258][ T9213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  412.590211][ T9213] batman_adv: batadv0: Adding interface: batadv_slave_1
[  412.592231][ T9213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  412.614350][ T9213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  412.680143][   T45] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.089371][   T45] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.220249][   T45] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.285353][ T9213] hsr_slave_0: entered promiscuous mode
[  413.299870][ T9213] hsr_slave_1: entered promiscuous mode
[  413.302598][ T9213] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  413.309940][ T9213] Cannot create hsr debugfs directory
[  413.593810][   T45] bridge_slave_1: left allmulticast mode
[  413.595956][   T45] bridge_slave_1: left promiscuous mode
[  413.597621][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.611778][   T45] bridge_slave_0: left allmulticast mode
[  413.613521][   T45] bridge_slave_0: left promiscuous mode
[  413.615305][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.624246][   T45] bridge_slave_1: left allmulticast mode
[  413.625798][   T45] bridge_slave_1: left promiscuous mode
[  413.627649][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.639100][   T45] bridge_slave_0: left allmulticast mode
[  413.641041][   T45] bridge_slave_0: left promiscuous mode
[  413.643201][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.760355][ T9252] overlayfs: missing 'lowerdir'
[  413.824334][ T9172] Bluetooth: hci1: command 0x040f tx timeout
[  413.826328][ T9172] Bluetooth: hci2: command 0x0c1a tx timeout
[  413.828010][ T5341] Bluetooth: hci4: command 0x0c1a tx timeout
[  413.830313][ T4773] Bluetooth: hci5: command 0x041b tx timeout
[  415.028650][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  415.033391][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  415.038139][   T45] bond0 (unregistering): Released all slaves
[  415.139872][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  415.146286][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  415.151199][   T45] bond0 (unregistering): Released all slaves
[  415.424290][ T6488] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  415.477147][ T9277] netlink: 12 bytes leftover after parsing attributes in process `syz.0.896'.
[  415.517637][ T9272] could not allocate digest TFM handle tgr192
[  415.519703][ T9283] netlink: 'syz.3.895': attribute type 10 has an invalid length.
[  415.521017][ T9277] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43549 sclass=netlink_route_socket pid=9277 comm=syz.0.896
[  415.521779][ T9283] netlink: 40 bytes leftover after parsing attributes in process `syz.3.895'.
[  415.546039][ T9283] team0: Port device geneve0 added
[  415.596796][ T6488] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  415.600052][ T6488] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  415.604774][ T6488] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  415.607243][ T6488] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.616195][ T6488] usb 7-1: config 0 descriptor??
[  415.873824][   T45] hsr_slave_0: left promiscuous mode
[  415.880160][   T45] hsr_slave_1: left promiscuous mode
[  415.886313][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  415.888334][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  415.889276][   T39] audit: type=1400 audit(1729684852.328:870): avc:  denied  { getopt } for  pid=9290 comm="syz.3.905" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  415.902087][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  415.904074][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  415.906126][ T4773] Bluetooth: hci5: command 0x041b tx timeout
[  415.918937][   T45] hsr_slave_0: left promiscuous mode
[  415.921631][   T45] hsr_slave_1: left promiscuous mode
[  415.929574][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  415.932603][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  415.942918][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  415.946150][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.042201][   T45] veth1_macvtap: left promiscuous mode
[  416.044385][   T45] veth0_macvtap: left promiscuous mode
[  416.046351][   T45] veth1_vlan: left promiscuous mode
[  416.048316][   T45] veth0_vlan: left promiscuous mode
[  416.051583][   T45] veth1_macvtap: left promiscuous mode
[  416.053082][   T45] veth0_macvtap: left promiscuous mode
[  416.053347][ T6488] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  416.057636][ T6488] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  416.058433][   T45] veth1_vlan: left promiscuous mode
[  416.062266][   T45] veth0_vlan: left promiscuous mode
[  416.073977][ T6488] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  416.439571][ T8565] usb 7-1: USB disconnect, device number 30
[  416.577361][   T39] audit: type=1400 audit(1729684853.018:871): avc:  denied  { map } for  pid=9315 comm="syz.3.900" path="socket:[28050]" dev="sockfs" ino=28050 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  416.578629][ T4773] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  416.583756][   T39] audit: type=1400 audit(1729684853.018:872): avc:  denied  { read } for  pid=9315 comm="syz.3.900" path="socket:[28050]" dev="sockfs" ino=28050 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  416.602200][ T4773] Bluetooth: hci2: SCO packet for unknown connection handle 1039
[  417.212602][   T45] team0 (unregistering): Port device team_slave_1 removed
[  417.337107][   T45] team0 (unregistering): Port device team_slave_0 removed
[  417.894825][   T39] audit: type=1400 audit(1729684854.338:873): avc:  denied  { recv } for  pid=0 comm="swapper/1" saddr=fe80::2 daddr=ff02::1 netif=eth0 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  417.986174][ T4773] Bluetooth: hci5: command 0x041b tx timeout
[  418.844604][   T45] team0 (unregistering): Port device team_slave_1 removed
[  418.953201][   T45] team0 (unregistering): Port device team_slave_0 removed
[  419.626545][ T9213] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  419.774552][ T9317] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  419.793817][ T9213] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  419.797619][ T9213] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  419.807699][ T9213] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  419.943647][ T9213] 8021q: adding VLAN 0 to HW filter on device bond0
[  419.979882][ T9213] 8021q: adding VLAN 0 to HW filter on device team0
[  420.026492][ T9110] bridge0: port 1(bridge_slave_0) entered blocking state
[  420.028417][ T9110] bridge0: port 1(bridge_slave_0) entered forwarding state
[  420.060976][ T9110] bridge0: port 2(bridge_slave_1) entered blocking state
[  420.063387][ T9110] bridge0: port 2(bridge_slave_1) entered forwarding state
[  420.079518][ T4773] Bluetooth: hci5: command 0x041b tx timeout
[  420.281612][ T9213] 8021q: adding VLAN 0 to HW filter on device batadv0
[  420.336230][ T9213] veth0_vlan: entered promiscuous mode
[  420.351898][ T9213] veth1_vlan: entered promiscuous mode
[  420.379381][   T39] audit: type=1400 audit(1729684856.818:874): avc:  denied  { read } for  pid=9343 comm="syz.3.906" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  420.397906][ T9213] veth0_macvtap: entered promiscuous mode
[  420.403133][ T9213] veth1_macvtap: entered promiscuous mode
[  420.427618][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.430408][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.432875][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.435554][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.437993][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.440718][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.443149][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.445935][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.448414][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.451218][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.454738][ T9213] batman_adv: batadv0: Interface activated: batadv_slave_0
[  420.462792][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.467154][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.469694][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.472519][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.475239][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.478004][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.480728][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.483265][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.486430][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.496109][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.503398][ T9213] batman_adv: batadv0: Interface activated: batadv_slave_1
[  420.515239][ T9213] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  420.522118][ T9213] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  420.529706][ T9213] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  420.535319][ T9213] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  420.591400][  T204] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  420.593482][  T204] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.617083][ T8926] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  420.621165][ T8926] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.760056][   T45] bridge_slave_1: left allmulticast mode
[  420.761765][   T45] bridge_slave_1: left promiscuous mode
[  420.767802][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.770959][   T45] bridge_slave_0: left allmulticast mode
[  420.772557][   T45] bridge_slave_0: left promiscuous mode
[  420.784360][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.847721][ T9369] could not allocate digest TFM handle tgr192
[  421.087471][ T9393] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  421.089217][ T9393] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  421.091624][ T9393] vhci_hcd vhci_hcd.0: Device attached
[  421.181733][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  421.189297][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  421.195239][   T45] bond0 (unregistering): Released all slaves
[  421.204012][ T9369] netlink: 'syz.2.907': attribute type 10 has an invalid length.
[  421.207165][ T9369] netlink: 40 bytes leftover after parsing attributes in process `syz.2.907'.
[  421.224755][ T9369] team0: Port device geneve0 added
[  421.284287][ T7003] vhci_hcd: vhci_device speed not set
[  421.334647][ T7003] usb 19-1: new full-speed USB device number 2 using vhci_hcd
[  421.647988][   T45] hsr_slave_0: left promiscuous mode
[  421.659876][   T45] hsr_slave_1: left promiscuous mode
[  421.666112][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  421.668084][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  421.678134][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  421.680866][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  421.702883][   T45] veth1_macvtap: left promiscuous mode
[  421.704959][   T45] veth0_macvtap: left promiscuous mode
[  421.706373][   T45] veth1_vlan: left promiscuous mode
[  421.707785][   T45] veth0_vlan: left promiscuous mode
[  422.035052][ T9394] vhci_hcd: connection reset by peer
[  422.036814][ T8659] vhci_hcd: stop threads
[  422.038013][ T8659] vhci_hcd: release socket
[  422.040494][ T8659] vhci_hcd: disconnect device
[  422.144281][ T4773] Bluetooth: hci5: command 0x041b tx timeout
[  422.815967][   T45] team0 (unregistering): Port device team_slave_1 removed
[  422.892184][ T9410] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  422.894523][ T9410] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  422.933985][ T9412] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  423.002110][   T45] team0 (unregistering): Port device team_slave_0 removed
[  423.914565][   T39] audit: type=1400 audit(1729684860.348:875): avc:  denied  { nlmsg_write } for  pid=9421 comm="syz.3.916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  423.977299][ T9430] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  424.224220][ T4773] Bluetooth: hci5: command 0x041b tx timeout
[  425.337768][ T9447] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  425.339851][ T9447] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  425.422740][ T9451] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  425.786359][ T9465] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  425.788200][ T9465] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  425.804401][ T9465] vhci_hcd vhci_hcd.0: Device attached
[  426.174269][  T830] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  426.345054][  T830] usb 8-1: Using ep0 maxpacket: 8
[  426.353993][  T830] usb 8-1: config index 0 descriptor too short (expected 12336, got 27)
[  426.356400][  T830] usb 8-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  426.358919][  T830] usb 8-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  426.361742][  T830] usb 8-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  426.364340][  T830] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  426.366776][  T830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.591610][ T9466] usb 19-1: recv xbuf, 0
[  426.592146][  T830] usb 8-1: string descriptor 0 read error: -71
[  426.593070][ T1101] vhci_hcd: stop threads
[  426.595423][  T830] usb 8-1: USB disconnect, device number 22
[  426.595964][ T1101] vhci_hcd: release socket
[  426.603110][ T1101] vhci_hcd: disconnect device
[  426.654231][ T7003] vhci_hcd: vhci_device speed not set
[  426.850757][ T9482] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  427.808887][   T39] audit: type=1400 audit(1729684864.228:876): avc:  denied  { mount } for  pid=9490 comm="syz.0.940" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  428.132876][ T9500] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  429.281879][ T9521] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  429.283703][ T9521] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  429.286603][ T9521] vhci_hcd vhci_hcd.0: Device attached
[  429.474240][ T7003] vhci_hcd: vhci_device speed not set
[  429.534240][   T25] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  429.536343][ T7003] usb 17-1: new full-speed USB device number 6 using vhci_hcd
[  429.694247][   T25] usb 7-1: Using ep0 maxpacket: 8
[  429.696910][   T25] usb 7-1: config index 0 descriptor too short (expected 12336, got 27)
[  429.699035][   T25] usb 7-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  429.701240][   T25] usb 7-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  429.703987][   T25] usb 7-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  429.707505][   T25] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  429.710413][   T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.760171][   T39] audit: type=1400 audit(1729684866.198:877): avc:  denied  { write } for  pid=9527 comm="syz.0.943" name="cgroup.subtree_control" dev="cgroup2" ino=350 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  429.767456][   T39] audit: type=1400 audit(1729684866.198:878): avc:  denied  { open } for  pid=9527 comm="syz.0.943" path="<too_long>" dev="cgroup2" ino=350 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  429.917946][ T9522] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 5
[  429.918399][   T25] usb 7-1: string descriptor 0 read error: -71
[  429.923145][  T204] vhci_hcd: stop threads
[  429.924404][  T204] vhci_hcd: release socket
[  429.925654][   T25] usb 7-1: USB disconnect, device number 31
[  429.931277][  T204] vhci_hcd: disconnect device
[  429.938758][ T9537] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  429.940499][ T9537] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  429.943011][ T9537] vhci_hcd vhci_hcd.0: Device attached
[  430.116545][ T1288] vhci_hcd: vhci_device speed not set
[  430.174276][ T1288] usb 19-1: new full-speed USB device number 3 using vhci_hcd
[  430.184252][ T5402] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  430.336223][ T5402] usb 8-1: Using ep0 maxpacket: 8
[  430.338836][ T5402] usb 8-1: config index 0 descriptor too short (expected 12336, got 27)
[  430.341110][ T5402] usb 8-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  430.343383][ T5402] usb 8-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  430.346033][ T5402] usb 8-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  430.348410][ T5402] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  430.350769][ T5402] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.462224][ T9543] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  430.463911][ T9543] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  430.469249][ T9543] vhci_hcd vhci_hcd.0: Device attached
[  430.559538][ T9538] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 3
[  430.562366][   T45] vhci_hcd: stop threads
[  430.563585][   T45] vhci_hcd: release socket
[  430.564920][ T5402] usb 8-1: string descriptor 0 read error: -71
[  430.570105][   T45] vhci_hcd: disconnect device
[  430.571504][ T5402] usb 8-1: USB disconnect, device number 23
[  430.734163][ T5403] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  430.894186][ T5403] usb 7-1: Using ep0 maxpacket: 8
[  430.898062][ T5403] usb 7-1: config index 0 descriptor too short (expected 12336, got 27)
[  430.900143][ T5403] usb 7-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  430.902345][ T5403] usb 7-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  430.905297][ T5403] usb 7-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  430.907611][ T5403] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  430.909906][ T5403] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.122123][ T9544] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 5
[  431.123772][ T5403] usb 7-1: string descriptor 0 read error: -71
[  431.124698][   T45] vhci_hcd: stop threads
[  431.127036][   T45] vhci_hcd: release socket
[  431.128319][   T45] vhci_hcd: disconnect device
[  431.133250][ T5403] usb 7-1: USB disconnect, device number 32
[  431.413337][ T9554] FAULT_INJECTION: forcing a failure.
[  431.413337][ T9554] name failslab, interval 1, probability 0, space 0, times 0
[  431.419014][ T9554] CPU: 2 UID: 0 PID: 9554 Comm: syz.0.950 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  431.422757][ T9554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.426705][ T9554] Call Trace:
[  431.427934][ T9554]  <TASK>
[  431.429049][ T9554]  dump_stack_lvl+0x16c/0x1f0
[  431.430817][ T9554]  should_fail_ex+0x497/0x5b0
[  431.432535][ T9554]  ? fs_reclaim_acquire+0xae/0x150
[  431.434367][ T9554]  should_failslab+0xc2/0x120
[  431.436114][ T9554]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  431.438107][ T9554]  ? mm_alloc+0x1c/0xc0
[  431.439629][ T9554]  mm_alloc+0x1c/0xc0
[  431.441085][ T9554]  alloc_bprm+0x25d/0xc50
[  431.442600][ T9554]  ? strncpy_from_user+0x1dd/0x2a0
[  431.444419][ T9554]  do_execveat_common.isra.0+0x1cd/0x630
[  431.446451][ T9554]  __x64_sys_execveat+0xda/0x120
[  431.448193][ T9554]  do_syscall_64+0xcd/0x250
[  431.449844][ T9554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.451908][ T9554] RIP: 0033:0x7f27b977dff9
[  431.453473][ T9554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.460337][ T9554] RSP: 002b:00007f27ba630038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  431.463334][ T9554] RAX: ffffffffffffffda RBX: 00007f27b9935f80 RCX: 00007f27b977dff9
[  431.466237][ T9554] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  431.469142][ T9554] RBP: 00007f27ba630090 R08: 0000000000000000 R09: 0000000000000000
[  431.471891][ T9554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.474689][ T9554] R13: 0000000000000000 R14: 00007f27b9935f80 R15: 00007ffddd6dc628
[  431.477442][ T9554]  </TASK>
[  431.478685][    C2] vkms_vblank_simulate: vblank timer overrun
[  432.455822][ T9569] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  432.457573][ T9569] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  432.459740][ T9569] vhci_hcd vhci_hcd.0: Device attached
[  432.635455][   T35] vhci_hcd: vhci_device speed not set
[  432.704300][   T35] usb 13-1: new full-speed USB device number 6 using vhci_hcd
[  433.246586][ T9570] vhci_hcd: connection reset by peer
[  433.249335][ T1101] vhci_hcd: stop threads
[  433.250760][ T1101] vhci_hcd: release socket
[  433.253523][ T1101] vhci_hcd: disconnect device
[  433.366676][ T9579] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  433.368406][ T9579] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  433.368821][   T39] audit: type=1400 audit(1729684869.808:879): avc:  denied  { mount } for  pid=9576 comm="syz.3.958" name="/" dev="hugetlbfs" ino=28308 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  433.370505][ T9579] vhci_hcd vhci_hcd.0: Device attached
[  433.634703][ T6442] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  433.804378][ T6442] usb 7-1: Using ep0 maxpacket: 8
[  433.818647][ T6442] usb 7-1: config index 0 descriptor too short (expected 12336, got 27)
[  433.820770][ T6442] usb 7-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  433.822925][ T6442] usb 7-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  433.827166][ T6442] usb 7-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  433.829463][ T6442] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  433.831765][ T6442] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.054775][ T9580] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 5
[  434.057365][ T6442] usb 7-1: string descriptor 0 read error: -71
[  434.060614][ T6442] usb 7-1: USB disconnect, device number 33
[  434.061195][ T9110] vhci_hcd: stop threads
[  434.067222][ T9110] vhci_hcd: release socket
[  434.068461][ T9110] vhci_hcd: disconnect device
[  434.284685][   T39] audit: type=1400 audit(1729684870.688:880): avc:  denied  { unmount } for  pid=9039 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  434.293687][   T39] audit: type=1326 audit(1729684870.698:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.3.961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e78d7dff9 code=0x7ffc0000
[  434.302908][   T39] audit: type=1326 audit(1729684870.698:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.3.961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e78d7dff9 code=0x7ffc0000
[  434.309082][   T39] audit: type=1326 audit(1729684870.708:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.3.961" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e78d7dff9 code=0x7ffc0000
[  434.315574][   T39] audit: type=1326 audit(1729684870.708:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.3.961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e78d7dff9 code=0x7ffc0000
[  434.322102][   T39] audit: type=1326 audit(1729684870.708:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.3.961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e78d7dff9 code=0x7ffc0000
[  434.328840][   T39] audit: type=1326 audit(1729684870.708:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.3.961" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e78d7dff9 code=0x7ffc0000
[  434.587332][ T9601] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  434.589459][ T9601] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  434.625257][ T7003] vhci_hcd: vhci_device speed not set
[  435.107604][   T39] kauditd_printk_skb: 28 callbacks suppressed
[  435.107620][   T39] audit: type=1326 audit(1729684871.548:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.3.961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e78d7dff9 code=0x7ffc0000
[  435.135870][   T39] audit: type=1326 audit(1729684871.548:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.3.961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e78d7dff9 code=0x7ffc0000
[  435.254328][ T1288] vhci_hcd: vhci_device speed not set
[  435.784431][ T7003] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  435.934475][ T7003] usb 7-1: Using ep0 maxpacket: 32
[  435.943624][ T7003] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  435.948879][ T7003] usb 7-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  435.949913][ T9624] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  435.951582][ T7003] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.956328][ T7003] usb 7-1: Product: syz
[  435.957449][ T7003] usb 7-1: Manufacturer: syz
[  435.958667][ T7003] usb 7-1: SerialNumber: syz
[  435.961232][ T7003] usb 7-1: config 0 descriptor??
[  435.963140][ T9617] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  435.967323][ T7003] hub 7-1:0.0: bad descriptor, ignoring hub
[  435.968963][ T7003] hub 7-1:0.0: probe with driver hub failed with error -5
[  435.971833][ T7003] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input19
[  436.185583][ T1288] usb 7-1: USB disconnect, device number 34
[  436.185695][    C2] usbtouchscreen 7-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  436.432913][ T9635] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  437.934225][   T35] vhci_hcd: vhci_device speed not set
[  438.134366][ T7003] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  438.306710][ T7003] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  438.310389][ T7003] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  438.313691][ T7003] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  438.317587][ T7003] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.322204][ T7003] usb 7-1: config 0 descriptor??
[  438.539903][ T9679] netlink: 16 bytes leftover after parsing attributes in process `syz.3.983'.
[  439.355716][ T9690] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  439.358789][ T9690] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  439.665187][ T1381] ieee802154 phy0 wpan0: encryption failed: -22
[  439.667713][ T1381] ieee802154 phy1 wpan1: encryption failed: -22
[  439.704204][ T7003] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  439.854323][ T7003] usb 5-1: Using ep0 maxpacket: 8
[  439.858477][ T7003] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  439.860662][ T7003] usb 5-1: config 179 has no interface number 0
[  439.862349][ T7003] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  439.865288][ T7003] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  439.868026][ T7003] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  439.870677][ T7003] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  439.873424][ T7003] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  439.876772][ T7003] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  439.879003][ T7003] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.883038][ T9693] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  440.092805][ T1296] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:179.65/input/input20
[  440.154406][ T7003] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  440.292318][ T1296] usb 5-1: USB disconnect, device number 32
[  440.293925][    C2] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  440.293945][    C2] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  440.301232][ T1296] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  440.304314][ T7003] usb 8-1: Using ep0 maxpacket: 8
[  440.307721][ T7003] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  440.310293][ T7003] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  440.313607][ T7003] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  440.316907][ T7003] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  440.320276][ T7003] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  440.322656][ T7003] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.531185][ T7003] usb 8-1: GET_CAPABILITIES returned 0
[  440.532591][ T7003] usbtmc 8-1:16.0: can't read capabilities
[  440.742983][   T35] usb 8-1: USB disconnect, device number 24
[  440.906133][ T5403] usb 7-1: USB disconnect, device number 35
[  441.257616][ T9711] syzkaller0: entered promiscuous mode
[  441.259081][ T9711] syzkaller0: entered allmulticast mode
[  441.278108][   T39] audit: type=1400 audit(1729684877.708:917): avc:  denied  { relabelfrom } for  pid=9708 comm="syz.0.992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  441.284537][ T9711] syzkaller0: create flow: hash 2083318500 index 1
[  441.289012][   T39] audit: type=1400 audit(1729684877.718:918): avc:  denied  { relabelto } for  pid=9708 comm="syz.0.992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  441.324259][ T9711] syzkaller0: delete flow: hash 2083318500 index 1
[  441.898155][ T9718] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  441.901193][ T9718] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  442.957495][ T9726] program syz.2.996 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  442.960199][ T9726] ata1.00: invalid command format 0
[  442.970732][   T39] audit: type=1400 audit(1729684879.408:919): avc:  denied  { write } for  pid=9725 comm="syz.2.996" path="socket:[39499]" dev="sockfs" ino=39499 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  443.316564][   T35] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  443.337448][ T9743] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0
[  443.474252][   T35] usb 8-1: Using ep0 maxpacket: 32
[  443.478467][   T35] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  443.483044][   T35] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  443.486458][   T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.488710][   T35] usb 8-1: Product: syz
[  443.489844][   T35] usb 8-1: Manufacturer: syz
[  443.491100][   T35] usb 8-1: SerialNumber: syz
[  443.493479][   T35] usb 8-1: config 0 descriptor??
[  443.495659][ T9734] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  443.498171][   T35] hub 8-1:0.0: bad descriptor, ignoring hub
[  443.499811][   T35] hub 8-1:0.0: probe with driver hub failed with error -5
[  443.503707][   T35] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input21
[  443.703792][    C3] usbtouchscreen 8-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  443.706981][   T35] usb 8-1: USB disconnect, device number 25
[  444.364215][  T829] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  444.514205][  T829] usb 5-1: Using ep0 maxpacket: 8
[  444.517965][  T829] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  444.520155][  T829] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  444.522901][  T829] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  444.525854][  T829] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  444.528442][  T829] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  444.531865][  T829] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  444.535279][  T829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.587190][ T9762] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  444.741929][  T829] usb 5-1: usb_control_msg returned -32
[  444.743531][  T829] usbtmc 5-1:16.0: can't read capabilities
[  444.960688][   T39] audit: type=1400 audit(1729684881.398:920): avc:  denied  { append } for  pid=9766 comm="syz.3.1010" name="nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  444.973564][ T9767] trusted_key: encrypted_key: insufficient parameters specified
[  445.584419][ T9781] usbtmc 5-1:16.0: INITIATE_ABORT_BULK_OUT returned 0
[  446.206877][ T9790] FAULT_INJECTION: forcing a failure.
[  446.206877][ T9790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  446.210664][ T9790] CPU: 3 UID: 0 PID: 9790 Comm: syz.3.1017 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  446.214290][ T9790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  446.218033][ T9790] Call Trace:
[  446.218920][ T9790]  <TASK>
[  446.219710][ T9790]  dump_stack_lvl+0x16c/0x1f0
[  446.221015][ T9790]  should_fail_ex+0x497/0x5b0
[  446.222306][ T9790]  strncpy_from_user+0x3b/0x2a0
[  446.223601][ T9790]  getname_flags.part.0+0x8f/0x550
[  446.225023][ T9790]  getname_flags+0x93/0xf0
[  446.226286][ T9790]  user_path_at+0x24/0x60
[  446.227673][ T9790]  __x64_sys_mount+0x1fc/0x320
[  446.229323][ T9790]  ? __pfx___x64_sys_mount+0x10/0x10
[  446.231050][ T9790]  do_syscall_64+0xcd/0x250
[  446.232690][ T9790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.234828][ T9790] RIP: 0033:0x7f6e78d7dff9
[  446.236394][ T9790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  446.242470][ T9790] RSP: 002b:00007f6e79b8b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  446.245105][ T9790] RAX: ffffffffffffffda RBX: 00007f6e78f35f80 RCX: 00007f6e78d7dff9
[  446.247280][ T9790] RDX: 000000002015bffc RSI: 0000000020000240 RDI: 0000000000000000
[  446.249370][ T9790] RBP: 00007f6e79b8b090 R08: 0000000020000000 R09: 0000000000000000
[  446.251513][ T9790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  446.254185][ T9790] R13: 0000000000000000 R14: 00007f6e78f35f80 R15: 00007ffd43af9178
[  446.256787][ T9790]  </TASK>
[  447.143451][ T1288] usb 5-1: USB disconnect, device number 33
[  447.494267][ T1288] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  447.594343][ T8565] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  447.646148][ T1288] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  447.649442][ T1288] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  447.652213][ T1288] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  447.655176][ T1288] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.658452][ T1288] usb 5-1: config 0 descriptor??
[  447.745921][ T8565] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  447.748731][ T8565] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  447.751335][ T8565] usb 8-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  447.753945][ T8565] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.758559][ T8565] usb 8-1: config 0 descriptor??
[  450.197583][  T830] usb 5-1: USB disconnect, device number 34
[  450.251495][ T9814] program syz.0.1024 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  450.255167][ T9814] ata1.00: invalid command format 0
[  450.295193][ T9816] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1026'.
[  450.409862][ T6488] usb 8-1: USB disconnect, device number 26
[  450.429541][ T9822] FAULT_INJECTION: forcing a failure.
[  450.429541][ T9822] name failslab, interval 1, probability 0, space 0, times 0
[  450.433836][ T9822] CPU: 2 UID: 0 PID: 9822 Comm: syz.2.1028 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  450.437420][ T9822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  450.441074][ T9822] Call Trace:
[  450.442217][ T9822]  <TASK>
[  450.443235][ T9822]  dump_stack_lvl+0x16c/0x1f0
[  450.444874][ T9822]  should_fail_ex+0x497/0x5b0
[  450.446485][ T9822]  ? fs_reclaim_acquire+0xae/0x150
[  450.448235][ T9822]  should_failslab+0xc2/0x120
[  450.449852][ T9822]  __kmalloc_noprof+0xcb/0x400
[  450.451498][ T9822]  ? trace_kmalloc+0x2d/0xe0
[  450.453106][ T9822]  ? trace_lock_acquire+0x14a/0x1d0
[  450.454890][ T9822]  tomoyo_realpath_from_path+0xb9/0x720
[  450.456788][ T9822]  ? tomoyo_fill_path_info+0x233/0x420
[  450.458652][ T9822]  tomoyo_mount_acl+0x1af/0x880
[  450.460363][ T9822]  ? hlock_class+0x4e/0x130
[  450.461962][ T9822]  ? __lock_acquire+0x163e/0x3ce0
[  450.463688][ T9822]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  450.465560][ T9822]  ? __pfx___lock_acquire+0x10/0x10
[  450.467339][ T9822]  ? stack_trace_save+0x95/0xd0
[  450.469071][ T9822]  ? __pfx_lock_release+0x10/0x10
[  450.471048][ T9822]  ? trace_lock_acquire+0x14a/0x1d0
[  450.473094][ T9822]  ? tomoyo_mount_permission+0x146/0x410
[  450.475066][ T9822]  ? lock_acquire+0x2f/0xb0
[  450.476760][ T9822]  ? tomoyo_mount_permission+0x146/0x410
[  450.478745][ T9822]  tomoyo_mount_permission+0x16b/0x410
[  450.480668][ T9822]  ? tomoyo_mount_permission+0x146/0x410
[  450.482604][ T9822]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  450.484664][ T9822]  ? get_current_fs_domain+0x188/0x1f0
[  450.486590][ T9822]  security_sb_mount+0x9b/0x260
[  450.488277][ T9822]  path_mount+0x129/0x1f20
[  450.489835][ T9822]  ? kmem_cache_free+0x152/0x4b0
[  450.491535][ T9822]  ? __pfx_path_mount+0x10/0x10
[  450.493131][ T9822]  ? putname+0x12e/0x170
[  450.494503][ T9822]  __x64_sys_mount+0x294/0x320
[  450.496110][ T9822]  ? __pfx___x64_sys_mount+0x10/0x10
[  450.497840][ T9822]  do_syscall_64+0xcd/0x250
[  450.499357][ T9822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.501310][ T9822] RIP: 0033:0x7f80d557dff9
[  450.502861][ T9822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  450.509131][ T9822] RSP: 002b:00007f80d640e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  450.511822][ T9822] RAX: ffffffffffffffda RBX: 00007f80d5736058 RCX: 00007f80d557dff9
[  450.514374][ T9822] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  450.516930][ T9822] RBP: 00007f80d640e090 R08: 0000000020000680 R09: 0000000000000000
[  450.519498][ T9822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.522229][ T9822] R13: 0000000000000000 R14: 00007f80d5736058 R15: 00007ffdda939d38
[  450.524958][ T9822]  </TASK>
[  450.526171][    C2] vkms_vblank_simulate: vblank timer overrun
[  450.529069][ T9822] ERROR: Out of memory at tomoyo_realpath_from_path.
[  450.795407][ T9828] syzkaller0: entered promiscuous mode
[  450.797086][ T9828] syzkaller0: entered allmulticast mode
[  450.816633][ T9828] syzkaller0: create flow: hash 2083318500 index 1
[  450.850385][ T9828] syzkaller0: delete flow: hash 2083318500 index 1
[  452.854329][   T25] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  452.859363][ T9850] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  452.862682][ T9850] overlayfs: missing 'lowerdir'
[  453.015528][   T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  453.018915][   T25] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  453.021629][   T25] usb 8-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  453.044156][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.047190][   T25] usb 8-1: config 0 descriptor??
[  454.531951][ T9867] bridge_slave_0: left allmulticast mode
[  454.533488][ T9867] bridge_slave_0: left promiscuous mode
[  454.541893][ T9867] bridge0: port 1(bridge_slave_0) entered disabled state
[  454.549293][ T9867] bridge_slave_1: left allmulticast mode
[  454.551327][ T9867] bridge_slave_1: left promiscuous mode
[  454.553301][ T9867] bridge0: port 2(bridge_slave_1) entered disabled state
[  454.565080][ T9867] bond0: (slave bond_slave_0): Releasing backup interface
[  454.571217][ T9867] bond0: (slave bond_slave_1): Releasing backup interface
[  454.580235][   T39] audit: type=1400 audit(1729684891.018:921): avc:  denied  { ioctl } for  pid=9865 comm="syz.0.1041" path="/dev/nullb0" dev="devtmpfs" ino=691 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  454.608168][ T9867] team0: Port device team_slave_0 removed
[  454.619775][ T9867] team0: Port device team_slave_1 removed
[  454.622557][ T9867] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  454.625408][ T9867] batman_adv: batadv0: Removing interface: batadv_slave_0
[  454.629595][ T9867] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  454.632396][ T9867] batman_adv: batadv0: Removing interface: batadv_slave_1
[  454.648490][ T9867] use of bytesused == 0 is deprecated and will be removed in the future,
[  454.654070][ T9867] use the actual size instead.
[  454.684457][ T9868] team0: Port device wg2 added
[  454.983431][   T39] audit: type=1400 audit(1729684891.418:922): avc:  denied  { map } for  pid=9870 comm="syz.2.1042" path="socket:[38912]" dev="sockfs" ino=38912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  455.652127][   T35] usb 8-1: USB disconnect, device number 27
[  455.858020][   T39] audit: type=1400 audit(1729684892.298:923): avc:  denied  { bind } for  pid=9880 comm="syz.2.1045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  455.865157][   T39] audit: type=1400 audit(1729684892.308:924): avc:  denied  { setopt } for  pid=9880 comm="syz.2.1045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  455.894286][   T39] audit: type=1400 audit(1729684892.338:925): avc:  denied  { accept } for  pid=9880 comm="syz.2.1045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  455.910332][ T9883] FAULT_INJECTION: forcing a failure.
[  455.910332][ T9883] name failslab, interval 1, probability 0, space 0, times 0
[  455.913780][ T9883] CPU: 1 UID: 0 PID: 9883 Comm: syz.0.1046 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  455.916560][ T9883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  455.919349][ T9883] Call Trace:
[  455.920253][ T9883]  <TASK>
[  455.921050][ T9883]  dump_stack_lvl+0x16c/0x1f0
[  455.922302][ T9883]  should_fail_ex+0x497/0x5b0
[  455.923586][ T9883]  ? fs_reclaim_acquire+0xae/0x150
[  455.924946][ T9883]  should_failslab+0xc2/0x120
[  455.926189][ T9883]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  455.927591][ T9883]  ? mm_alloc+0x1c/0xc0
[  455.928705][ T9883]  mm_alloc+0x1c/0xc0
[  455.929762][ T9883]  alloc_bprm+0x25d/0xc50
[  455.930916][ T9883]  ? strncpy_from_user+0x1dd/0x2a0
[  455.932274][ T9883]  do_execveat_common.isra.0+0x1cd/0x630
[  455.933898][ T9883]  __x64_sys_execve+0x8c/0xb0
[  455.935151][ T9883]  do_syscall_64+0xcd/0x250
[  455.936369][ T9883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.937916][ T9883] RIP: 0033:0x7f27b977dff9
[  455.939097][ T9883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.944118][ T9883] RSP: 002b:00007f27ba630038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  455.946289][ T9883] RAX: ffffffffffffffda RBX: 00007f27b9935f80 RCX: 00007f27b977dff9
[  455.948336][ T9883] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180
[  455.950413][ T9883] RBP: 00007f27ba630090 R08: 0000000000000000 R09: 0000000000000000
[  455.952483][ T9883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  455.954527][ T9883] R13: 0000000000000000 R14: 00007f27b9935f80 R15: 00007ffddd6dc628
[  455.956596][ T9883]  </TASK>
[  456.320999][ T9895] FAULT_INJECTION: forcing a failure.
[  456.320999][ T9895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  456.327312][ T9895] CPU: 2 UID: 0 PID: 9895 Comm: syz.2.1049 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  456.330181][ T9895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  456.333487][ T9895] Call Trace:
[  456.334392][ T9895]  <TASK>
[  456.335200][ T9895]  dump_stack_lvl+0x16c/0x1f0
[  456.336496][ T9895]  should_fail_ex+0x497/0x5b0
[  456.337755][ T9895]  _copy_from_user+0x30/0xf0
[  456.338995][ T9895]  core_sys_select+0x2cf/0xb80
[  456.340323][ T9895]  ? __pfx_core_sys_select+0x10/0x10
[  456.342077][ T9895]  ? set_user_sigmask+0x217/0x2a0
[  456.343651][ T9895]  ? __pfx_set_user_sigmask+0x10/0x10
[  456.345099][ T9895]  do_pselect.constprop.0+0x1a0/0x1f0
[  456.346560][ T9895]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  456.348122][ T9895]  ? arch_do_signal_or_restart+0x212/0x7e0
[  456.349709][ T9895]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  456.351452][ T9895]  __x64_sys_pselect6+0x183/0x240
[  456.352840][ T9895]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  456.354354][ T9895]  do_syscall_64+0xcd/0x250
[  456.355578][ T9895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.357181][ T9895] RIP: 0033:0x7f80d557dff9
[  456.358370][ T9895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.363532][ T9895] RSP: 002b:00007f80d642f038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  456.365734][ T9895] RAX: ffffffffffffffda RBX: 00007f80d5735f80 RCX: 00007f80d557dff9
[  456.367814][ T9895] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[  456.369921][ T9895] RBP: 00007f80d642f090 R08: 0000000000000000 R09: 0000000000000000
[  456.372039][ T9895] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001
[  456.374187][ T9895] R13: 0000000000000000 R14: 00007f80d5735f80 R15: 00007ffdda939d38
[  456.376505][ T9895]  </TASK>
[  456.377443][    C2] vkms_vblank_simulate: vblank timer overrun
[  456.468092][   T39] audit: type=1400 audit(1729684892.908:926): avc:  denied  { map } for  pid=9897 comm="syz.2.1050" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  456.477593][   T39] audit: type=1400 audit(1729684892.908:927): avc:  denied  { execute } for  pid=9897 comm="syz.2.1050" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  456.531869][   T39] audit: type=1400 audit(1729684892.968:928): avc:  denied  { create } for  pid=9897 comm="syz.2.1050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  456.539958][ T9900] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1051'.
[  456.913651][ T9909] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0
[  456.928741][ T9908] IPVS: stopping backup sync thread 9909 ...
[  457.252696][ T9913] trusted_key: encrypted_key: insufficient parameters specified
[  457.257211][ T9920] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  457.259093][ T9920] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  457.510798][   T39] audit: type=1400 audit(1729684893.948:929): avc:  denied  { cmd } for  pid=9926 comm="syz.0.1065" path="socket:[41007]" dev="sockfs" ino=41007 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  457.542578][ T9930] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1059'.
[  457.744999][   T39] audit: type=1400 audit(1729684894.188:930): avc:  denied  { append } for  pid=9939 comm="syz.0.1062" name="ptp1" dev="devtmpfs" ino=1102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  459.226280][ T9952] syz.0.1063 (9952) used greatest stack depth: 21248 bytes left
[  459.270004][ T9960] cgroup: Invalid name
[  459.271243][ T9959] cgroup: Invalid name
[  459.349410][ T9963] cgroup: Name too long
[  459.356035][ T9963] tipc: Started in network mode
[  459.358156][ T9963] tipc: Node identity 68585da3ae87b91f, cluster identity 4711
[  459.360382][ T9963] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  459.583827][ T9969] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  459.586456][ T9969] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  459.969825][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  459.972083][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  459.975181][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  459.977850][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  459.980446][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  459.983010][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  459.986186][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  459.988911][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  459.991609][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  459.993891][ T9977] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=4096 sclass=netlink_xfrm_socket pid=9977 comm=syz.3.1071
[  459.994414][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  460.000069][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  460.002504][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  460.005237][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  460.007344][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  460.009302][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  460.011225][ T1288] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  460.016974][ T1288] hid-generic 0000:0000:0000.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  460.050099][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  460.050109][   T39] audit: type=1326 audit(1729684896.488:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.3.1071" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e78d7dff9 code=0x0
[  460.355172][T10001] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  460.357368][T10001] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  460.629358][T10014] FAULT_INJECTION: forcing a failure.
[  460.629358][T10014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  460.633159][T10014] CPU: 2 UID: 0 PID: 10014 Comm: syz.3.1081 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  460.636221][T10014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  460.639124][T10014] Call Trace:
[  460.640031][T10014]  <TASK>
[  460.640888][T10014]  dump_stack_lvl+0x16c/0x1f0
[  460.642220][T10014]  should_fail_ex+0x497/0x5b0
[  460.643890][T10014]  _copy_from_iter+0x2a1/0x1540
[  460.645266][T10014]  ? __pfx__copy_from_iter+0x10/0x10
[  460.646708][T10014]  ? __virt_addr_valid+0x1a4/0x590
[  460.648191][T10014]  ? __virt_addr_valid+0x5e/0x590
[  460.649820][T10014]  ? __phys_addr_symbol+0x30/0x80
[  460.651337][T10014]  ? __check_object_size+0x488/0x710
[  460.652798][T10014]  netlink_sendmsg+0x813/0xd70
[  460.654097][T10014]  ? __pfx_netlink_sendmsg+0x10/0x10
[  460.655542][T10014]  ? __import_iovec+0x1fd/0x6e0
[  460.656915][T10014]  ____sys_sendmsg+0xaaf/0xc90
[  460.658242][T10014]  ? copy_msghdr_from_user+0x10b/0x160
[  460.659703][T10014]  ? __pfx_____sys_sendmsg+0x10/0x10
[  460.661200][T10014]  ? __pfx___lock_acquire+0x10/0x10
[  460.662617][T10014]  ___sys_sendmsg+0x135/0x1e0
[  460.663885][T10014]  ? __pfx____sys_sendmsg+0x10/0x10
[  460.665307][T10014]  ? lock_acquire+0x2f/0xb0
[  460.666554][T10014]  ? __fget_files+0x40/0x3f0
[  460.667813][T10014]  ? fdget+0x176/0x210
[  460.668946][T10014]  __sys_sendmsg+0x117/0x1f0
[  460.670344][T10014]  ? __pfx___sys_sendmsg+0x10/0x10
[  460.671880][T10014]  ? __fget_files+0x244/0x3f0
[  460.673530][T10014]  do_syscall_64+0xcd/0x250
[  460.675141][T10014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.677288][T10014] RIP: 0033:0x7f6e78d7dff9
[  460.678922][T10014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  460.685967][T10014] RSP: 002b:00007f6e79b8b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  460.689130][T10014] RAX: ffffffffffffffda RBX: 00007f6e78f35f80 RCX: 00007f6e78d7dff9
[  460.692028][T10014] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  460.694871][T10014] RBP: 00007f6e79b8b090 R08: 0000000000000000 R09: 0000000000000000
[  460.696953][T10014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  460.699006][T10014] R13: 0000000000000000 R14: 00007f6e78f35f80 R15: 00007ffd43af9178
[  460.701152][T10014]  </TASK>
[  460.702056][    C2] vkms_vblank_simulate: vblank timer overrun
[  460.869046][T10026] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  460.871238][T10026] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  461.105694][   T39] audit: type=1800 audit(1729684897.538:933): pid=10032 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.1096" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  461.692017][T10056] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1098'.
[  461.730161][T10058] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  461.733118][T10058] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  462.195059][T10066] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1102'.
[  462.202137][   T39] audit: type=1326 audit(1729684898.638:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10067 comm="syz.0.1103" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f27b977dff9 code=0x0
[  462.674176][  T830] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  462.834186][  T830] usb 8-1: Using ep0 maxpacket: 8
[  462.837264][  T830] usb 8-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  462.839623][  T830] usb 8-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  462.842468][  T830] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  462.847612][  T830] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  462.850080][  T830] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.852166][  T830] usb 8-1: Product: syz
[  462.853334][  T830] usb 8-1: Manufacturer: syz
[  462.855184][  T830] usb 8-1: SerialNumber: syz
[  463.333688][T10095] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  463.333688][T10095]    program syz.0.1113 not setting count and/or reply_len properly
[  465.408445][  T830] usb 8-1: 0:2 : does not exist
[  465.423561][  T830] usb 8-1: USB disconnect, device number 28
[  465.462477][T10110] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=10110 comm=syz.0.1124
[  465.480277][T10112] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  465.482842][T10112] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  465.486191][T10112] vhci_hcd vhci_hcd.0: Device attached
[  465.497104][T10108] netlink: 'syz.2.1118': attribute type 3 has an invalid length.
[  465.499249][T10108] netlink: 'syz.2.1118': attribute type 11 has an invalid length.
[  465.501332][T10108] netlink: 128512 bytes leftover after parsing attributes in process `syz.2.1118'.
[  465.593581][T10125] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1123'.
[  465.674297][   T35] vhci_hcd: vhci_device speed not set
[  465.744506][   T35] usb 19-1: new full-speed USB device number 4 using vhci_hcd
[  465.884240][  T830] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  466.054388][  T830] usb 8-1: Using ep0 maxpacket: 8
[  466.060498][  T830] usb 8-1: config index 0 descriptor too short (expected 12336, got 27)
[  466.063017][  T830] usb 8-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  466.065648][  T830] usb 8-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  466.068701][  T830] usb 8-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  466.071559][  T830] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  466.074289][  T830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.402228][T10113] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 4
[  466.404444][   T45] vhci_hcd: stop threads
[  466.406054][   T45] vhci_hcd: release socket
[  466.407780][   T45] vhci_hcd: disconnect device
[  466.525696][   T39] audit: type=1400 audit(1729684902.968:935): avc:  denied  { watch } for  pid=10132 comm="syz.2.1127" path="/94" dev="tmpfs" ino=528 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  466.533559][   T39] audit: type=1400 audit(1729684902.968:936): avc:  denied  { watch_sb watch_reads } for  pid=10132 comm="syz.2.1127" path="/94" dev="tmpfs" ino=528 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  466.682488][T10141] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=10141 comm=syz.2.1129
[  466.748064][T10144] overlayfs: missing 'lowerdir'
[  467.719603][   T39] audit: type=1400 audit(1729684904.158:937): avc:  denied  { connect } for  pid=10157 comm="syz.2.1135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  467.874892][   T39] audit: type=1400 audit(1729684904.318:938): avc:  denied  { map } for  pid=10163 comm="syz.2.1137" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  467.882615][   T39] audit: type=1400 audit(1729684904.318:939): avc:  denied  { execute } for  pid=10163 comm="syz.2.1137" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  467.890858][   T39] audit: type=1400 audit(1729684904.328:940): avc:  denied  { ioctl } for  pid=10163 comm="syz.2.1137" path="socket:[42325]" dev="sockfs" ino=42325 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  467.937830][T10163] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  468.493445][  T830] usb 8-1: string descriptor 0 read error: -71
[  468.498558][  T830] usb 8-1: USB disconnect, device number 29
[  468.592141][   T39] audit: type=1400 audit(1729684905.028:941): avc:  denied  { append } for  pid=10170 comm="syz.3.1139" name="ppp" dev="devtmpfs" ino=714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  468.958176][T10184] could not allocate digest TFM handle sha512-neon
[  468.994301][ T5402] IPVS: starting estimator thread 0...
[  469.084327][T10189] IPVS: using max 33 ests per chain, 79200 per kthread
[  469.574086][T10197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1146'.
[  469.780656][   T39] audit: type=1400 audit(1729684906.218:942): avc:  denied  { read } for  pid=10205 comm="syz.0.1149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  470.390604][   T39] audit: type=1400 audit(1729684906.828:943): avc:  denied  { getopt } for  pid=10216 comm="syz.2.1153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  470.391444][T10218] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  470.391694][T10219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  470.448757][T10222] netlink: 9412 bytes leftover after parsing attributes in process `syz.2.1154'.
[  470.585037][   T39] audit: type=1400 audit(1729684907.028:944): avc:  denied  { read } for  pid=10226 comm="syz.3.1156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  470.854837][   T35] vhci_hcd: vhci_device speed not set
[  471.094235][ T6488] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  471.108835][ T1138] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.191138][ T1138] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.269320][ T6488] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  471.274278][ T6488] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  471.278214][ T6488] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  471.281669][ T6488] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  471.283366][ T1138] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.288607][ T6488] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  471.292549][ T6488] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  471.293040][T10256] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1164'.
[  471.294974][ T6488] usb 7-1: Manufacturer: syz
[  471.296792][ T6488] usb 7-1: config 0 descriptor??
[  471.358015][   T65] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  471.358424][ T1138] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.362734][   T65] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  471.366687][   T65] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  471.369821][   T65] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  471.371867][   T65] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  471.373875][   T65] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  471.391548][T10261] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1165'.
[  471.394223][T10261] netlink: 'syz.3.1165': attribute type 7 has an invalid length.
[  471.401749][T10261] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  471.404795][T10261] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  471.407086][T10261] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  471.409360][T10261] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  471.412089][T10261] vxlan0: entered promiscuous mode
[  471.474465][ T1138] bridge_slave_1: left allmulticast mode
[  471.476012][ T1138] bridge_slave_1: left promiscuous mode
[  471.477568][ T1138] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.486406][ T1138] bridge_slave_0: left allmulticast mode
[  471.488316][ T1138] bridge_slave_0: left promiscuous mode
[  471.490485][ T1138] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.759018][ T6488] appleir 0003:05AC:8243.0006: unknown main item tag 0x0
[  471.761197][ T6488] appleir 0003:05AC:8243.0006: No inputs registered, leaving
[  471.767515][ T6488] appleir 0003:05AC:8243.0006: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  471.902721][ T1138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  471.907832][ T1138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  471.911780][ T1138] bond0 (unregistering): Released all slaves
[  472.047669][   T39] audit: type=1400 audit(1729684908.488:945): avc:  denied  { create } for  pid=10287 comm="syz.3.1171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  472.064275][ T5402] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  472.073772][T10259] chnl_net:caif_netlink_parms(): no params data found
[  472.200319][T10259] bridge0: port 1(bridge_slave_0) entered blocking state
[  472.203536][T10259] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.206182][T10259] bridge_slave_0: entered allmulticast mode
[  472.208976][T10259] bridge_slave_0: entered promiscuous mode
[  472.212669][T10259] bridge0: port 2(bridge_slave_1) entered blocking state
[  472.220531][T10259] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.222520][T10259] bridge_slave_1: entered allmulticast mode
[  472.225159][T10259] bridge_slave_1: entered promiscuous mode
[  472.227157][ T5402] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  472.229773][ T5402] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  472.232087][ T5402] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  472.236289][ T5402] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.255696][ T5402] usb 5-1: config 0 descriptor??
[  472.279494][ T1138] hsr_slave_0: left promiscuous mode
[  472.281660][ T1138] hsr_slave_1: left promiscuous mode
[  472.283713][ T1138] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  472.290212][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  472.293972][ T1138] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.296305][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.342924][ T1138] veth1_macvtap: left promiscuous mode
[  472.344953][ T1138] veth0_macvtap: left promiscuous mode
[  472.346461][ T1138] veth1_vlan: left promiscuous mode
[  472.347862][ T1138] veth0_vlan: left promiscuous mode
[  473.430640][   T65] Bluetooth: hci0: command tx timeout
[  473.469789][   T58] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  473.526423][ T1138] team0 (unregistering): Port device team_slave_1 removed
[  473.606862][   T39] audit: type=1400 audit(1729684910.048:946): avc:  denied  { read } for  pid=10311 comm="syz.2.1174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  473.622323][   T58] usb 8-1: config 0 has an invalid interface number: 104 but max is 0
[  473.624685][   T58] usb 8-1: config 0 has no interface number 0
[  473.626472][   T58] usb 8-1: config 0 interface 104 has no altsetting 0
[  473.638243][   T58] usb 8-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9
[  473.641617][   T58] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.644898][   T58] usb 8-1: Product: syz
[  473.647389][   T58] usb 8-1: Manufacturer: syz
[  473.649975][   T58] usb 8-1: SerialNumber: syz
[  473.657724][   T58] usb 8-1: config 0 descriptor??
[  473.660333][ T1138] team0 (unregistering): Port device team_slave_0 removed
[  473.680657][   T58] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  473.817468][T10316] 9pnet_fd: p9_fd_create_tcp (10316): problem connecting socket to 127.0.0.1
[  473.844393][ T6442] usb 7-1: USB disconnect, device number 36
[  473.869742][   T58] gspca_vc032x: reg_r err -71
[  473.871969][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.876688][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.878665][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.880862][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.882322][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.883747][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.885481][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.886966][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.888438][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.893231][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.895023][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.896490][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.900060][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.905071][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.909584][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.911581][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.913602][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.916222][   T58] gspca_vc032x: I2c Bus Busy Wait 00
[  473.918213][   T58] gspca_vc032x: Unknown sensor...
[  473.920234][   T58] vc032x 8-1:0.104: probe with driver vc032x failed with error -22
[  473.927040][   T58] usb 8-1: USB disconnect, device number 30
[  474.007934][T10315] syz.2.1175: attempt to access beyond end of device
[  474.007934][T10315] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0
[  474.023402][T10315] isofs_fill_super: bread failed, dev=nbd2, iso_blknum=16, block=32
[  474.732128][T10323] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.734419][T10323] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.740071][T10323] bridge0: entered allmulticast mode
[  474.743238][T10325] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.745143][T10325] bridge0: port 2(bridge_slave_1) entered forwarding state
[  474.746977][T10325] bridge0: port 1(bridge_slave_0) entered blocking state
[  474.748973][T10325] bridge0: port 1(bridge_slave_0) entered forwarding state
[  474.756106][T10325] bridge0: entered promiscuous mode
[  474.769491][T10259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  474.773680][T10259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  474.841341][T10259] team0: Port device team_slave_0 added
[  474.844701][  T830] usb 5-1: USB disconnect, device number 35
[  474.848263][T10259] team0: Port device team_slave_1 added
[  474.915898][ T9110] Bluetooth: (null): Invalid header checksum
[  474.919955][ T9110] Bluetooth: (null): Invalid header checksum
[  474.920902][T10259] batman_adv: batadv0: Adding interface: batadv_slave_0
[  474.923931][T10259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  474.930345][T10259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  474.934637][T10259] batman_adv: batadv0: Adding interface: batadv_slave_1
[  474.936624][T10259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  474.942714][T10259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  474.989272][T10259] hsr_slave_0: entered promiscuous mode
[  474.999236][T10259] hsr_slave_1: entered promiscuous mode
[  475.001260][T10259] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  475.003144][T10259] Cannot create hsr debugfs directory
[  475.015406][ T1118] Bluetooth: (null): Invalid header checksum
[  475.137187][ T1118] Bluetooth: (null): Invalid header checksum
[  475.229450][   T39] audit: type=1400 audit(1729684911.668:947): avc:  denied  { setattr } for  pid=10342 comm="syz.0.1182" name="task" dev="proc" ino=42658 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  475.506499][   T65] Bluetooth: hci0: command tx timeout
[  475.632619][T10259] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  475.643241][   T39] audit: type=1326 audit(1729684912.078:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10359 comm="syz.0.1185" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f27b977dff9 code=0x0
[  475.649436][T10259] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  475.658612][T10259] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  475.666188][T10259] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  475.785588][T10259] 8021q: adding VLAN 0 to HW filter on device bond0
[  475.801379][T10259] 8021q: adding VLAN 0 to HW filter on device team0
[  475.813801][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[  475.815976][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  475.827689][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  475.830429][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  475.874291][T10259] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  475.999652][T10259] 8021q: adding VLAN 0 to HW filter on device batadv0
[  476.026598][T10259] veth0_vlan: entered promiscuous mode
[  476.035537][T10259] veth1_vlan: entered promiscuous mode
[  476.073019][T10259] veth0_macvtap: entered promiscuous mode
[  476.087204][T10259] veth1_macvtap: entered promiscuous mode
[  476.100554][T10259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.103736][T10259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.107712][T10259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.113342][T10259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.117293][T10259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.120117][T10259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.124327][T10259] batman_adv: batadv0: Interface activated: batadv_slave_0
[  476.132773][T10259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.138616][T10259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.141935][T10259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.145551][T10259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.149119][T10259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.152823][T10259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.159442][T10259] batman_adv: batadv0: Interface activated: batadv_slave_1
[  476.167340][T10259] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  476.170193][T10259] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  476.172861][T10259] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  476.180060][T10259] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  476.267091][ T1118] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  476.269657][ T1118] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  476.293304][ T1118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  476.297385][ T1118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  477.584398][   T65] Bluetooth: hci0: command tx timeout
[  477.744435][   T65] Bluetooth: hci1: command 0x040f tx timeout
[  477.804081][   T39] audit: type=1326 audit(1729684914.238:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10416 comm="syz.3.1193" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6e78d7dff9 code=0x0
[  478.470156][T10423] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.1194'.
[  478.495279][   T39] audit: type=1400 audit(1729684914.938:950): avc:  denied  { setopt } for  pid=10420 comm="syz.2.1195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  478.503199][T10424] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1195'.
[  478.746484][T10430] syz.0.1196: attempt to access beyond end of device
[  478.746484][T10430] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  478.750583][T10430] (syz.0.1196,10430,3):ocfs2_get_sector:1769 ERROR: status = -5
[  478.752827][T10430] (syz.0.1196,10430,3):ocfs2_sb_probe:749 ERROR: status = -5
[  478.756112][T10430] (syz.0.1196,10430,3):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  478.758657][T10430] (syz.0.1196,10430,3):ocfs2_fill_super:1178 ERROR: status = -5
[  479.650360][T10444] netlink: 'syz.2.1201': attribute type 9 has an invalid length.
[  479.652699][T10444] netlink: 134660 bytes leftover after parsing attributes in process `syz.2.1201'.
[  479.674260][   T65] Bluetooth: hci0: command tx timeout
[  480.384080][   T65] block nbd2: Receive control failed (result -104)
[  480.390735][T10443] block nbd2: shutting down sockets
[  480.993439][T10459] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  480.995198][T10459] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  481.000685][T10459] vhci_hcd vhci_hcd.0: Device attached
[  481.175867][  T829] vhci_hcd: vhci_device speed not set
[  481.234252][  T829] usb 13-1: new full-speed USB device number 7 using vhci_hcd
[  481.264484][ T6442] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  481.414330][ T6442] usb 5-1: Using ep0 maxpacket: 8
[  481.422953][ T6442] usb 5-1: config index 0 descriptor too short (expected 12336, got 27)
[  481.427829][ T6442] usb 5-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  481.439055][ T6442] usb 5-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  481.446532][ T6442] usb 5-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  481.449756][ T6442] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  481.453043][ T6442] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.617673][   T39] audit: type=1400 audit(1729685174.058:951): avc:  denied  { module_load } for  pid=10477 comm="syz.2.1208" path="/sys/power/pm_trace_dev_match" dev="sysfs" ino=835 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  481.667677][T10460] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 6
[  481.670684][ T1138] vhci_hcd: stop threads
[  481.672302][ T1138] vhci_hcd: release socket
[  481.673976][ T1138] vhci_hcd: disconnect device
[  481.676234][ T6442] usb 5-1: string descriptor 0 read error: -71
[  481.683378][ T6442] usb 5-1: USB disconnect, device number 36
[  482.275452][   T39] audit: type=1400 audit(1729685174.718:952): avc:  denied  { create } for  pid=10484 comm="syz.0.1210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  482.308545][   T39] audit: type=1400 audit(1729685174.718:953): avc:  denied  { bind } for  pid=10484 comm="syz.0.1210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  482.324275][   T39] audit: type=1400 audit(1729685174.718:954): avc:  denied  { setopt } for  pid=10484 comm="syz.0.1210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  483.769707][T10505] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1214'.
[  484.009956][   T39] audit: type=1400 audit(1729685176.448:955): avc:  denied  { write } for  pid=10507 comm="syz.3.1216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  484.054341][   T39] audit: type=1400 audit(1729685176.488:956): avc:  denied  { execute } for  pid=10507 comm="syz.3.1216" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=42962 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  484.482796][T10513] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  484.484573][T10513] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  484.486912][T10513] vhci_hcd vhci_hcd.0: Device attached
[  484.546744][T10517] netlink: 'syz.2.1218': attribute type 7 has an invalid length.
[  484.548835][T10517] netlink: 'syz.2.1218': attribute type 8 has an invalid length.
[  484.754407][ T6442] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  484.904219][ T6442] usb 5-1: Using ep0 maxpacket: 8
[  484.910240][ T6442] usb 5-1: config index 0 descriptor too short (expected 12336, got 27)
[  484.912682][ T6442] usb 5-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  484.915620][ T6442] usb 5-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  484.918461][ T6442] usb 5-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  484.920995][ T6442] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  484.923497][ T6442] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  485.196428][T10514] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 6
[  485.199224][ T6442] usb 5-1: string descriptor 0 read error: -71
[  485.202487][ T9110] vhci_hcd: stop threads
[  485.203815][ T9110] vhci_hcd: release socket
[  485.210536][ T6442] usb 5-1: USB disconnect, device number 37
[  485.211128][ T9110] vhci_hcd: disconnect device
[  485.760490][T10532] FAULT_INJECTION: forcing a failure.
[  485.760490][T10532] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  485.765572][T10532] CPU: 3 UID: 0 PID: 10532 Comm: syz.3.1223 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  485.769311][T10532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  485.772989][T10532] Call Trace:
[  485.774228][T10532]  <TASK>
[  485.775294][T10532]  dump_stack_lvl+0x16c/0x1f0
[  485.776986][T10532]  should_fail_ex+0x497/0x5b0
[  485.778595][T10532]  ? fs_reclaim_acquire+0xae/0x150
[  485.780380][T10532]  should_fail_alloc_page+0xe7/0x130
[  485.782166][T10532]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  485.784278][T10532]  ? __pfx_lock_release+0x10/0x10
[  485.785993][T10532]  ? trace_lock_acquire+0x14a/0x1d0
[  485.787767][T10532]  __alloc_pages_noprof+0x190/0x25a0
[  485.789575][T10532]  ? lock_acquire+0x2f/0xb0
[  485.791139][T10532]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  485.793256][T10532]  ? is_bpf_text_address+0x94/0x1a0
[  485.795042][T10532]  ? kernel_text_address+0x8d/0x100
[  485.796845][T10532]  ? __kernel_text_address+0xd/0x40
[  485.798621][T10532]  ? unwind_get_return_address+0x59/0xa0
[  485.800588][T10532]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  485.802561][T10532]  ? hlock_class+0x4e/0x130
[  485.804143][T10532]  ? __lock_acquire+0xbdd/0x3ce0
[  485.805885][T10532]  ? __pfx___lock_acquire+0x10/0x10
[  485.807671][T10532]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  485.809622][T10532]  ? policy_nodemask+0xea/0x4e0
[  485.811293][T10532]  alloc_pages_mpol_noprof+0x2c9/0x610
[  485.813153][T10532]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  485.815214][T10532]  ? __pfx_lock_release+0x10/0x10
[  485.816935][T10532]  __pud_alloc+0x39/0x600
[  485.818404][T10532]  __handle_mm_fault+0x990/0x2a10
[  485.820187][T10532]  ? __pfx_mt_find+0x10/0x10
[  485.821795][T10532]  ? __pfx___handle_mm_fault+0x10/0x10
[  485.823686][T10532]  handle_mm_fault+0x3fa/0xaa0
[  485.825327][T10532]  __get_user_pages+0x90f/0x3b90
[  485.827032][T10532]  ? __pfx___get_user_pages+0x10/0x10
[  485.829100][T10532]  get_user_pages_remote+0x25e/0xb30
[  485.830924][T10532]  ? lock_acquire+0x2f/0xb0
[  485.832493][T10532]  ? __pfx_get_user_pages_remote+0x10/0x10
[  485.834636][T10532]  ? down_read+0xc9/0x330
[  485.836332][T10532]  ? alloc_bprm+0x7f2/0xc50
[  485.837967][T10532]  ? __pfx_lock_release+0x10/0x10
[  485.839874][T10532]  get_arg_page+0x13e/0x640
[  485.841462][T10532]  ? __pfx_get_arg_page+0x10/0x10
[  485.843370][T10532]  ? up_write+0x1b2/0x520
[  485.844941][T10532]  copy_string_kernel+0x199/0x240
[  485.846659][T10532]  ? count.constprop.0.isra.0+0xf4/0x170
[  485.848602][T10532]  do_execveat_common.isra.0+0x34e/0x630
[  485.850702][T10532]  __x64_sys_execve+0x8c/0xb0
[  485.852397][T10532]  do_syscall_64+0xcd/0x250
[  485.853967][T10532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.856034][T10532] RIP: 0033:0x7f6e78d7dff9
[  485.857624][T10532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.864080][T10532] RSP: 002b:00007f6e79b8b038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  485.866906][T10532] RAX: ffffffffffffffda RBX: 00007f6e78f35f80 RCX: 00007f6e78d7dff9
[  485.869588][T10532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  485.872236][T10532] RBP: 00007f6e79b8b090 R08: 0000000000000000 R09: 0000000000000000
[  485.874899][T10532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  485.877574][T10532] R13: 0000000000000000 R14: 00007f6e78f35f80 R15: 00007ffd43af9178
[  485.880272][T10532]  </TASK>
[  485.953644][   T39] audit: type=1326 audit(1729685178.388:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10533 comm="syz.0.1224" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f27b977dff9 code=0x0
[  486.001262][T10540] FAULT_INJECTION: forcing a failure.
[  486.001262][T10540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  486.006709][T10540] CPU: 3 UID: 0 PID: 10540 Comm: syz.3.1226 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  486.010118][T10540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.013220][T10540] Call Trace:
[  486.014080][T10540]  <TASK>
[  486.014824][T10540]  dump_stack_lvl+0x16c/0x1f0
[  486.016000][T10540]  should_fail_ex+0x497/0x5b0
[  486.017207][T10540]  _copy_to_user+0x30/0xc0
[  486.018325][T10540]  simple_read_from_buffer+0xd0/0x160
[  486.019651][T10540]  proc_fail_nth_read+0x198/0x270
[  486.020899][T10540]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  486.022247][T10540]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  486.023613][T10540]  vfs_read+0x1ce/0xbd0
[  486.024751][T10540]  ? __fget_files+0x23a/0x3f0
[  486.025949][T10540]  ? fdget_pos+0x24c/0x360
[  486.027078][T10540]  ? __pfx_lock_release+0x10/0x10
[  486.028319][T10540]  ? trace_lock_acquire+0x14a/0x1d0
[  486.029629][T10540]  ? __pfx_vfs_read+0x10/0x10
[  486.030786][T10540]  ? __pfx___mutex_lock+0x10/0x10
[  486.032075][T10540]  ? __fget_files+0x244/0x3f0
[  486.033221][T10540]  ksys_read+0x12f/0x260
[  486.034259][T10540]  ? __pfx_ksys_read+0x10/0x10
[  486.035741][T10540]  do_syscall_64+0xcd/0x250
[  486.036997][T10540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.038552][T10540] RIP: 0033:0x7f6e78d7ca3c
[  486.039755][T10540] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  486.044803][T10540] RSP: 002b:00007f6e79b8b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  486.046970][T10540] RAX: ffffffffffffffda RBX: 00007f6e78f35f80 RCX: 00007f6e78d7ca3c
[  486.049053][T10540] RDX: 000000000000000f RSI: 00007f6e79b8b0a0 RDI: 0000000000000004
[  486.051114][T10540] RBP: 00007f6e79b8b090 R08: 0000000000000000 R09: 0000000000000000
[  486.053155][T10540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.055273][T10540] R13: 0000000000000000 R14: 00007f6e78f35f80 R15: 00007ffd43af9178
[  486.057360][T10540]  </TASK>
[  486.337719][   T35] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  486.374547][  T829] vhci_hcd: vhci_device speed not set
[  486.507253][   T35] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  486.511870][   T35] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  486.516370][   T35] usb 8-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  486.518778][   T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.522385][   T35] usb 8-1: config 0 descriptor??
[  486.873437][T10549] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  486.875264][T10549] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  486.879275][T10549] vhci_hcd vhci_hcd.0: Device attached
[  487.104394][  T829] vhci_hcd: vhci_device speed not set
[  487.124267][    T8] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  487.164310][  T829] usb 13-1: device descriptor read/64, error -110
[  487.304416][    T8] usb 5-1: Using ep0 maxpacket: 8
[  487.330079][    T8] usb 5-1: config index 0 descriptor too short (expected 12336, got 27)
[  487.332510][    T8] usb 5-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  487.340437][    T8] usb 5-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  487.349529][  T829] vhci_hcd: vhci_device speed not set
[  487.362579][    T8] usb 5-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  487.367860][    T8] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  487.370260][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.414694][  T829] usb 13-1: new full-speed USB device number 8 using vhci_hcd
[  487.596788][T10551] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 7
[  487.619320][    T8] usb 5-1: string descriptor 0 read error: -71
[  487.706707][ T9110] vhci_hcd: stop threads
[  487.708413][ T9110] vhci_hcd: release socket
[  487.710161][ T9110] vhci_hcd: disconnect device
[  488.183314][    T8] usb 5-1: USB disconnect, device number 38
[  489.056961][T10570] IPVS: Error connecting to the multicast addr
[  489.097987][   T30] usb 8-1: USB disconnect, device number 31
[  489.473508][T10581] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  489.475569][T10581] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  489.486222][T10581] vhci_hcd vhci_hcd.0: Device attached
[  489.674232][ T6488] vhci_hcd: vhci_device speed not set
[  489.734441][ T6488] usb 17-1: new full-speed USB device number 7 using vhci_hcd
[  489.744278][   T58] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  489.894209][   T58] usb 7-1: Using ep0 maxpacket: 8
[  489.897033][   T58] usb 7-1: config index 0 descriptor too short (expected 12336, got 27)
[  489.899208][   T58] usb 7-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  489.901522][   T58] usb 7-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  489.906416][   T58] usb 7-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  489.908820][   T58] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  489.911191][   T58] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  490.116565][T10582] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 6
[  490.118268][   T58] usb 7-1: string descriptor 0 read error: -71
[  490.120165][ T1138] vhci_hcd: stop threads
[  490.122089][ T1138] vhci_hcd: release socket
[  490.122249][   T58] usb 7-1: USB disconnect, device number 37
[  490.123366][ T1138] vhci_hcd: disconnect device
[  490.244290][   T39] audit: type=1800 audit(1729685182.648:958): pid=10594 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.3.1242" name="/" dev="sockfs" ino=44054 res=0 errno=0
[  490.306967][   T39] audit: type=1400 audit(1729685182.748:959): avc:  denied  { sqpoll } for  pid=10599 comm="syz.3.1243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  490.378655][   T39] audit: type=1400 audit(1729685182.818:960): avc:  denied  { bind } for  pid=10590 comm="syz.0.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  490.396509][   T39] audit: type=1400 audit(1729685182.838:961): avc:  denied  { listen } for  pid=10590 comm="syz.0.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  490.405892][   T39] audit: type=1400 audit(1729685182.848:962): avc:  denied  { accept } for  pid=10590 comm="syz.0.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  490.469050][   T39] audit: type=1400 audit(1729685182.908:963): avc:  denied  { write } for  pid=10590 comm="syz.0.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  490.894376][   T35] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  491.055966][   T35] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  491.059762][   T35] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  491.063014][   T35] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  491.067194][   T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.072106][   T35] usb 7-1: config 0 descriptor??
[  492.104270][   T35] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  492.206240][   T39] audit: type=1400 audit(1729685184.648:964): avc:  denied  { audit_read } for  pid=10625 comm="syz.0.1249" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  492.258335][   T35] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  492.264657][   T35] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  492.267403][   T35] usb 8-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  492.270168][   T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.275051][   T35] usb 8-1: config 0 descriptor??
[  492.605565][  T829] vhci_hcd: vhci_device speed not set
[  493.109699][   T39] audit: type=1800 audit(1729685185.548:965): pid=10633 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.0.1250" name="/" dev="sockfs" ino=44080 res=0 errno=0
[  493.140839][T10639] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  493.142583][T10639] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  493.145782][T10639] vhci_hcd vhci_hcd.0: Device attached
[  493.404251][  T830] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  493.464281][  T829] vhci_hcd: vhci_device speed not set
[  493.524265][  T829] usb 13-1: device descriptor read/64, error -110
[  493.554203][  T830] usb 5-1: Using ep0 maxpacket: 8
[  493.558745][  T830] usb 5-1: config index 0 descriptor too short (expected 12336, got 27)
[  493.561946][  T830] usb 5-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  493.565355][  T830] usb 5-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  493.568852][  T830] usb 5-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  493.571288][  T830] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  493.573736][  T830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.634407][  T829] usb usb13-port1: attempt power cycle
[  493.704415][  T829] vhci_hcd: vhci_device speed not set
[  493.712684][ T6431] usb 7-1: USB disconnect, device number 38
[  493.764472][  T829] usb 13-1: new full-speed USB device number 9 using vhci_hcd
[  493.767003][  T829] usb 13-1: SetAddress Request (9) to port 0
[  493.791735][T10640] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 8
[  493.794024][  T830] usb 5-1: string descriptor 0 read error: -71
[  493.798577][  T830] usb 5-1: USB disconnect, device number 39
[  493.824519][ T9110] vhci_hcd: stop threads
[  493.826367][ T9110] vhci_hcd: release socket
[  493.828122][ T9110] vhci_hcd: disconnect device
[  494.222464][T10653] IPVS: Error connecting to the multicast addr
[  494.590166][   T35] IPVS: starting estimator thread 0...
[  494.685336][T10660] IPVS: using max 33 ests per chain, 79200 per kthread
[  494.854204][    T8] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  494.946834][ T6488] vhci_hcd: vhci_device speed not set
[  494.947098][ T8565] usb 8-1: USB disconnect, device number 32
[  494.965084][T10662] FAULT_INJECTION: forcing a failure.
[  494.965084][T10662] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  494.968473][T10662] CPU: 3 UID: 0 PID: 10662 Comm: syz.3.1259 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  494.971571][T10662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  494.975121][T10662] Call Trace:
[  494.976018][T10662]  <TASK>
[  494.976801][T10662]  dump_stack_lvl+0x16c/0x1f0
[  494.978050][T10662]  should_fail_ex+0x497/0x5b0
[  494.979335][T10662]  _copy_from_iter+0x2a1/0x1540
[  494.980637][T10662]  ? __pfx__copy_from_iter+0x10/0x10
[  494.982016][T10662]  ? __virt_addr_valid+0x1a4/0x590
[  494.983353][T10662]  ? __virt_addr_valid+0x5e/0x590
[  494.984689][T10662]  ? __phys_addr_symbol+0x30/0x80
[  494.986028][T10662]  ? __check_object_size+0x488/0x710
[  494.987410][T10662]  netlink_sendmsg+0x813/0xd70
[  494.988691][T10662]  ? __pfx_netlink_sendmsg+0x10/0x10
[  494.990085][T10662]  ? __import_iovec+0x1fd/0x6e0
[  494.991359][T10662]  ____sys_sendmsg+0xaaf/0xc90
[  494.992636][T10662]  ? copy_msghdr_from_user+0x10b/0x160
[  494.994032][T10662]  ? __pfx_____sys_sendmsg+0x10/0x10
[  494.995474][T10662]  ? __pfx___lock_acquire+0x10/0x10
[  494.996844][T10662]  ___sys_sendmsg+0x135/0x1e0
[  494.998081][T10662]  ? __pfx____sys_sendmsg+0x10/0x10
[  494.999454][T10662]  ? lock_acquire+0x2f/0xb0
[  495.000668][T10662]  ? __fget_files+0x40/0x3f0
[  495.001863][T10662]  ? fdget+0x176/0x210
[  495.002902][T10662]  __sys_sendmsg+0x117/0x1f0
[  495.004062][T10662]  ? __pfx___sys_sendmsg+0x10/0x10
[  495.005349][T10662]  ? __fget_files+0x244/0x3f0
[  495.006571][T10662]  do_syscall_64+0xcd/0x250
[  495.007721][T10662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.009177][T10662] RIP: 0033:0x7f6e78d7dff9
[  495.010193][T10662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.014957][T10662] RSP: 002b:00007f6e79b8b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  495.017145][T10662] RAX: ffffffffffffffda RBX: 00007f6e78f35f80 RCX: 00007f6e78d7dff9
[  495.019181][T10662] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  495.021830][T10662] RBP: 00007f6e79b8b090 R08: 0000000000000000 R09: 0000000000000000
[  495.023912][T10662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  495.026207][T10662] R13: 0000000000000000 R14: 00007f6e78f35f80 R15: 00007ffd43af9178
[  495.028315][T10662]  </TASK>
[  495.029201][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  495.032609][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  495.035806][    T8] usb 5-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[  495.038237][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.041810][    T8] usb 5-1: config 0 descriptor??
[  495.186708][T10679] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  495.188457][T10679] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  495.190637][T10679] vhci_hcd vhci_hcd.0: Device attached
[  495.434355][ T6488] vhci_hcd: vhci_device speed not set
[  495.454249][   T35] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[  495.504321][ T6488] usb 17-1: device descriptor read/64, error -110
[  495.530757][    T8] cypress 0003:04B4:DE61.0007: item fetching failed at offset 5/7
[  495.543446][    T8] cypress 0003:04B4:DE61.0007: parse failed
[  495.549691][    T8] cypress 0003:04B4:DE61.0007: probe with driver cypress failed with error -22
[  495.604247][   T35] usb 7-1: Using ep0 maxpacket: 8
[  495.608592][   T35] usb 7-1: config index 0 descriptor too short (expected 12336, got 27)
[  495.611741][   T35] usb 7-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  495.614646][   T35] usb 7-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  495.617550][   T35] usb 7-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  495.620044][   T35] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  495.622520][   T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.684190][ T6488] vhci_hcd: vhci_device speed not set
[  495.715710][ T1288] usb 5-1: USB disconnect, device number 40
[  495.744288][ T6488] usb 17-1: new full-speed USB device number 8 using vhci_hcd
[  495.829346][T10680] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 7
[  495.829980][   T35] usb 7-1: string descriptor 0 read error: -71
[  495.831383][ T9110] vhci_hcd: stop threads
[  495.834662][ T9110] vhci_hcd: release socket
[  495.836361][   T35] usb 7-1: USB disconnect, device number 39
[  495.836453][ T9110] vhci_hcd: disconnect device
[  495.972194][T10685] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  495.983769][   T39] audit: type=1400 audit(1729685188.418:966): avc:  denied  { search } for  pid=10684 comm="syz.3.1265" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  496.098748][   T39] audit: type=1800 audit(1729685188.538:967): pid=10687 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.1265" name="/" dev="fuse" ino=1 res=0 errno=0
[  496.248206][T10689] FAULT_INJECTION: forcing a failure.
[  496.248206][T10689] name failslab, interval 1, probability 0, space 0, times 0
[  496.251602][T10689] CPU: 3 UID: 0 PID: 10689 Comm: syz.0.1266 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  496.254440][T10689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  496.257259][T10689] Call Trace:
[  496.258150][T10689]  <TASK>
[  496.258939][T10689]  dump_stack_lvl+0x16c/0x1f0
[  496.260237][T10689]  should_fail_ex+0x497/0x5b0
[  496.261534][T10689]  ? fs_reclaim_acquire+0xae/0x150
[  496.262886][T10689]  should_failslab+0xc2/0x120
[  496.264369][T10689]  __kmalloc_cache_noprof+0x6b/0x300
[  496.265962][T10689]  ? fuse_get_tree+0xbe/0x600
[  496.267206][T10689]  ? kasan_save_track+0x14/0x30
[  496.268509][T10689]  fuse_get_tree+0xbe/0x600
[  496.269717][T10689]  ? security_capable+0x7e/0x260
[  496.271025][T10689]  vfs_get_tree+0x8f/0x380
[  496.272222][T10689]  path_mount+0x14e6/0x1f20
[  496.273451][T10689]  ? kmem_cache_free+0x152/0x4b0
[  496.274755][T10689]  ? __pfx_path_mount+0x10/0x10
[  496.276070][T10689]  ? putname+0x12e/0x170
[  496.277209][T10689]  __x64_sys_mount+0x294/0x320
[  496.278474][T10689]  ? __pfx___x64_sys_mount+0x10/0x10
[  496.279887][T10689]  do_syscall_64+0xcd/0x250
[  496.281150][T10689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.282847][T10689] RIP: 0033:0x7f27b977dff9
[  496.284029][T10689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.289117][T10689] RSP: 002b:00007f27ba630038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  496.291267][T10689] RAX: ffffffffffffffda RBX: 00007f27b9935f80 RCX: 00007f27b977dff9
[  496.293360][T10689] RDX: 0000000020002100 RSI: 00000000200020c0 RDI: 0000000000000000
[  496.295421][T10689] RBP: 00007f27ba630090 R08: 0000000020000500 R09: 0000000000000000
[  496.297483][T10689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  496.299538][T10689] R13: 0000000000000000 R14: 00007f27b9935f80 R15: 00007ffddd6dc628
[  496.301665][T10689]  </TASK>
[  496.607784][T10709] netlink: 180200 bytes leftover after parsing attributes in process `syz.0.1271'.
[  496.610977][T10709] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes.
[  496.654042][T10712] ieee802154 phy0 wpan0: encryption failed: -22
[  497.655785][   T65] Bluetooth: hci4: unexpected event 0x08 length: 78 > 4
[  497.804235][ T1288] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  497.959156][ T1288] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  497.962222][ T1288] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  497.965111][ T1288] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  497.968877][ T1288] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  497.971220][ T1288] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.974359][ T1288] usb 7-1: config 0 descriptor??
[  498.388921][ T1288] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0
[  498.391438][ T1288] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  498.398084][ T1288] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  498.647504][T10730] ip6gretap0 speed is unknown, defaulting to 1000
[  498.649430][T10730] ip6gretap0 speed is unknown, defaulting to 1000
[  498.654076][T10730] ip6gretap0 speed is unknown, defaulting to 1000
[  498.660795][T10730] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  498.667837][T10730] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  498.698846][T10730] ip6gretap0 speed is unknown, defaulting to 1000
[  498.704428][T10730] ip6gretap0 speed is unknown, defaulting to 1000
[  498.707834][T10730] ip6gretap0 speed is unknown, defaulting to 1000
[  498.711042][T10730] ip6gretap0 speed is unknown, defaulting to 1000
[  498.714885][T10730] ip6gretap0 speed is unknown, defaulting to 1000
[  498.876521][  T829] usb 13-1: device descriptor read/8, error -110
[  498.984218][T10743] input: syz0 as /devices/virtual/input/input24
[  499.009228][T10743] input: syz0 as /devices/virtual/input/input25
[  499.042164][T10742] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  499.064488][  T829] vhci_hcd: vhci_device speed not set
[  499.113530][   T39] audit: type=1400 audit(1729685191.548:968): avc:  denied  { rmdir } for  pid=9039 comm="syz-executor" name="instances" dev="overlay" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  499.119861][   T39] audit: type=1400 audit(1729685191.558:969): avc:  denied  { link } for  pid=9039 comm="syz-executor" name="#1f" dev="tmpfs" ino=834 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  499.126464][   T39] audit: type=1400 audit(1729685191.558:970): avc:  denied  { getattr } for  pid=9039 comm="syz-executor" name="saved_tgids" dev="tracefs" ino=1154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=file permissive=1
[  499.132736][   T39] audit: type=1400 audit(1729685191.558:971): avc:  denied  { unlink } for  pid=9039 comm="syz-executor" name="saved_tgids" dev="overlay" ino=1154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=file permissive=1
[  499.140349][   T39] audit: type=1400 audit(1729685191.568:972): avc:  denied  { write } for  pid=9039 comm="syz-executor" name="cpu7" dev="overlay" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  499.146280][   T39] audit: type=1400 audit(1729685191.568:973): avc:  denied  { remove_name } for  pid=9039 comm="syz-executor" name="buffer_size_kb" dev="overlay" ino=1149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  499.152418][   T39] audit: type=1400 audit(1729685191.568:974): avc:  denied  { create } for  pid=9039 comm="syz-executor" name="#26" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  499.158612][   T39] audit: type=1400 audit(1729685191.568:975): avc:  denied  { associate } for  pid=9039 comm="syz-executor" name="#26" scontext=system_u:object_r:tracefs_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  499.844641][   T58] usb 7-1: reset high-speed USB device number 40 using dummy_hcd
[  500.716393][T10761] input: syz0 as /devices/virtual/input/input26
[  500.868509][ T6488] vhci_hcd: vhci_device speed not set
[  500.907378][T10773] usb 2-1: USB disconnect, device number 2
[  501.116837][ T1381] ieee802154 phy0 wpan0: encryption failed: -22
[  501.118498][ T1381] ieee802154 phy1 wpan1: encryption failed: -22
[  501.307703][ T7003] usb 7-1: USB disconnect, device number 40
[  502.034727][T10781] fuse: Bad value for 'group_id'
[  502.036272][T10781] fuse: Bad value for 'group_id'
[  502.117193][   T39] kauditd_printk_skb: 4 callbacks suppressed
[  502.117204][   T39] audit: type=1400 audit(1729685194.558:980): avc:  denied  { ioctl } for  pid=10780 comm="syz.2.1294" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0xaf61 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  502.900880][T10796] binder: 10792:10796 ioctl c0306201 200002c0 returned -14
[  502.903974][   T39] audit: type=1326 audit(1729685195.338:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10792 comm="syz.0.1299" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27b977dff9 code=0x7ffc0000
[  502.910037][   T39] audit: type=1326 audit(1729685195.338:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10792 comm="syz.0.1299" exe="/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f27b977dff9 code=0x7ffc0000
[  502.916160][   T39] audit: type=1326 audit(1729685195.348:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10792 comm="syz.0.1299" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27b977dff9 code=0x7ffc0000
[  502.922077][   T39] audit: type=1326 audit(1729685195.348:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10792 comm="syz.0.1299" exe="/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f27b977dff9 code=0x7ffc0000
[  502.929219][   T39] audit: type=1326 audit(1729685195.348:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10792 comm="syz.0.1299" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27b977dff9 code=0x7ffc0000
[  502.935286][   T39] audit: type=1326 audit(1729685195.348:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10792 comm="syz.0.1299" exe="/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f27b977dff9 code=0x7ffc0000
[  502.941437][   T39] audit: type=1326 audit(1729685195.348:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10792 comm="syz.0.1299" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27b977dff9 code=0x7ffc0000
[  502.947989][   T39] audit: type=1326 audit(1729685195.348:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10792 comm="syz.0.1299" exe="/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f27b977dff9 code=0x7ffc0000
[  502.955220][   T39] audit: type=1326 audit(1729685195.368:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10792 comm="syz.0.1299" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27b977dff9 code=0x7ffc0000
[  504.084315][T10809] ------------[ cut here ]------------
[  504.086622][T10809] platform vkms: [drm] vblank wait timed out on crtc 0
[  504.088801][T10809] WARNING: CPU: 0 PID: 10809 at drivers/gpu/drm/drm_vblank.c:1307 drm_wait_one_vblank+0x334/0x550
[  504.091723][T10809] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  504.092961][T10809] CPU: 0 UID: 0 PID: 10809 Comm: syz.0.1303 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  504.097998][T10809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  504.100900][T10809] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  504.102560][T10809] Code: 85 ed 0f 84 54 01 00 00 e8 09 0a 62 fc 4c 89 e7 e8 21 f8 86 00 89 e9 4c 89 ea 48 c7 c7 60 5c e7 8b 48 89 c6 e8 fd fa 22 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 de 09 62 fc 90 48 8d 7b 08 48 b8 00
[  504.107869][T10809] RSP: 0018:ffffc90004aafb28 EFLAGS: 00010286
[  504.109585][T10809] RAX: 0000000000000000 RBX: ffff888024db8000 RCX: ffffc9002cf9f000
[  504.111664][T10809] RDX: 0000000000040000 RSI: ffffffff814e71b6 RDI: 0000000000000001
[  504.113950][T10809] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  504.116933][T10809] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888024fd3010
[  504.119825][T10809] R13: ffff888024162a60 R14: 1ffff92000955f67 R15: 0000000000006682
[  504.122675][T10809] FS:  00007f27ba5cd6c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000
[  504.125889][T10809] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  504.128317][T10809] CR2: 0000001b2fa1dff8 CR3: 000000004fa20000 CR4: 0000000000352ef0
[  504.131181][T10809] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  504.134085][T10809] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  504.137236][T10809] Call Trace:
[  504.138516][T10809]  <TASK>
[  504.139651][T10809]  ? __warn+0xea/0x3d0
[  504.141191][T10809]  ? lock_acquire.part.0+0x11b/0x380
[  504.143064][T10809]  ? drm_wait_one_vblank+0x334/0x550
[  504.145072][T10809]  ? report_bug+0x3c0/0x580
[  504.146639][T10809]  ? handle_bug+0x54/0xa0
[  504.148117][T10809]  ? exc_invalid_op+0x17/0x50
[  504.149976][T10809]  ? asm_exc_invalid_op+0x1a/0x20
[  504.151775][T10809]  ? __warn_printk+0x1a6/0x350
[  504.153476][T10809]  ? drm_wait_one_vblank+0x334/0x550
[  504.155476][T10809]  ? drm_wait_one_vblank+0x333/0x550
[  504.157359][T10809]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  504.159325][T10809]  ? __pfx_autoremove_wake_function+0x10/0x10
[  504.161539][T10809]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  504.163612][T10809]  ? drm_vblank_get+0x150/0x280
[  504.165618][T10809]  drm_fb_helper_ioctl+0x156/0x1a0
[  504.167463][T10809]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  504.169490][T10809]  do_fb_ioctl+0x3d4/0x7d0
[  504.171073][T10809]  ? __pfx_do_fb_ioctl+0x10/0x10
[  504.172703][T10809]  ? do_vfs_ioctl+0x513/0x1990
[  504.174293][T10809]  ? selinux_file_ioctl+0x180/0x270
[  504.176288][T10809]  fb_ioctl+0xe5/0x150
[  504.177787][T10809]  ? __pfx_fb_ioctl+0x10/0x10
[  504.179519][T10809]  __x64_sys_ioctl+0x18f/0x220
[  504.181304][T10809]  do_syscall_64+0xcd/0x250
[  504.183124][T10809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.185468][T10809] RIP: 0033:0x7f27b977dff9
[  504.187125][T10809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.193877][T10809] RSP: 002b:00007f27ba5cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  504.196838][T10809] RAX: ffffffffffffffda RBX: 00007f27b9936208 RCX: 00007f27b977dff9
[  504.199493][T10809] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000005
[  504.202238][T10809] RBP: 00007f27b97f0296 R08: 0000000000000000 R09: 0000000000000000
[  504.205162][T10809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  504.207979][T10809] R13: 0000000000000000 R14: 00007f27b9936208 R15: 00007ffddd6dc628
[  504.210576][T10809]  </TASK>
[  504.211711][T10809] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  504.214366][T10809] CPU: 0 UID: 0 PID: 10809 Comm: syz.0.1303 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  504.217519][T10809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  504.220309][T10809] Call Trace:
[  504.221279][T10809]  <TASK>
[  504.222063][T10809]  dump_stack_lvl+0x3d/0x1f0
[  504.223306][T10809]  panic+0x71d/0x800
[  504.224364][T10809]  ? __pfx_panic+0x10/0x10
[  504.225543][T10809]  ? show_trace_log_lvl+0x29d/0x3d0
[  504.226911][T10809]  ? drm_wait_one_vblank+0x334/0x550
[  504.228413][T10809]  check_panic_on_warn+0xab/0xb0
[  504.230111][T10809]  __warn+0xf6/0x3d0
[  504.231506][T10809]  ? lock_acquire.part.0+0x11b/0x380
[  504.233397][T10809]  ? drm_wait_one_vblank+0x334/0x550
[  504.235282][T10809]  report_bug+0x3c0/0x580
[  504.236851][T10809]  handle_bug+0x54/0xa0
[  504.238410][T10809]  exc_invalid_op+0x17/0x50
[  504.240123][T10809]  asm_exc_invalid_op+0x1a/0x20
[  504.241920][T10809] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  504.244104][T10809] Code: 85 ed 0f 84 54 01 00 00 e8 09 0a 62 fc 4c 89 e7 e8 21 f8 86 00 89 e9 4c 89 ea 48 c7 c7 60 5c e7 8b 48 89 c6 e8 fd fa 22 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 de 09 62 fc 90 48 8d 7b 08 48 b8 00
[  504.251107][T10809] RSP: 0018:ffffc90004aafb28 EFLAGS: 00010286
[  504.253341][T10809] RAX: 0000000000000000 RBX: ffff888024db8000 RCX: ffffc9002cf9f000
[  504.256227][T10809] RDX: 0000000000040000 RSI: ffffffff814e71b6 RDI: 0000000000000001
[  504.259120][T10809] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  504.261806][T10809] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888024fd3010
[  504.263856][T10809] R13: ffff888024162a60 R14: 1ffff92000955f67 R15: 0000000000006682
[  504.266056][T10809]  ? __warn_printk+0x1a6/0x350
[  504.267343][T10809]  ? drm_wait_one_vblank+0x333/0x550
[  504.268778][T10809]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  504.270281][T10809]  ? __pfx_autoremove_wake_function+0x10/0x10
[  504.272097][T10809]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  504.273639][T10809]  ? drm_vblank_get+0x150/0x280
[  504.274934][T10809]  drm_fb_helper_ioctl+0x156/0x1a0
[  504.276288][T10809]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  504.277756][T10809]  do_fb_ioctl+0x3d4/0x7d0
[  504.278941][T10809]  ? __pfx_do_fb_ioctl+0x10/0x10
[  504.280272][T10809]  ? do_vfs_ioctl+0x513/0x1990
[  504.281887][T10809]  ? selinux_file_ioctl+0x180/0x270
[  504.283799][T10809]  fb_ioctl+0xe5/0x150
[  504.285334][T10809]  ? __pfx_fb_ioctl+0x10/0x10
[  504.287069][T10809]  __x64_sys_ioctl+0x18f/0x220
[  504.288830][T10809]  do_syscall_64+0xcd/0x250
[  504.290472][T10809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.292427][T10809] RIP: 0033:0x7f27b977dff9
[  504.293605][T10809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.299170][T10809] RSP: 002b:00007f27ba5cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  504.301439][T10809] RAX: ffffffffffffffda RBX: 00007f27b9936208 RCX: 00007f27b977dff9
[  504.303514][T10809] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000005
[  504.305816][T10809] RBP: 00007f27b97f0296 R08: 0000000000000000 R09: 0000000000000000
[  504.308472][T10809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  504.310625][T10809] R13: 0000000000000000 R14: 00007f27b9936208 R15: 00007ffddd6dc628
[  504.312845][T10809]  </TASK>
[  504.314108][T10809] Kernel Offset: disabled
[  504.315335][T10809] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:58:04  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850b00a5 RDI=ffffffff9aae6bc0 RBP=ffffffff9aae6b80 RSP=ffffc90004aaf488
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000020 R14=ffffffff850b0040 R15=0000000000000000
RIP=ffffffff850b00cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f27ba5cd6c0 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2fa1dff8 CR3=000000004fa20000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=000000007ffbffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffddd6dc9c0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffc90006640000 RBX=0000000000000000 RCX=ffff888027990fb0 RDX=000000000000009d
RSI=ffffffff864b6fa6 RDI=ffff888027991188 RBP=0000000000000001 RSP=ffffc900008b0b78
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000001 R13=0000000000004e20 R14=ffff888027990fb0 R15=0000000000000001
RIP=ffffffff864b6fe3 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f27ba6306c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020b2e000 CR3=000000004fa20000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80d55f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80d55f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80d55f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80d55f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80d55f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80d55f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80d570b488 00007f80d570b480 00007f80d570b478 00007f80d570b450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80d626d100 00007f80d570b440 00007f80d5700004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80d570b498 00007f80d570b490 00007f80d570b488 00007f80d570b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000008 RBX=ffffc900035d7b40 RCX=0000000000000000 RDX=0000000000000000
RSI=0000000000000008 RDI=ffffc900035d7b40 RBP=0000000000000000 RSP=ffffc900035d7b38
R8 =0000000000000000 R9 =fffffbfff20be969 R10=ffffffff905f4b4f R11=0000000000000000
R12=0000000000000000 R13=0000000000000200 R14=ffffea000176e780 R15=0000000000000000
RIP=ffffffff84bf67b0 RFL=00000287 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555611a0500 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffd451b4c58 CR3=000000005c608000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000020081 Opmask01=0000000001000001 Opmask02=000000007ffbffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd43af4060 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e78df1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e78df1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e78df113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e78df114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e78df11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e78df12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 2074657365720064 656c696166202973 2528746174736c00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 0551405640570041 40494c4443050c56 000d514451564900
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88806a73ee80 RCX=0000000000000001 RDX=1ffff1100d4e7f36
RSI=ffffffff8b6cd3c0 RDI=ffff88806a73f9b0 RBP=ffff88806a73ee80 RSP=ffffc90000a87660
R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000000
R12=ffffffff905f7e58 R13=ffff8880224d0014 R14=ffff8880224d0000 R15=ffff8880224d0a00
RIP=ffffffff815cf39e RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f27ba60f6c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f27ba60ef98 CR3=000000004fa20000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b97f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b990b488 00007f27b990b480 00007f27b990b478 00007f27b990b450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27ba46d100 00007f27b990b440 00007f27b990b458 00007f27b990b4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f27b990b498 00007f27b990b490 00007f27b990b488 00007f27b990b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000