last executing test programs:

2m7.810914785s ago: executing program 0 (id=1280):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(twofish-generic)\x00'}, 0x58)
mq_open(&(0x7f00000079c0)='.:-\\!\x00', 0x40, 0x12, 0x0)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x54}}, 0x4000054)
bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r1, &(0x7f0000000000)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0302}}}, 0x14)
r4 = syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x101000)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
setsockopt$sock_int(r6, 0x1, 0xa, &(0x7f0000000400)=0x4, 0x4)
syz_usb_connect(0x4, 0xedc, &(0x7f00000004c0)={{0x12, 0x1, 0x310, 0x40, 0xe6, 0xe4, 0x10, 0xd8e, 0x7803, 0xffed, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xeca, 0x4, 0x6, 0x5, 0xc0, 0x12, [{{0x9, 0x4, 0xf2, 0xa, 0x1, 0x9d, 0xd1, 0xda, 0x3, [@uac_control={{0xa, 0x24, 0x1, 0x4247, 0x7}}, @cdc_ecm={{0x9, 0x24, 0x6, 0x0, 0x0, "11075ef8"}, {0x5, 0x24, 0x0, 0x8000}, {0xd, 0x24, 0xf, 0x1, 0x3, 0x2, 0xa, 0xfc}, [@mdlm_detail={0x2d, 0x24, 0x13, 0x4, "679a50280fc6625114f349df9b81991b8f0af3308f405f8e6f5349bac860c70d05d7655079dbc7a799"}, @acm={0x4, 0x24, 0x2, 0x2}, @mdlm={0x15, 0x24, 0x12, 0x1dfa}, @mbim={0xc, 0x24, 0x1b, 0x81, 0x8, 0x7, 0x2, 0x8000, 0x2}, @mbim_extended={0x8, 0x24, 0x1c, 0x2, 0x2, 0xe4}]}], [{{0x9, 0x5, 0xc, 0x10, 0x400, 0x9, 0x7, 0x2, [@generic={0x8e, 0x23, "3a1ebf1c9429072aab31907196466c2ee1369b554ee70dcff236691c2325d66d10bf268c2b3d859443b3c5345350a0d0c5150770815ea5a2929387e2bce446a01ae09f739339ee4e5bfb1aaf9eb5b54f7478b42b1a0ccc2b45dd554d21885d62642029c9ab8a4547ff68e3a9eb6eda58f7f13960cbafd9951e4b55986d6237e02735ee21029ea5b46a4d1872"}]}}]}}, {{0x9, 0x4, 0x41, 0x4, 0xf, 0x67, 0x72, 0xc0, 0x8, [@uac_control={{0xa, 0x24, 0x1, 0x7, 0x7}, [@processing_unit={0xa, 0x24, 0x7, 0x4, 0x5, 0xed, "0ca43c"}, @output_terminal={0x9, 0x24, 0x3, 0x4, 0x301, 0x2, 0x4, 0x77}, @selector_unit={0x6, 0x24, 0x5, 0x2, 0xff, "b3"}, @output_terminal={0x9, 0x24, 0x3, 0x1, 0x305, 0x5, 0x6, 0x9}, @mixer_unit={0x5, 0x24, 0x4, 0x3, 0x8}]}], [{{0x9, 0x5, 0xe, 0x10, 0x400, 0x6, 0x10, 0x9}}, {{0x9, 0x5, 0xd, 0x8, 0x400, 0x55, 0x3, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x8, 0x6edd}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x7, 0x8000}]}}, {{0x9, 0x5, 0x8, 0xc, 0x3ff, 0x7f, 0x9, 0x9, [@generic={0x4f, 0x10, "758d0beccb9195f85ed8a6320419d09315a76391f9365de00be94c041457a462f238690ac92ebff172904435baa9eaa9ec5d8018f7fbf62bd6842b01f950a369d38806de3c7dd61c77bfc02fc5"}]}}, {{0x9, 0x5, 0x5, 0x8, 0x200, 0xa, 0x81, 0x98, [@generic={0x12, 0xf, "763ee46ac6682e4a602a5b7bc2770065"}, @generic={0x55, 0xb, "e95494a7612fcedd1934cf359f5d6abe545c28fff8ceb024ca4d37a4a0e5767f59a560a2f664519f0320cf533936f5e2e93f8c09fcedc861105c4dcab8ab9d7012c2d7c5baefbd37f5adff7d9b75f9161f0def"}]}}, {{0x9, 0x5, 0xa, 0x3, 0x20, 0xd, 0x6, 0x9}}, {{0x9, 0x5, 0xc, 0x0, 0x0, 0x0, 0x8, 0x0, [@generic={0x44, 0xb, "f4298a06e1c45ca80ff3fe573fe471778f848a27268b0d67d3735cbfa9b70631c242f32ddb413f43ad5ae1fd0b156c743caf655db0305a3be852c7ed3866c2591a40"}, @generic={0xa0, 0x8, "217325efa94b72c6763c68e2cfa8882e59d513a6154c0d981e26bbf80c1c503aa274c05b052907b3b3dc2feb6b07bfe3b311e47192a8d19c1cd431de051311dc3b11befed8f45a1881af1acec1fc25b1712c8128f01268ea4e25a64d7bbb2d23837bed80edc3de160757d85b8badbce81cfbd14e08e29404bd46ee0b0d595c7d931691a42f9f31bfed1974ec5da3202f9263ed78bf781b16b4ff6d9a2fe9"}]}}, {{0x9, 0x5, 0xb, 0x4, 0x40, 0xc, 0xb, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0xfff4}]}}, {{0x9, 0x5, 0xc, 0x10, 0x200, 0x6, 0x0, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x7f, 0x4}]}}, {{0x9, 0x5, 0x9, 0x8, 0x3ff, 0xe0, 0x8, 0x8, [@generic={0x46, 0x8, "7d9a770e916fc925cc95232e76204bdcd3c5ea3678522efd133997333f14494a34da0ebd3910fb4952efcd2761cd1c0e1b7e4346f2052c356e879b6528b011ecef5841b2"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x40, 0x7, 0xb, 0x74, [@generic={0x89, 0x22, "0a8147e14d35441415b118927916e2c1f4c033b23240b2f56dfd00f48c77971cb2c9a00d71f1696ef384c62be3c56bb1bd8556d44eff480c0af1b1878df789fddaa39f42ebab1d9e031f07bdccf3962e1b4e1dc312e6605ed06c45f3f12f73e609926ba810577c5b9baa2b92ddd95647f245e2d297cd2c0de7be3db074bc7736c9d1980025e470"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x2c, 0x9}]}}, {{0x9, 0x5, 0x8, 0x10, 0x200, 0x3, 0x2, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x81, 0x7}]}}, {{0x9, 0x5, 0xf, 0x0, 0x7df, 0x2, 0x3, 0x9}}, {{0x9, 0x5, 0x9, 0x0, 0x200, 0x6, 0x6, 0xa9}}, {{0x9, 0x5, 0x1, 0x10, 0x10, 0xe3, 0x0, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x4, 0x4}, @generic={0xe1, 0x22, "51e67a6eb930e61a4b4f5df0387ba92997b65eadb20a3cd15f7c75856cb28e2018db76bbb79259d3ad901004b62b449fd9a4a71994647f2fde079f615ddfcb62395648ac56cb9ab29b0ed4ba042771f81af4f2fd7d3f8bbebb01d357c122cafb36b33bc32c162699f6c0fe31d7ecba5cb5fa73c21478e64fca13df3bd08bbe9b58b1f9ed8eb841613bd3d5c7aa444501bf1406003ece9e1dffeb35c5daaa6cb6290796db4a077bd3c1af0b83cfa32b3e23628fa37f530c2fdb80a650d4d42d5a901eb0dd44f532f737bd7d3b7a21d44a62ce3c1a12ae14faa46ce51f9c8d68"}]}}, {{0x9, 0x5, 0x6, 0xc, 0x3ff, 0x6, 0x1, 0x1, [@generic={0x86, 0x3, "69e0a68c95775b67c24f07662a2e60007583b2918ceb8c779160e54aefc6cc797579f829253dcba417c92883c342a114d62f99f1b050962afdeee363c73ce8f950e8ebd7555f14f9e8ee4277b7509f2ddb77d11b082636430fc18f25ec1d8c6e184bb3513de23f45a66b3c6da2f4926b29c4b4c610a4a7405694ac46125cb1d11ceb4448"}, @generic={0xf8, 0x7, "b26469221a3f33df879ae43a73d56175123ee333e478bd1572b3317176444d2d9c4e683c868a7b1bb56869b5185588f1b0efd9d09f214044d218279677adfa429af9fe6dacc90ae24ef1f5bdd7a1cf746f88e927687a848946c578a3a8d76e25dac76df5a730a73307b3284e5edf916c92665b05b6b69e1fa5c1c81f6f83eea9ded1c09755f4d81a8daa30a1f9c82f2d8fc95bf761a8e3eea5955ff364463c089e0aa5889d1bbc015cea7d00e9a55787380bc79df075b60865d8ea6fab25113b45a34db031f07a86293bda82b319d45cc206ad8f665621fab2be84e4f61afe6084689211dacbd9d36a1858fafd39c50f1b3205972255"}]}}]}}, {{0x9, 0x4, 0xd2, 0x4, 0xd, 0x63, 0xcb, 0x5d, 0xff, [], [{{0x9, 0x5, 0x9, 0x1, 0x400, 0x3, 0x3, 0x6, [@generic={0x8a, 0x8, "b84b25eef59e8c6ae7245d4c99137344d8d0b0dc2cca913bd7bbc3cf15a12be0dc9c8312142530ef5b7e6ecfc518f10f0ba262f8f6fca540ec735abeaf0113e63bb34e5b54eeaf5241e789d3f1c54a5be6576943cbcdb2ecc148120dacd98ae3f9b0c471a66364b5e5e19b4efc1276c8227c5ce64ab4a8dd2ad2fcae7a94ee11b2b15302fb0a62e8"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0x5, 0x2}]}}, {{0x9, 0x5, 0x6, 0x10, 0x10, 0x22, 0x7, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xc, 0x3}]}}, {{0x9, 0x5, 0x8, 0x10, 0x10, 0xff, 0x3, 0xb2, [@generic={0xf2, 0x7, "3fb7d7ee149af85cb95230c09da348d84d3dbe822a86a758809a8a6b9561dafa0ddbb7c8765ec839557c78f032c076d74e336d95ec00e57316aebd06a402d9cca1c0e790e9054cd097a6869d6ccc5d1b532a568ea227be2859eee5bfd2993cddee904fc65a7b4065114ec11f5b2155a39cb122e3adce1aceb511d75ae9535da750dedf09fbc51c5916137219bdec831c4db2bc2317f41878587729f7abd27887c2cff2287eff6576ecc2259aa00cc8ac33b467c0d20493d739bbfb740b0a88a133f4b90c27ab69f20bbb2d269d6501e80ec8e71b68ccf7078d4345319a5c81e403f7cdda7f2347d451e98f36a7161bae"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x9, 0x8}]}}, {{0x9, 0x5, 0x0, 0x10, 0x10, 0xa, 0x7, 0xa6, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0xe4e}]}}, {{0x9, 0x5, 0x2, 0x10, 0x200, 0x9, 0xf7, 0x2}}, {{0x9, 0x5, 0x3, 0x10, 0x258, 0xd7, 0x8, 0xeb, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x9, 0x5}, @generic={0x86, 0x1, "a6d37ee65a25ba6e4ca2e4edc85b4bcd5605f16852f889f546c2139a5de88c88fd2da1d870c06d83cf43b51e9e738b6f67a178db45432bbb0a7761af57dea9b9e146403cfc44886936cf9d98c10856d19d2bbc6de6b769b9b0b1684eeee577f7012e163f83c4e4ecd9511c4e1dba869e82eb7cebf59b8f03bc4d897a6e546ad94daeed59"}]}}, {{0x9, 0x5, 0xa, 0x10, 0x39f, 0x6a, 0x8, 0xff, [@generic={0x55, 0xd, "500ea5af8770cafbd5d10c9df77bbb0be966182b01ea11feea723c385811ffb9155347a2061595afb25eae5fc4aa60ccf66d376a4dc5a52840c8ee59e6e57a0d4f97aa6ebc6cce82177835737f809ae6361393"}]}}, {{0x9, 0x5, 0x80, 0x10, 0x40, 0x0, 0x4, 0x9}}, {{0x9, 0x5, 0x1, 0x4, 0x40, 0x0, 0x3, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x1}, @generic={0x6b, 0x8, "b48407585b5e4e9cfd37f519f638ccc93593eb1e2171846ce1c61e33f3763921c825f8d9a5e578c7b70fc541cca989e2ecdeaa58ead7b5557176e2ae1e7f484adb7620869d8917faa2053c481c2ffd7a643d8046562bbd0e926cbfb250b27681ac71702ed0c7c0b9f0"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x40, 0x1d, 0x8, 0x1, [@generic={0x58, 0xe, "534064226e51e007001faebede205dea774c82b2c012904cba56eff643696eb31fcb7998eb47731707c262e6878102ec6d9762f1cce7d678b9bdfd5ac6b420ecc3041b45396027a7ecca2046652ec57b5f4e6eeb56f6"}]}}, {{0x9, 0x5, 0x80, 0x2, 0x10, 0x0, 0x10, 0xc}}, {{0x9, 0x5, 0x5, 0xc, 0x3ff, 0xd, 0x48, 0x5, [@generic={0x52, 0x10, "60944eaae136a8c71c5a04163b427e2ce24484cf25189ab5cf4c870c341b2fc3f45fbc458f63df56553b21d803f8d7da73d89ce432cdf630f8be79acf30964c1e166f2f946905d497fec15dd73761e3c"}]}}, {{0x9, 0x5, 0xf8311ee95d9f0fa, 0x0, 0x3ff, 0x4, 0x4, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x18, 0x5}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0xff, 0xf7b1}]}}]}}, {{0x9, 0x4, 0x1, 0xf4, 0xe, 0xae, 0x2f, 0x5, 0x0, [@cdc_ncm={{0x9, 0x24, 0x6, 0x0, 0x1, "35db15e0"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x9a, 0x7, 0xcf0b, 0x4}, {0x6, 0x24, 0x1a, 0x1, 0xa}, [@mdlm={0x15, 0x24, 0x12, 0x8}, @network_terminal={0x7, 0x24, 0xa, 0x60, 0x6, 0x81, 0x7a}, @dmm={0x7, 0x24, 0x14, 0x3, 0x4}, @network_terminal={0x7, 0x24, 0xa, 0x4, 0xe, 0x0, 0x6}]}], [{{0x9, 0x5, 0xa, 0x3, 0x10, 0x6, 0x25, 0x88, [@generic={0xe6, 0x31, "113d57371b87ba1e3e6a022ff8b4cded39b7eae581d07c382ebe6004123b328aaf7a9a64e0db4595c5c4b58ce05dd97c821e50eed8e431204b5cb56b95abaf14f182cf9e80f18066c860ec914fc4b819ccbffa73f822d18d1353ec0e3dfb1e5ae0bc5393e35ba751e31036b41799098b846b7148f2d38d1ecb7d25fa759a9d4daf5539ff5870ac71d32cdb6fa77f7610d9bfbe723855b3ca0165dd622654144e6e3f336388bbe2fb0ff93f5228207590d31b7ff9079f9327bcace25952c2c0c0ab92a90e21cf69496c4fb6ee0a99a86aa4cbcdf94ba6c27400c17d129a8527a203ca8daa"}]}}, {{0x9, 0x5, 0x9, 0x1, 0x10, 0xf7, 0x1, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x1, 0xfffb}]}}, {{0x9, 0x5, 0x4, 0xc, 0x400, 0x9, 0x7, 0x1}}, {{0x9, 0x5, 0x9, 0x16, 0x3ff, 0x6, 0xf4, 0x6a, [@generic={0xde, 0x6, "fe0201e569e6d999ea8edfdfbf4245db16d59fa37e0b55c2171dcc6dcd9b60a8d44ec8de8e9ebae73741922998a853f86c52f9f65acafd5f1fdd9ee7fff296065c934ac0a7e7ca7ce30de05dfc98ba112303fcc06caf225d47e193f59cc173cd38e1e282958e3be0752430ffbb63e358337dbce1de4bdf0fc5026de5d37ae5b1294f474b1afc5daa6e6b253ccbe68cceec3db5f79a704fae1c7c01344ca806b1b01175bd8ca0ac1c646c6c74d46fa014760a885b73d1a6e133731eb5f1cb14ddd84c81ac8be4c7ed4fdafcdb8bcd10556c90f10164b1d2bec8cdc959"}]}}, {{0x9, 0x5, 0x80, 0x4, 0x400, 0x0, 0xb6, 0x40}}, {{0x9, 0x5, 0x5, 0x8, 0x8, 0x8, 0x8, 0x7}}, {{0x9, 0x5, 0xb, 0xc, 0x8, 0x9, 0xa7, 0x40, [@generic={0x4f, 0x23, "5a5ee9931c4b1b3ee00c4947d93b5b3e377ea35386796204e52dd1de9be216ec9964c96ee1ade5b022c83d91a997f8e52f424bd5c0cb3de553b6af70fee360ec3409bf79d61caee647be47bcae"}, @generic={0x5, 0x22, 'ml\v'}]}}, {{0x9, 0x5, 0x4, 0x2, 0x3ff, 0x8, 0x1, 0x1}}, {{0x9, 0x5, 0x2, 0x0, 0x8, 0x40, 0xbb, 0xfb, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xf9, 0x9}]}}, {{0x9, 0x5, 0x80, 0x10, 0x200, 0x4, 0x81, 0x80, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x9}]}}, {{0x9, 0x5, 0x7, 0x0, 0x3ff, 0x80, 0x9, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x1, 0x6}]}}, {{0x9, 0x5, 0xa, 0x4, 0x400, 0x8, 0x5, 0x0, [@generic={0x34, 0xc, "63ea4e14ab778671f5cb59a70e49f7838454a0d39354c1b4c452fcddac7e951906c4e25469583525f215ccb21272426fa7dc"}, @generic={0x33, 0x0, "51ceba0d3b00b6ccf23e0fd73193ab41f891135c03976a40d121c6da118404d2d96e3ac3ef0a639cef70482305dae60c93"}]}}, {{0x9, 0x5, 0x8, 0x0, 0x40, 0x10, 0x4, 0x6, [@generic={0x1e, 0x3c, "8734a6ec7ad731d4e1389e93dde47ea8327acc83af3223e357e90532"}, @generic={0x36, 0x30, "a04182735fabde59da64fc2ad7d94c2c51bfb583d7ee3db0797f2f620318100b323c8527469cdfbd76795bd29215f548e23fe5f7"}]}}, {{0x9, 0x5, 0x6, 0x2c, 0x40, 0x4, 0xe9, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x5, 0xfff9}]}}]}}]}}]}}, &(0x7f0000001480)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x100, 0x7, 0x5, 0x8, 0x40, 0x2}, 0xf, &(0x7f0000000280)={0x5, 0xf, 0xf, 0x1, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0xce, 0x9, 0x3}]}, 0x4, [{0x59, &(0x7f0000000340)=@string={0x59, 0x3, "0fafd37f4c6b646bf9559fa116644bb2ff26b2f5c746413ba2b1f7721d7f7983f2b37e98a568b1ef4bfc176ded89fd6f241b4e8e56529433074790eab9515866a5549c0a36ca16ba5155c6e4635bde5fd0d82f8604ab64"}}, {0x8b, &(0x7f00000013c0)=@string={0x8b, 0x3, "58629fa7f7008965e8b58722b5220d597ca7d9c5e0db185aa19408df8787d6aa7ca6a9cf088ff3946de1eaea51463b22b25dabea4312b79fdceefc51f7330120040a0c9c3628c45dddd9afd32a34f848496063e3e986b719b06a44c5095b0512b88c129748b024c92dc41f0799406eb5b9a4517607dba2df7f8eae515f54bfa63751e66546e77e1efd"}}, {0xd, &(0x7f00000002c0)=@string={0xd, 0x3, "bfb34b2212f46e5db6ccb9"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x44e}}]})
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000300)=0x40)
quotactl_fd$Q_GETNEXTQUOTA(r4, 0xffffffff80000900, 0xffffffffffffffff, &(0x7f0000000180))
socket(0x1a, 0x4, 0x5)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="a95c55bcc7cb4a9362a5ce533229c8ee", 0x20)

2m7.220634123s ago: executing program 0 (id=1286):
syz_emit_ethernet(0x86, &(0x7f00000001c0)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@noop]}}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x61, 0x0, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x2f, 0x9, @dev={0xac, 0x14, 0x14, 0x10}, @remote, {[@timestamp_addr={0x44, 0x44, 0x0, 0x1, 0x0, [{@rand_addr=0x86dd}, {@remote, 0xfffffffd}, {@dev={0xac, 0x14, 0x14, 0xa}}, {@rand_addr, 0x8}, {@empty}, {@loopback}, {@local, 0x4}, {@multicast1}]}]}}}}}}}, 0x0)

2m7.220080885s ago: executing program 0 (id=1287):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000200)={'nat\x00', 0x0, 0x0, 0x0, [0x3, 0x8, 0x9bc6, 0x8, 0x4, 0x9], 0x1c, 0x0, 0x0, [{}]}, 0x88)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x18, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x7c}}, 0x20000001)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x14, &(0x7f0000000340)=ANY=[], 0x0, 0x7fff, 0x0, 0x0, 0x41000, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000180)={0x4, 0x10, 0xfffff469}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3fe}, 0x94)
listen(0xffffffffffffffff, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
connect$pppl2tp(r2, 0x0, 0x0)
syz_emit_ethernet(0x4a, 0x0, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x8)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x24082}, 0xa800)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r3, &(0x7f0000000080), 0x12)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000700)={'bond0\x00'})

2m7.2198072s ago: executing program 0 (id=1288):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0)

2m7.150246425s ago: executing program 0 (id=1289):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'pcmmio\x00', [0x4f27, 0x1f, 0x10000, 0x4, 0x20000003, 0xcc7, 0x4, 0x80008, 0xe, 0x6, 0x2, 0x1, 0x7, 0x1, 0x6, 0x10000105, 0x0, 0x1a44d, 0x3, 0x3fff7fff, 0x89, 0x10, 0x1, 0x20001e58, 0x80000b, 0xe69, 0x3c, 0x8, 0x6, 0xffffffff, 0xeffffff8]})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d2, &(0x7f0000000000))
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x3}, 0x8)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfb, 0x4000000}, 0xc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x14, 0x350f96aef3271010, 0x14})
ioctl$SNDCTL_SEQ_RESETSAMPLES(r5, 0x40045109, 0xfffffffffffffffc)
getsockopt$netlink(r4, 0x10e, 0x9, &(0x7f0000001100)=""/4096, &(0x7f0000000040)=0x1000)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r5)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000300)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_HARDIF(r3, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, r6, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000080}, 0x80)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000080)={0x8})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@dellinkprop={0x30, 0x6d, 0x2, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, 0x2, 0x10000}, [@IFLA_OPERSTATE={0x5}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0xe683}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r9 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_LOG_STATUS(r9, 0x5646, 0x0)

2m7.010365605s ago: executing program 0 (id=1292):
socket$kcm(0x2, 0xa, 0x2)
socket$kcm(0x2, 0xa, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000000140)=""/197, 0xc5}], 0x1, 0x70, 0x300)

1m51.810745254s ago: executing program 32 (id=1292):
socket$kcm(0x2, 0xa, 0x2)
socket$kcm(0x2, 0xa, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000000140)=""/197, 0xc5}], 0x1, 0x70, 0x300)

1m20.409968267s ago: executing program 3 (id=1821):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYRES8=0x0], &(0x7f0000000340)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
execve(&(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000002c0)={[&(0x7f0000000200)=',-\\\x00']})
futex(&(0x7f0000000180), 0x5, 0x0, 0x0, &(0x7f0000004000)=0x10, 0x24000002)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = fanotify_init(0x200, 0x0)
r3 = dup(r1)
fanotify_mark(r2, 0x1, 0x48001059, r3, 0x0)
write$binfmt_script(r3, &(0x7f0000000680)={'#! ', './file0', [{0x20, 'syzkaller\x00'}, {0x20, '@+\xbaP\x8b!\x06\xc1\'\x04d\xfc\xe0\xa3\x93\xc0lw\f\x95\xf0\x1e%G\xef\xf0\xc4\xb8\xf63\xb5\x80A\x8c\xad\x0e!\xc2\x1c\x1c\xce\v\xd0\v\f\xf5\x84\xd6b|\xa7\xdc\x8c\xaf.#\xe8\x97\x1eH^\xe0\xbc\xfc\x84+\x17\xf8\xe7\xf2\x8dS\xeb\xf0\xf2f\x90\x1c@\xadn?\v\xacb\xc3%)\xab\x84Y\xa1E_\x16\xa2\xa4G\xdcR\xb6\x88\xcc\xdc\xb5\x93l\x91s\xdbG#\xe5\xb3\xa5\xdc%\vJ8\xb6\x03G\x1f.h\xab\xca\xfa}M\x8cx\xfcx\xab\xfca\xe6]\xf2Iw*a\xc3aM\x83\xa3\xba;!\x0f\xeedwP\xb7a\xc1p\xd6\x05P%\x1e\xa1\x8cNX\x17\xd0)\x82{\x87\xe1\xf3eH\x155\xc8&y\xf7\x10\xc8\xb2#EW\x9a\xda$u\x84\xd8\xa5\x1e2\x1f\xb1\t\xe8\xb4\x01\xd6\xc9\x80\x00\x13\xee\xb5f/\xb1<\xdayq,/U/\x83\x0e\xb7\xca\xc7\xefu\x91\xe5\x0e\x82n\xb6Kx-\x8f\xbdZ\f\xdb\x7fD6\xec\t\\\x12^\xb0\xfc\xe2\xad[\xdb#\x86,\x94%=\xfe\xd4~\xc1\x9e\xe7\xca\xc5\xf1x\xb2\x15\xdb\x035&+Dv0x#v\x84w\xbeV\x14\r\x12\x9f\xad\x9a:5\xde<Gs\xf8\x0e\x1f\xe9G\xcc\xf4\x88\xca[6\xcdro\x01\x18b? \xa2\xd1\x9a\x1e\x8dl\xaa\xc7\xcc)\x8b\xac\xa6\xfe\xe6 Z\x1c\xa2\xe2\x8e\x7fD\xa8\x00'/361}, {0x20, '{-]\'/'}, {0x20, 'mmap_loco_abquire_returned\x00'}, {0x20, '!,#\x06|!(>\xebOY\x9b\x82\x83Q0\xd0\x88\xf8\xa9\xb6'}, {0x20, '\xc2\xa6\xaax\x87\a\xf4\n\x9cPm%\x81xZ\xe7\x12h\x92\xe1Y\x90\xa6\x7fz\xe4>_\x8c\xc4\xa0\xdb\xdf\xe6\xdc\xd8`c\x97\x154S\x84~\x96|N\x17\xafc\x05\xef\x1f\xc0\x93\xa6\xce\xed\xcb\x0eN\xf7\xe1\xb8\xe7\f\xf1z\xf1\x13DbU\x14{\x1b\xa2\x12@p\x1e#.~\xf9\xef\xfbd\xbe\xc0\x97g\x93\x9f\xc4-\xd0$\x0e\xcf\xa49\xed\xd9\x86\xcf'}], 0xa, "58d4b53556cdf089fb207000033f3aa1977dfaa9adf94ea0206f396bac9b"}, 0x241)

1m20.409722037s ago: executing program 3 (id=1822):
socket$netlink(0x10, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000), 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x2000c851, 0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="00220f0000000b2e2b5aa40bf85edaca83"], 0x0}, 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f00000006c0)={0x84, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCSFLAG(r3, 0x4004480f, &(0x7f0000000000)=0x3)
syz_emit_ethernet(0x5e, &(0x7f0000000280)={@local, @random="cce390677742", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0cbb45", 0x28, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], @ndisc_redir={0x2, 0x0, 0x0, '\x00', @empty, @private1}}}}}}, 0x0)
ioctl$HIDIOCGUSAGE(r3, 0xc018480b, 0x0)
readv(r3, &(0x7f0000000180)=[{&(0x7f0000000140)=""/49, 0x31}], 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r4, 0x4004743a, &(0x7f0000000300))
write(r0, &(0x7f0000000380)="3ace", 0x2)

1m17.280461179s ago: executing program 3 (id=1849):
socket$kcm(0x10, 0x400000002, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'pim6reg1\x00', @link_local})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @bcast, @bpq0, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
pwrite64(0xffffffffffffffff, &(0x7f0000022c40)="ac", 0x1, 0x8004c60)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x28, 0x0, 0x10, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x25}, @void, @val={0xc, 0x99, {0x9, 0x3}}}}, [""]}, 0x28}}, 0x40000)
accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000440))
connect$rose(r1, &(0x7f0000000200)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}}, 0x1c)
connect$rose(r1, &(0x7f0000000180)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x40)

1m16.430445887s ago: executing program 3 (id=1866):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_TUNER(r1, 0x4054561e, &(0x7f00000000c0)={0x5, "8dd0bdd37d33e83cccdb253ebab7c8dc9687983ba5298e04b9ef8e177c23dc3f", 0x3, 0x8, 0x6, 0xfffffffb, 0x8, 0x0, 0x2, 0xf38})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000)=0xa0, 0x4)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r3, 0x40086602, &(0x7f0000000000))
symlinkat(&(0x7f0000000200)='./file0/file0\x00', r3, &(0x7f0000000240)='./file0\x00')
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000000), 0x65)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a20000000000a03000000000000000000070000000900010073797a3000000000a0000000030a01010000000000000000030000080900010073797a3000000000080007006e6174004c0008800c00014000000000000010000c00014000000000400000008afe024000000000000000060c00014000000000000000090c00014000000000000000800c000240000000000c13f16108000b40fffffffe080005400000000008000a400000000408000540fffffffc090001007379090000000000140000001000010000000000000000000500000a"], 0xe8}}, 0x0)

1m16.430079395s ago: executing program 3 (id=1867):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00'})
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r2, r3, 0x4, r0}, 0x6)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r6, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r7, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
connect$rose(r7, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

1m16.160208785s ago: executing program 3 (id=1868):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x50, 0x2, 0x6, 0x3, 0x0, 0x2000000, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x50}}, 0x0)

1m16.100783153s ago: executing program 33 (id=1868):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x50, 0x2, 0x6, 0x3, 0x0, 0x2000000, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x50}}, 0x0)

3.889346304s ago: executing program 2 (id=2195):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a"], 0x7c}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000180)="f7790066baa00066b86b42460f22c7d466ba420000b8e20066ef0f29902cbb0000c4e2b1ba8c88d90000006666f6440f386b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x4b}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x38, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x4d, 0x3, 0x7, 0x0, 0xf84, 0x8, 0x0, 0xe3, 0x5, 0x0, 0x5, 0x3, 0x0, 0x0, 0x4, 0x8, 0x0, 0x7e, 0x0, '\x00', 0x5, 0x6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r3, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
connect$rose(r3, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)

3.609588938s ago: executing program 4 (id=2199):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x30}}, 0x0)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405668, &(0x7f00000001c0)={0x1, 0x0, 0x2})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414910800060003"], 0x30}}, 0x0) (fail_nth: 9)

2.889830224s ago: executing program 2 (id=2203):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@newtaction={0x64, 0x30, 0x1, 0x70bd29, 0x0, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x800, 0x0, 0x6, 0x2, 0x81}, 0x1}}]}, {0x4, 0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x64}}, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000040))
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x141341)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000000000020ac050f0222000182830109022400010100000009040000020301020009210005000122000009058103", @ANYRES8], 0x0)
syz_usb_disconnect(r3)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12015002000000086a05f400400001025ccd6993"], 0x0)
ioctl$EVIOCRMFF(r2, 0x4004550f, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x71, &(0x7f0000001c00)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x63, 0x2, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x4f, 0x0, @wg=@data={0x4, 0x7407, 0xfffffffffffffffd, "9c67524ed6ed152d4f775bbc411126513b67aa2818e6f3aeb55bee6ae1049f195705bc8bd9b1085cd41af77353267df8a1d4cecdb01908"}}}}}}, 0x0)
readv(r4, &(0x7f0000000600)=[{0x0, 0xea}, {&(0x7f0000002c40)=""/4096, 0x1000}], 0x2)
ioctl$USBDEVFS_BULK(r1, 0xc0185502, &(0x7f0000000140)={{{0x1, 0x1}}, 0x0, 0x2, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x4000000000000)
ioctl$FS_IOC_GETVERSION(r5, 0xc0145b0e, &(0x7f0000000040))

2.739664603s ago: executing program 4 (id=2204):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00'})
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r3, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r4, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
connect$rose(r4, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

1.890028813s ago: executing program 4 (id=2206):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r0, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
connect$rose(r0, &(0x7f0000000000)=@full={0x13, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x4, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x40)

1.889708259s ago: executing program 4 (id=2207):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xa, 0x9}, {}, {0xc, 0x8}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x60000080}, 0x40000d0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0xf2ff000000000000, 0x0, 0x1}, 0x40044)

1.759824704s ago: executing program 4 (id=2208):
r0 = syz_usb_connect(0x0, 0xe27, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x7b, 0x93, 0x4f, 0x40, 0x733, 0x1311, 0x29c6, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xe15, 0x2, 0x2, 0x0, 0x20, 0xbf, [{{0x9, 0x4, 0x43, 0x9, 0xe, 0xbb, 0xb9, 0x84, 0x0, [@uac_as={[@format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x85, 0x1, 0x7, 0x3, "d6"}, @as_header={0x7, 0x24, 0x1, 0x3, 0xf, 0x5}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x28, 0x162, 0x10}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x38, 0x400, 0x5}]}], [{{0x9, 0x5, 0xf, 0x1, 0x10, 0x1, 0x6a, 0xa, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x4, 0x4}, @generic={0xed, 0x21, "8ec8263d58ad39c4e1ea39016138849591c135d7b8b3feab309c99a75d90bae1a431d6138e0a150b3ac149e8f3efda8af5666654739ff145e247d6030adc55d68392c9f7067937312aae33e35e216b532f471fef0e250475125efb97ea5c3dc6d7a69be331ddad43adba18189f24f9cd5de1ade3abe143d24b6da96092052cd2ec77f8c1c6a6329a617a3b9e794bea1a9511a9c4fa1abc22d2452b51fa336021f292ebdc63f6c5ad3b543ee6bed4f5873a87ec438be84ece1f60d27a2ada58da839fcff4399aaaf63a04cf7660f7a4b0aae2647a9dee6071558d543941f205a83c981d457a46bbfce2fef8"}]}}, {{0x9, 0x5, 0x6, 0xc, 0x20, 0x0, 0x1, 0x3, [@generic={0xc3, 0xe, "16471f8ff421702cf7fec71b58e33489d84e6f19fdc1b335aa7e02cb62e6fd7aa86b106bd458b3ebb2c80f535ef3dd6f2700049a2a3942845e80d5489e31fd32fabfd78cf8af840d421c147cdd36a7693c4693f811618941060280d4e8bb41e29bc0f20fc7ff3f4dd45977cd90893f06d27bdce6f498406f3453eb799fe75a3ed0ca90f69d71cdbc94bf74b75963b3f3d525f208460d0d862d9a0371d1a06f8ccbde80a773dc97d1b91b72e4124277b9988d0b03c6d3f4050f9c13d46f78002389"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0xc7, 0x4}]}}, {{0x9, 0x5, 0x8, 0x4, 0x200, 0x8, 0x0, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x9, 0xd9f}]}}, {{0x9, 0x5, 0xe, 0x10, 0x40, 0x10, 0x7, 0x7, [@generic={0x2a, 0xe, "22679c1c3d740baaaf2bd4f1386f9419ab8f813a63424ac78d57bb449fec1366551fedddba7ce0f6"}, @uac_iso={0x7, 0x25, 0x1, 0x1}]}}, {{0x9, 0x5, 0xa, 0x8, 0x20, 0x4, 0x7, 0x80, [@generic={0x36, 0x1, "eb641b25a113896668d436ccf19f658c4611154178215065fd1cab320f15d0cd375ae808a4584e0ebfc9ae675e1f9f2b5b17dd91"}, @generic={0xb4, 0xe, "18d99228b6a9d4150dcca5b5d8237ab5151752cb8fbeb99a822ee3004292ef6dd5845e001f13469a8b6a36ab9e18a17b03da6e17b220662368b129e4ce4872d5bba382d6796d2c494e663501ddc86b389cb31712616f1b8eb1ba2a7ed5b6112030faa94dd04ecbc955f395cf4f4158cd7ebcf9c2f4a32e41d6a98905e64411e2de4082365327bddbe0ea6cd50477606fdd7ad28cbf7b0887c64be5dc819738da9ba0105611dadae56c7de3c0f7d010976efb"}]}}, {{0x9, 0x5, 0xe, 0x8, 0x200, 0xfa, 0x2, 0x2, [@generic={0x5e, 0x22, "0e73abf04b49ced60cf58358a8398a83d9a7031e2b06f8d111b0d31ada186c588e5b93222535eea9de322e92ba784f0125e4ebf2d2cd0e479c57a95db8ad4745e2c961642a907cdd6808ed77bd9804c7a8095b7d03b46490dd62503c"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x6}]}}, {{0x9, 0x5, 0x3, 0x4, 0x20, 0xb, 0x0, 0x8, [@generic={0x48, 0xf, "9ba0d8ee599c0acd013476064d7dc07992ee901e9cdfd22903575b2d3b3ada6114defca62fd8461c3e0638439d26f93792fd6bc8481455c029971373f841f66bb6e542118800"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x10, 0x7f}]}}, {{0x9, 0x5, 0x80, 0x10, 0x400, 0x1, 0x7, 0xb, [@generic={0xb2, 0x23, "34b02328bc715a0a6b5bb37d86d7c4c81c1228db988bc5aaeed9f3118ba08e84320172ceffcc37adaeb6002e55caf509247a1e2ef0dee86ac4c4b48d8d198432c8374a59e1d91695e1fa0b8caf3c23573e099b04568c9a5cf1b654143557e4d0c46707e404922b8e03cd12e5e194ccb7fb63e6e879f185cbb35a96842d8a6a35c9e3fed9aee7737ac4d3b56b1ad5f20a28ebd72cb254b3874e09b7f84cca30e8dfbdb0da810b46f4950d48fa067271e0"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x400, 0x18, 0x1, 0x7, [@generic={0xfc, 0xa, "dc3471caba871517ad7eb4f3cb2ffc95d53185f0d4aaf89f4704df1cda088e8e064e40e1cd0596c8afc0081c4c851e6ba81f0fb35f4e9fdb93d9dc74e67540bba7ea33604f9530f21bba4a7c3112b6452324c8965489390dd880c2a04c2c18256580999045215aa74b7724a002ffa7d3c6677a62c111c8e3e09485eb95e29b5225714e32a4f1741d30c19ee601896c9c557ca58dbf40dda927e1439e81286dc4c0914bd80e5865323d755d7235c0e9dba3807db82dd40fd79a38921a479719207fa13409a4d6e824d2ef45b9e5c79be6fae19a8fcbf40fcfaf9b04b505c60c176ef103426e52a1cb6211a85682fba9f943844a9e710f45d96f92"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x4f, 0xf1a}]}}, {{0x9, 0x5, 0x3, 0x0, 0x3ff, 0x92, 0x0, 0x7, [@generic={0xbb, 0x21, "60c233015e42f1d551eb3098b3555fc7125a30a9083a5cd1fe30ce11ec615c6b942ca738f78f94c00e381888231dcbc78c847d515c4e73eb5ebf875341324f82778d2809ae1796eb08935b4c1edcadd1afbd0bfe204605c30e97cb599dffa4f1a40785660213b24834e1414f7c9834ef35c770c7d1829b3cc38cc9f987c4599387076a6696afde17cb8269e87cf2899c65b3bcc4e37ee2720159b7c9ea9fe274d40f129df8ef629f3c867bf78082492405067fd5796ccef11b"}]}}, {{0x9, 0x5, 0x5, 0x0, 0x400, 0xf8, 0x10, 0x5, [@generic={0xea, 0x24, "6e2fd25920da5db443a965393994ceec556b937e18cd4ad663c13d18f128ce81dfd922a66b908d34f65ba009f6d6f449862dda01f79815491ac030a1ee06339550380670fa889901780ae948207368f3246af19428ed321bbd13cc6ca0575aebdd7a3a9ea05459d7fafe4380aa748fcd833f0a1846ba9abdb841ab8c31f2746001acae42f81beecef1c0acee84b679b959d66dfc7795d8b6a60c70f868bcf3e9a801bc5d1c0e1ae16ca40aaca76d663d83a57f46e42bf944d66931ea9e52a77ed108e4508b5bba5fbc123672f51426648bb71be1143b375e2b710648a500fde6318e8367d92ceaab"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0xe, 0xfffc}]}}, {{0x9, 0x5, 0xd, 0x2, 0x40, 0x0, 0x4, 0x2, [@generic={0x86, 0x3, "861feca1c6d3e56e7424777b225d6d45dca0d20d66eee0f7ae77a0cf6a43cd0b9f095fe01397a07eff9c37b455a5597fa5154b1ae71295384f19f805983dca49f008fa52639215e9e42a9a0c6aec512896771f985bc0768108b781a3d42a3bb0fa10fa84ca9cdb363a2cd131ffdd7c53e47c4a3986ec54277b460d79670e85859bb3a47d"}, @generic={0x91, 0x1, "06c044b15d416964e33232b65685fc298b39da920207a61586273de9be98ac42df9fb0a9295b5f50601abbd9f828d8adbf985d3191d46b4d6138760f76839823f51a4c6060f1443ef5a96671ffc4fe538d087cd8682a74fe08f4be5df7c3ef43bc77de32bfcc262c7408b793809da43f1ff08c63696d199089f9c43f67ab29cd1fc57b2907c283734ebcb145c15a06"}]}}, {{0x9, 0x5, 0x9, 0x10, 0x3df, 0x9, 0xb, 0x5, [@generic={0xc, 0x24, "843eb76509732e1057e1"}]}}, {{0x9, 0x5, 0xe, 0x0, 0x8, 0xb, 0xa, 0x69, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x1}]}}]}}, {{0x9, 0x4, 0x8a, 0xb4, 0xf, 0xbf, 0xdf, 0xe7, 0x5, [@uac_as={[@format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x6, 0x4, 0x9, 0xf9, "cb97f74d1ffd"}, @format_type_ii_discrete={0x11, 0x24, 0x2, 0x2, 0x9, 0x8ad, 0x3, "03602b9adf52375b"}]}], [{{0x9, 0x5, 0x0, 0x3, 0x3e0547476b17d23b, 0x8, 0x0, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xa7, 0xf}]}}, {{0x9, 0x5, 0x8, 0x1, 0x10, 0x2, 0x0, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x80, 0x5}, @generic={0x91, 0x22, "28ba876b0f5b24df7478f297b10448dd4b39ea0e8a84e33f33c22fd8ddb68068318e75eaf8622fe12bd09b55338287d8d46a185b65c51720a8f14ae2c2dd25233d5255eb8a7fa183d2af91ee7d193800dc67b8075de2887403b53545267bb209d44a5f88156f3ebb53cd61cef7102acd97281ee5e55ec7c7dd676f547aa527448a849d48935b2e5099376c757c47e2"}]}}, {{0x9, 0x5, 0x9, 0x2, 0x3ff, 0x5, 0x6, 0x7, [@generic={0x9a, 0x23, "401b7c58a759d465d3dcad66f0af79c286056ddc52aab1b87497d8b52c954d6fea531ec0f6f49293e8f5b832969c0714fbc20de11549d571d2d29ce7ff9858f025ced6ca248a634faa9499b8abc8e2f7547b5b0b6cf451c2c1ab2c9ecac5a5be3030711becadff63fe640556001f1dd96745fe297535aeb05ff83d58df9f39f3b7ee40baac526939d082371fecdcc823ed34566d09aeda3d"}]}}, {{0x9, 0x5, 0x0, 0x2, 0x40, 0xf, 0x98, 0x3, [@generic={0xcd, 0x31, "9d407b78b1ea63244383c17fa505fcdf6c5b379c7544b389431abed0e2f9f70f7fb362d83888090f7063633c3653a21a1a058a23d896e5f213f96218650e4c3aef4714264a45d8bbbd0ecbd84c4ea4f9239ecb611099765c4293b06f6184985e9c3a71440ba8962fa34d24e36c6d39f29012a87541aea505ab3cdd177fd254633fe476756f50250af76141f5413ac71faaa261d107227e82408a58c8c027470e6d0fe18948eacdaf678be94fde21182f3dd5d2d65cbf0069cdf2c8b8a77038e5c466c3126600e697e46c91"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x20, 0xe8, 0x5, 0xe, [@generic={0x86, 0x10, "c3cb9365ff81fc1926ca13b5be676b0b3e67f2d885ae3cf3e982595519fb0e3bc6006f5da48286b958c50b9a54101e584531725845678f954b203fe10d354ee299fe54e5abe71af78c8a9b64199e0caa77fc8eff278ecc2b198eab6cedb06ed4505e86d07918a7a6b2ce399870746d89de8265933f7709cbd7e8baf5fae521e1f1f769c2"}]}}, {{0x9, 0x5, 0x8, 0xc, 0x8, 0xb, 0x9, 0xe1, [@uac_iso={0x7, 0x25, 0x1, 0xeec6dda79b2b8e52, 0x42, 0x5}]}}, {{0x9, 0x5, 0xf, 0x3, 0x8, 0x3, 0x7f, 0xef, [@generic={0x5b, 0x0, "7732ff6afaddb36a7d19fa0d3c35e5389dcd967dc482f52e38db399083f81a8af0686f9e6fdc7cca1ca6147b204a74bab92db47ba90dca6666577870caf7646486531a45e8ed1c036594817415a2387eec94d388bc4c0d083c"}]}}, {{0x9, 0x5, 0x0, 0x14, 0x10, 0x8, 0x10, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x0, 0x3}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x8, 0x4e9}]}}, {{0x9, 0x5, 0x9, 0x10, 0x400, 0x97, 0xf7, 0x30, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x3, 0x2}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x6, 0x7}]}}, {{0x9, 0x5, 0x2, 0x0, 0x40, 0xfa, 0x3, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0xf, 0x7}]}}, {{0x9, 0x5, 0x8, 0x3, 0x28, 0xb, 0x2, 0x3, [@generic={0x3a, 0x8, "45867ba31e15d10065581caf1e1c42e890895f00ddea8f328b5cddef2231ec5aeaa71b3d0b0ddb18a0c3626fd2baab89e58589dfeb4683ab"}]}}, {{0x9, 0x5, 0x3, 0x0, 0x40, 0xe, 0x40, 0x5, [@generic={0x56, 0x21, "c49a0a586e634367884c6d2576c6d23ed38e9fe9387b8965dede0f0a734004b4040bd6449893da36710af08c8058001fe613ccc6ae1db0982639007104dd06a464345b2426a4ff69e617fa3317594ac0c91428c8"}]}}, {{0x9, 0x5, 0x1, 0x4, 0x1ff, 0x81, 0x6, 0xfb, [@generic={0xae, 0x23, "6273dc14e6f461066eea7d7f21f6e2b5f498e939a077900248f6c5461d92f704b96dbbbbd696b007782e97cebe3fbfb2fbdb6fe338377a6bb440ebac4ec5e84d4ae8fa56d26b89a4e9f0455a2da168d9a70bc845687b351bd6f639c256c1ad8ec9d62a331c54dceaed653e60c893c436be95e4a2046b4e215216dc090cd8aa699651dc625f752e57a273e63cc93d64972a5548278e1709e987687bda769b9f0df4bbfc25ae294727a8e646a1"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x7f, 0x1}]}}, {{0x9, 0x5, 0xc, 0x10, 0x250, 0x2, 0x6, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x40, 0xcf91}]}}, {{0x9, 0x5, 0x3, 0x0, 0x200, 0x0, 0xc, 0xdb, [@generic={0x38, 0xe, "6fbac9986c55bbe20076f7d51a84c1caa50a98cb78f135f6a43df621382294d06c9e80947e3c6de46a5d4016f2602149dc715e7a587e"}]}}]}}]}}]}}, &(0x7f0000001080)={0xa, &(0x7f0000000e40)={0xa, 0x6, 0x250, 0x6, 0x1, 0x7f, 0x9f, 0x8}, 0x3b, &(0x7f0000000e80)={0x5, 0xf, 0x3b, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x4, 0x1, 0xe9, 0x556}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x0, 0x2, 0xb10}, @ssp_cap={0x10, 0x10, 0xa, 0xe, 0x1, 0xffff, 0xff11, 0x8, [0xff3f00]}, @wireless={0xb, 0x10, 0x1, 0xc, 0x20, 0x26, 0xfd, 0x40, 0x5}, @ext_cap={0x7, 0x10, 0x2, 0x8, 0x7, 0xe, 0x5}]}, 0x2, [{0xff, &(0x7f0000000ec0)=@string={0xff, 0x3, "e659fba9dbff8f456a2d18e7acb16d533b658eba75432f044ac40487ba35f5cd702d6023863485582602492c1a51ee2f6bf3c2e68977c303791ffcfa8bf81661f69b322a1336a358b33f42820a66307c8dbe1e7ae730b93000c25f82a1aa1e4751083c2e589b5628c7c6e40ae383d9e71ea08c524f32853c9386978e19ea64b8274affc91505c37ed78b0b777224acae60c22c8fcd4c71e9541a94a93584a0aca266ace2f9c3bf91316e5f41447c298ec81cda8aa082f8ed980fc155b4795bde08ecf91334b61b5d24d0297c39b90b078cf6832b20e37c2cf6bd691b323823bfcb867be2d674aaf9c025e6a2c493ea7a8056b30548df25fd9987e9a477"}}, {0x8e, &(0x7f0000000fc0)=@string={0x8e, 0x3, "d282ece2f5aa095dde8138fdd6b09d81905528152996963eede6658253fce9155e158bb017c48b86e7dccdd0c63139a00785bdb9cd325c169fe086d3a4cf2ef4d6c314ed35b77d7333e99467e0b3f9616d93084498f76dfdbed70dfafb9b2721cab540b309c4899c9f43f300de1703b1af485320b8bc9f0439255f6262e8557a6d5b46d693f9a95e1f2e576e"}}]})
syz_usb_control_io$hid(r0, &(0x7f0000001280)={0x24, &(0x7f00000010c0)={0x0, 0xf, 0xdf, {0xdf, 0xa, "80dc954f2fa795738c3d0d75d64c47bad2f398fcf07673fdbda0111ec6c64eb0dbb5dc0a447c18dfc0f04187a74f1f7f54c7f4f8f2fe07241017bfe1eeb2b9c22bbf3588055ea5a06c6b56cb5fa4d5f1020232a5c906c799249d0544b4a20c345e6ec455f3f1621ede684c7d46da9641f0347e9127a19a94e4b4ae1c5a9f06f9ab3329618b57f17c0aa4dbd5d30e4220ec644268dc82d9d19e31c84e07bfe166688cc93f996a5069c7f35a3bf2dbd8d254171c8d9bdd4d613d3910f04a6720539a535c166e08d3de629b15a584bf684ed78caf852a83e20e0e4ea126fd"}}, &(0x7f00000011c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x100c}}, &(0x7f0000001200)={0x0, 0x22, 0xb, {[@main=@item_012={0x0, 0x0, 0xa}, @main=@item_012={0x1, 0x0, 0x8, "96"}, @local=@item_4={0x3, 0x2, 0x5, "e6dc91c6"}, @global=@item_012={0x2, 0x1, 0x3, "6ce2"}]}}, &(0x7f0000001240)={0x0, 0x21, 0x9, {0x9, 0x21, 0xa176, 0x2, 0x1, {0x22, 0x2a}}}}, &(0x7f0000001440)={0x2c, &(0x7f00000012c0)={0x20, 0x10, 0x6c, "86fc9c233653135f6823eeecc55652cf8ff487ffff01e444829468af149e8dc659ca93fc468830cc9afc7a494ff675ea50b6ed2aa232c0367549dd2d91c5ddbcf7b9b5dd2b5614ab0d85a2b654816ed31e73c70ef6070c3101ec72e0243e512dd391c4176a139ba95ce6be3f"}, &(0x7f0000001340)={0x0, 0xa, 0x1, 0xf}, &(0x7f0000001380)={0x0, 0x8, 0x1}, &(0x7f00000013c0)={0x20, 0x1, 0x26, "086f918757bf1bba48ed2117bed42aa8852c979e6a1c4f817b28d7bb516436a13b3542476e94"}, &(0x7f0000001400)={0x20, 0x3, 0x1, 0x3}})
r1 = syz_open_dev$hiddev(&(0x7f0000001480), 0xfffffffffffffff7, 0x4180)
ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f00000014c0)={0x2, 0x1, 0x8}) (async)
io_setup(0x1, &(0x7f0000001500))
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000001540), 0x82002, 0x0)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x8008551d, &(0x7f0000001580)={0xad20, 0xd, [{0x9}, {0x0, 0x1}, {0x8}, {0xa, 0x1}, {0x3, 0x1}, {0x1}, {0x3}, {0xb}, {0x3d}, {0x2, 0x1}, {0xa}, {0xc, 0x1}, {0x3, 0x1}]}) (async)
ioctl$HIDIOCSFLAG(r2, 0x4004480f, &(0x7f00000015c0)=0x2)
ioctl$NBD_SET_SIZE_BLOCKS(r2, 0xab07, 0x3) (async)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000001600)={<r3=>0x0, @in={{0x2, 0x4e24, @empty}}, 0xfffffffe, 0x4, 0x2, 0x8f3, 0x2cb}, &(0x7f00000016c0)=0x98)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000001700)={r3, 0x65}, &(0x7f0000001740)=0x8) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3, 0x80010, r2, 0x0)
r4 = syz_open_dev$hiddev(&(0x7f0000001780), 0x7, 0x80200)
ioctl$HIDIOCGUSAGE(r4, 0xc018480b, &(0x7f00000017c0)={0x2, 0x3, 0xffff, 0x400, 0xbb52, 0xf36a}) (async)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000001800)=0x80000000)
ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000001840)={@private1, 0x27}) (async)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001880)={0x1b, 0x0, 0x0, 0xd, 0x0, r2, 0x8, '\x00', 0x0, r2, 0x0, 0x3, 0x4}, 0x50)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r5, 0x80286722, &(0x7f0000001940)={&(0x7f0000001900)=""/11, 0xb, 0x7, 0x9}) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001980)) (async)
read$FUSE(r2, &(0x7f00000019c0)={0x2020}, 0x2020) (async)
pipe2$9p(&(0x7f0000003a00)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x184800)
write$P9_RVERSION(r6, &(0x7f0000003a40)={0x13, 0x65, 0xffff, 0x0, 0x6, '9P2000'}, 0x13) (async)
execveat(r2, &(0x7f0000003a80)='./file0\x00', &(0x7f0000003c00)={[&(0x7f0000003ac0)='\x00', &(0x7f0000003b00)='\x00', &(0x7f0000003b40)='\'!\x00', &(0x7f0000003b80)='[$\x00', &(0x7f0000003bc0)='/dev/usb/hiddev#\x00']}, &(0x7f0000003e40)={[&(0x7f0000003c40)='\x00', &(0x7f0000003c80)='(*&\x00', &(0x7f0000003cc0)='\x00', &(0x7f0000003d00)='/dev/ubi_ctrl\x00', &(0x7f0000003d40)='!*\x00', &(0x7f0000003d80)='\x00', &(0x7f0000003dc0)='\x00', &(0x7f0000003e00)='/dev/ubi_ctrl\x00']}, 0x1000) (async)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000003ec0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, r2, 0x4, 0x0, 0x2}, 0x50)
dup3(r7, r2, 0x0) (async)
getsockopt$inet6_buf(r2, 0x29, 0x14, &(0x7f0000003f40)=""/161, &(0x7f0000004000)=0xa1)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004080), r2) (async)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000040c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r2, &(0x7f0000004180)={&(0x7f0000004040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000004140)={&(0x7f0000004100)={0x34, r8, 0x400, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="1578117bd78a"}, @NL80211_ATTR_MAC={0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x80) (async)
ioctl$CDROM_GET_MCN(0xffffffffffffffff, 0x5311, &(0x7f00000041c0))

1.208769989s ago: executing program 1 (id=2213):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000049c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a4693989c36ffffffffffffd0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1530f8d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c11090000000000000000b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c8565117fcb8ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17911540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc240000000000127535a468702cac97b6b82a6e65d4cf1200"/2702], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f088a847e0ffff00124000632f77fbac141416e000030a94029f034d2f87e589ca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x0, 0x0, 0xf0}, 0x2c)

1.129214516s ago: executing program 1 (id=2214):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00'})
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r2, r3, 0x4, r0}, 0x6)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r4, 0x8914, &(0x7f0000000000))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r5, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r6, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
connect$rose(r6, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

1.128910274s ago: executing program 1 (id=2215):
r0 = syz_open_dev$loop(&(0x7f0000000540), 0x4, 0x2)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x2000800)
r3 = syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2)
preadv(r3, &(0x7f0000001300)=[{&(0x7f0000000100)=""/200, 0xc8}], 0x1, 0x1000, 0x3f2f0fde)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x6, 0x1, {0xb, @pix={0x8, 0xff, 0x20363159, 0x6, 0x2, 0x4, 0xc, 0x0, 0x1, 0x0, 0x2, 0x1}}, 0x8000})
r4 = syz_open_dev$media(&(0x7f0000000100), 0x0, 0x600)
preadv(r4, &(0x7f0000001400)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, 0x3, 0x5)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000600)={'\x00', 0x81, 0x10001, 0x7f, 0x9, 0x8})
ioctl$BLKTRACESTART(r0, 0x1274, 0x0)

969.87735ms ago: executing program 1 (id=2216):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_int(r0, 0x29, 0x1a, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000001500)={{0x1, 0x1, 0x18, <r3=>r0, {0x2}}, './file0\x00'})
ioctl$COMEDI_RANGEINFO(r3, 0x80106408, &(0x7f0000001580)={0x651, &(0x7f0000001540)=[{}, {}, {}]})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000140)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="440000001000390400"/20, @ANYRES32=r6, @ANYBLOB="0198000003130000240012800900010069706970"], 0x44}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9}, 0x0)
ioctl$sock_netdev_private(r4, 0x8914, &(0x7f0000000000))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r8, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r9 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r9, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
r10 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
ioctl$CDROM_GET_MCN(r10, 0x5311, 0x0)
ioctl$SIOCRSGL2CALL(r9, 0x89e5, &(0x7f00000014c0)=@netrom)
sendmmsg$unix(r1, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000180)="ce8e026206052df681108b11c6b1a89197047f2eed07db01f88a5af682bbe33a72b151cb6fa13542522504908c5adeb1833ed5f1d58e347616024be848f19bfb62e030de86", 0x45}, {&(0x7f0000000400)="4e497a3abf2f6ac760e6310a95cfc0645fc64ce5b5299606d6d7089915aebfbebefe6ff7cc65c0a9a521db0948219e668a0032c7c382cd40090d3e9b54f89db163d47eccb20325822825c6e6e7662f505c28a51242195b4b8a1650e265524b5da62f3ec4fd8dd1660bb2df19b9cca8c58963c1736b37a90b4faba62e9a8575f6c017fa255b03a09e34b5f2ada11e7dafa1f2d7241e521036b4561cad22437dc319612c7dbb54a7cf08a8a47a10d3f3ab2eb867cc783600af6856f48c02188de54b7c77df519aab7c2a902f969d1c88f6547260be7827f2fe3e656deca9c7da9aac44c1c97ef54c4585715624aa177466dbf2118eca7034e3540fc7d97e0c190b3596bb99605ab00edc4eea2e2c796a59186defe0ca371184e7203068d4a6682cd91abbc9963adb93dc6c48a2757fd8b2e643927d4d07a50a274384a4a1d8e6ba87b0820a56687a991f5cdccd1edc9083a3e15e0ec22f42c268b446ec22ac67bf1cbe842152165290c04b6ad4a5264cd0ee6486c97e868c5d4217d35ed227f56f0b9bce6fa20c9ba2e344ffce6c382680c673bfe7894957cfaf60016645ca999201c7bbf195dc3eec0e9ed2a5d986e5f0060ae45b90c3fe0101d670f90e5f618b6a785bdb9cecb2e7e2ca33552a417754b036df7a8f880bd8e9ca778250bee02c649c09d59d4365f3facfb14b19e23cbecd3231aded976a97bb27fc5212cdcbf4cc2141a309cc8b5b09e2b3f21145202ac700c3aa9bf1a07f9ddfb0f0345a6feb6aa47eb59273c8a989674e1e70afa761b733113d8579754e452e37b843abc22ad8ebd31ed72bb92949fc355932d54efdbdd299cbfcf164dc794f3a6227cb81dfcd1d1c1e3d2cf6a3a89abfdcbbe310c78668a3394be91d2968c8e57f8264e50acf5e5c522e3f2f327f1e201c80708e7f703d6292f26f4da5b021df53c70ae98955444072eaaecc80f57547e8cc751bf5bba7dafd0bf128c9025e8138f724e38c1f44cfe2e9622a0ab4e0f029c6b725eaee2cecc71246f7019288f8cddb9f38376caa5b3b7d3027408ddb7819a1cd6e821e3cc12727ae791a4a177dd48e96a55620f9b0ec019466723f60a20c250679f9ad33eeb9d9097bf4b1fe6eb50b9f2b6ca73fdf1545466dcb10cc764e0dbc50c45eca62f6dd8472070ef653f7e54a4a54a678fc9032d1befabf9b53e2cfb8119d1dea7a9d8e0b0e0e3810d6b4664ce08393796cf926ac00412b637e67db9225994cbcfee7554eb1dec3d9029382240fe9e241323974267cfa95b06a5bff5a17cb4d61dca95ad349577503c2c2f4662b1530f247b8fb6d096c018ceefe30578e8c6bb35202a12d7135353b626a94343537b43fc82d145d82e8156d32265e44f5d2f0a50e4d6975bf6c21883fc251bb263085bd9b8fd3aee8da45915765050120feaa2b91e584d5ffd6a08f41bee43a606f4ad92d5704669b88b91dbc565b7487ab61055440b000966749b059b16c8691e372090e8ba58bf15dbee45499f782f4dba286b96e9d511e5795884fc60ceee8b56067a0003943786dd7c0416dda22091787d725e9279d697a21bbee65af9aacdebf5e8d83691a6618f0ec03e8f98677a884572408ebc72c9d20db54b2c14b7d8f3ecb72905a1ef73a4512f772432a85c61df37fb8b2e975c128cd68ae06c185f0b72180b3d414fd9253ab5df5974364e8e8c9be43aa5f4a82bc3bee16cab1375ba987d18f2f97d019cff4171d4da5fcbba0577914163287eab0faecb48b434ec4314cf83d8d98a83f8b41a4bf33df3b966de84f8eff205399fc25e51e70ee8b7543ea9d7b935155f44ce7780e34ff301b1624d738492c2f9ee63a55b47b3f00a6f030e83ea2da0a4a483ad91f6891717f0f5fd020d19d8d83e6b7b22f382fb96085fec2379fc591ac320ea2f0937b7006f1228ec7afb35ec2845594d0047f782a1137c4277e8e10a9dac4c8136c28945a11ad18668de50e18175fa20e8725f31ee8646c694f58923d6a9629626e1210db5aa1c14f14cd250631990adcbd8d7e2b3f1983b18a71e3345d7caf3866175fa3da31bf0fbfe32235a32a5fc44178c6f86155c3e4f0aaa075e63aa3caa8ef4b8317a86e26dee07694f3d2889a425d8fdefdd391ed3b932c1c9b1b56eb0fa20f9c260df55311d6f01d434d0398265ef56b89b5a14afb088c5425eb231576fe7bf62895ed3ea804868b2fae520c436937e45bdf51eb96cb14450b1960b4f87011f04cfe7e51b462472cd287fc2bdb8ec1f73dabeea3ceba78d2153d1cb731582e648b17e3460c9e9b323c74cc862af4eabae01f7a932e4a3b17e040abf0448b2ad9306678742714f55a593375349afd0c07632039bef27e43cdfd6bf89a907c0096a5a2d30abb6db028c6b95d365057c87042faa1fb928c3afdc67307e4ffc6a505036503ab4ff4eb05f04be25fd313f61e0268b5292a26fc1221a613594bb9214b4f865daeab1d48c1503bec6516267f8a4e8938c944d61abba7ea45cbc4c724acd27c8b44d6b05454ea03c95cac9593c7bea7c0ca670e6943c9a1429bdc8a47de3547f84baa458a49901401edc7ad59257dfa251cd6791e557f47cc9fb23f25d83bd5f3681d1db6c540f8ceecf84635433c453c0bea5ca2d26e77462f0a16252fdf8c3aedc3215374f8fa5c8da6bcce714f299277976292e81ab48200865a1001dfb858c3bf5ee9225135f5272f44321a0a18a41a4f325f3e943353ddc50c7d1c6633410a5b7f012a84af9b30c94adc869467d972cf4c1ae23668aaf0b1c15eba93d1c250aef04fbe525b430b6377f1b63cc78c82395f9dc5c9b85f4e88676d07cc1acf420f383e1371c4b49a7e3ed70aafbbefac073e5bb2587a9d5b772601d92b10d84c966adc4c55b1c7025942f363c6562e15b5bae4b2d19a3c30740b386ef97db780ae89430c6e29658414a282a833f82be9f64bbb718333deaadd133071cdec2103fc4c0e112808e10efc411e22abcdc32efb4a3a51e096e3de8e07e35b5032984de2da7ae51f72106c8e0082aee580d736f55076795f1b10d28b22b2f7073d683b7c1dedc2976cc1c56abd3f6ce031a4ef8fd4a3f43bb2e9ed9740357e198869587d965e32c5905e2e6c8703bbc855d60fc5d4521668a167cc89f8af689e78aee6106b7e565603eed5e59c7b3eda0d64f09bea072ffffe4b88978e51211cb43cb3972fb9f6f93fedfa4c956fd02705d8c1c152053c7f695e45167fd47dac82c5ab1ab766216cb5b1eeb2409744d3cc0b6bd8d067a3bf5c95c6c9fe48f6c8c9027d09a1bfd5feb3f90f436a2a3ad6aea6e1a6aa9c65b28182b03e35edd22e91a6d7073e0d0cad7098f5d05c9d7ffb05b565da1708b5fc6dd4a5d620eef19e361199de509f2555aaf2907322cfa10311fd005c4b1e4386620decf7d5deb7f5ddcc817c809a068d6109d87fe54730f12c593eb49b736d0a640b73058f957a41d499c10d4599e3ed0a9ee134cc8371c4569353b42068cca90cc0694592b7e24703429a3118484a11c42e0d88586aff9230f04649a353980bd903752ff59d5bf732d1244e840c5965f5257accc9a95b39c0cf8be6f66d4d2a4c1db306cab1d50368103441c27c89eb1a9a2890f30669e485f495f7359a9d8917a662af10fa2b15951dba5b278fbafe0267f93ebab585be544b3bdda766888e5e018276b172f655a6f1b519e4bd0d29671c01ee153f9c8d1e3eae1562f165864acb101cd236c88fd4524cd0b7635d66c46f2de8ca84b447cc4cc654c30270bf91da679cac90c81eba91ab8aa0588d6cece7228e7a7d12b021c7c2cd37f21d396c0ce6ebb057141c1230568bc2ad9b75eb7208b523b141480403940c48967a79d0e82de91828d4a45ca4752e2e06873fb9794e69c8409c631f3938eba791a8662296b92f3b4f713cfa6c6d633665eb04cc9f6d336e617e8c9b2260f8f279480c4ee2bcba0148c3e4a3184d21452933de887b893b09857a2ada78d50893d9e52a52e624203f5ca4e2926c0400768bf0a078ec8bfe2b4fd4387a86b9a563578eb8498aff8790dcd13afa08e36a979e5fc87b584d17e68299fc2e67b3081f203c7787ad3381c392ec1e53c959657c835e1b38397e50b31609959b3f2a1c385a22b9fc8b392c30c04d7d494a566713980123b9a01ed2c6e66777c59b375526050b0eef9c25587c4caca457f9ce01da439f8dd261dc438930521ad2780a6d9477aa0849914929a3145077599ee2e4ab6deb246c615c4fb9b92ce5a15d00c14c728dea4ca571234780367a2fa1b5b985ae1f0a6ffa169f776b409e95382108d7a46f4f1040a4fcc8e9a352255d2fa592d66653ab3017893e730c1977f6cd6e8912d23f9ef2c11bf2eccd7d6d75aaee51ddeba959606f7c8a3eeed5d2d8b5a8540f97caa3ed1c819c864707099ed43eb2bdbc84ddc357c830ec15910a86efd9d8e5c8ace52e5f18c9bb85020c62a87685a90c5711af3d27882c777113e8c18eff1a0d75c19ae88f4bde2c9fb2569b52acf2592521f5c9f4e1b67fa2c98527fdce9c275f243b17cf44bd3b0d697bb51c13342f732bf08a3a9719dacbe2050f30f340caea59e37eaf7951bf266c1e49c2d1f1de6e78777a13ad575c1dc420f2a5e71b2d7cffd4fd08e082d8e6764de7a01ad9de79d16f34eba159305842f26eedaba3e78b1655e5c6f68b8853ceebc4e4b572195bc218f5c8ae0931a756ba69773b0c4f373cd81a2fb2121869bded24fb7411518cb9ed5b895c8f50ecb6a5615280fa430d3f1390aacbfc7ae8423f3ceb0d3f14636911208be31a13e2296997c7b7fbc90b669a7e5911f3d0b8aa57a734020bc351286e6a699d43e6607be26b3c506ad35f3e35d07c832c0e0ade17e9381af0ba85614d9914df1f17a7256cfcfeaa3baba2b0207d59d0b2f079abadefbf9c2e64a2b87252fd51deba6a751c84d43d50abb7205f724dcd84382e953c6a8cb4525b0223d83431c582e65b66973b811cf4abdaf9b2a3abd4fad5a6671a88063ee93ee61c1da6c4ef47f99d81aea20ea525e8cd15f6c7b1384efd875110f448314a31baedf3996ef649a65bccd959585c607b63ed0b4199dcfe818b46389f14e52631bc999828d3e9def8bac6bdae716d01fb9e312a10a20a9309808d6c5fe7009f04b30856b207150c9a1021634814907d8e24a30d0ee974866d393f590f2a9d1e4e743c7e24bdcd1d0d47af78c63146d54a6243e98a5c566ac054d625d0bd193b132cbfadb25bbb7102e0e393bf3d47b1ba5e737ecf369a26262146faaaaebc66bf886608e9ad46e644faff9a87c8a464db49d1178a1cb9d7e0c6cd1d92097d4aa7bd675d86fa7a45f64b1757ca6aa6c1c71c9d0c677f10f22299b201eae7747519cccfc3a68561539d9f2b8f1856a26548632134edea812b54631936cab543d59813bea0315fca121ae08c6141e788fb348a9d6ba212c0b66f1279159b2b4a3acef4da671feff1391c46ab38de862f12a3309096a00856c1c56f07ae5dc94a4c7bcc0d6615b1fc3aeb4b72fc5a0a8ae82b1b08ee1da9939e5f68fce647fe86a9d9503d99d5bdf3a62ec3f3a8d14a37ed568a4d56aed7d0e686ca35d4743a429761044f9e73e7eca65777f9387850b75d49534050577d57365a4420207fcd7d5b14236f9309b250ad08508bddc162aa85722623e562faa1169fef52a7ce8ad368b603b83b81285f9f385ca8385ae27451a9e5f337da0a27884fd463008fe55b6047296a3720469f28994706af0094231f18caed4c1d773751cd484d1b4eb485070800d574313ec83b95", 0x1000}, {&(0x7f0000000200)="0b0806ef8cb87330eeffe30240af1cf7edf63ae4fe5862d29d6895a712d5aab597b81ff514c8a67e12f3eac7df8360333e1d6f6ef9bf4d365b8f504f5f471daabd03ee321a91c3d4174dfffac23d5c67458b55bca2180ea25d13f239f92b42563ea35e020dc65c7e32b2bc753174fc92bcb67168a9ef22752a97b5c8a04d87e445e13c3d35932e60417d7af526e5e4591f78efbc1051aaf2576d89f2467b", 0x9e}, {&(0x7f0000000040)="0f4b0b7fb8317e7d7d39bee647a99a085e80f8faaea447a23017ae5d4e6718d8145f1ecaf9ed4398d79320f30f8279f6741e887e", 0x34}, {&(0x7f00000002c0)="93957c29693367233ed69615bebaa7396dbb6dc649df41b05ebcfbe2a87fd2d6fa635d7c4ccde2d4e3f2196050d9186090ea16a90262e713a78852adacf316fa2b6844d94e5707e76293b701019b64ca52ae5ab741c5d7949d0c2e39c2e48c4c03744787670b12798ae182b8d11af33b21ddbaa4b3797de86000d88746d931f433e16019da4e9e9d4fce878a474084b1b41dca624c7341de8189de2cf6e82e7c6e23ebd8bb", 0xa5}], 0x5, 0x0, 0x0, 0x10}}], 0x1, 0x8010)
connect$rose(r8, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @bcast, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40)
r11 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$IP6T_SO_SET_REPLACE(r11, 0x29, 0x40, &(0x7f0000001a80)=@raw={'raw\x00', 0x8, 0x3, 0x12d8, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1208, 0xffffffff, 0xffffffff, 0x1208, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0x62], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {0xff}, 0x0, 0xfd}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x7fff, 0x30, 0x1}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [0x0, 0x0, 0xff000000], [], 'wg1\x00', 'ip6gretap0\x00', {}, {}, 0x3b, 0x0, 0x0, 0x3}, 0x0, 0x1108, 0x1138, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x0, './cgroup.cpu/syz0\x00', 0x2, {0x8}}}, @common=@srh={{0x30}, {0x1, 0x4, 0x7, 0x3, 0x8001, 0x204, 0x3004}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x1338)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000001480)=0x1)

859.31279ms ago: executing program 1 (id=2217):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x30}}, 0x0)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405668, &(0x7f00000001c0)={0x1, 0x0, 0x2})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414910800060003"], 0x30}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7], 0x14}}, 0x800)

699.85612ms ago: executing program 5 (id=2218):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0xa1d5, 0x200, 0x400, 0x429}})

699.651954ms ago: executing program 5 (id=2219):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x81101)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x60}]})
write$ppp(r1, &(0x7f00000004c0)="37e1", 0x2)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$SOUND_PCM_READ_RATE(r2, 0x80045002, &(0x7f0000000040))
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)
ioctl$VHOST_VDPA_GET_AS_NUM(r0, 0x8004af7a, &(0x7f0000000040))
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCGETD(r4, 0x5424, &(0x7f0000000400))
r5 = fsopen(&(0x7f0000000280)='devpts\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
connect$rose(r3, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast]}, 0x40)
r6 = syz_open_dev$evdev(&(0x7f0000000040), 0xc, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000040)={0x3, 0x1000}, 0x4)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r9, 0xffffffffffffffff, 0x0)
ioctl$EVIOCGBITSW(r6, 0x80404525, &(0x7f0000000140)=""/97)
connect$rose(r3, &(0x7f0000000000)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, 0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, 0x1c)

569.670078ms ago: executing program 5 (id=2220):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r1, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000300)=@newtaction={0x4c, 0x58, 0x284f, 0x0, 0x0, {}, [{0x38, 0x1, [@m_connmark={0x34, 0x0, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x4c}}, 0x0)

569.524153ms ago: executing program 5 (id=2221):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000700)=ANY=[@ANYBLOB="340000001300050000000000fddbdf2507000000", @ANYRES32=r2, @ANYBLOB="500800000000000014000c80100004800c000880080004"], 0x34}}, 0x0)

499.054558ms ago: executing program 5 (id=2222):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x9)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x208101, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r8}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00001d6000/0x1000)=nil, 0x1000, 0x17)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r11=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="7c00000013000500010000000000000007000000", @ANYRES32=r11, @ANYBLOB="00000000002000005c001a805800048054000a80"], 0x7c}, 0x1, 0x0, 0x0, 0x24000000}, 0x64040100)
r12 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r13, {0x4}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x9, 0x7, 0xc, 0x2, 0x4, 0x2, 0xf, 0x4, 0x0, 0x5, 0x2, 0x7, 0x1, 0x2], 0x3, [0x8b, 0x101, 0x0, 0x2002, 0x1, 0x4, 0x2, 0xd04, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xfffc, 0xfff5, 0x3, 0x8, 0x1, 0x9, 0x5, 0x6, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
close(r4)
socket$unix(0x1, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

359.793977ms ago: executing program 5 (id=2223):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
fcntl$lock(0xffffffffffffffff, 0x26, 0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000080))
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x3})
creat(0x0, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0xc0145b0e, &(0x7f0000000040))
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\b\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414aa0800060001000000"], 0x30}}, 0x0)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405668, &(0x7f00000001c0)={0x1, 0x0, 0x2})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414910800060003"], 0x30}}, 0x0)

234.317209ms ago: executing program 2 (id=2224):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x18, 0x40, 0x9, 0xffffffff, 0x25dfdbfd, {0x2}, [@typed={0x4, 0x11f}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000048000000160a01000000000000000000010000010900010073797a30000000000900020073797a30000000001c0003800800014000000000080002400000000008000240000000065c020000180a0101000b000000000000010000000900010073797a3000000000e800038008000140000000000800014000000000cc0003801400010069703665727370616e3000000000000014000100776732000000000000000000000000001400010076657468305f6d61637674617000000014000100626f6e645f736c6176655f310000000014000100626f6e645f736c6176655f300000000014000100636169663000000000000000000000001400010070296d726567300000000000000000001400010070696d726567310000000000000000001400010069705f76746930000000000000000000140001007465616d5f736c6176655f300000000008000140000000200900020073797a30"], 0x2ec}, 0x1, 0x0, 0x0, 0x20008811}, 0x0)

180.121002ms ago: executing program 2 (id=2225):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r0, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
connect$rose(r0, &(0x7f0000000000)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x4, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x1c)

179.992275ms ago: executing program 4 (id=2226):
socket$kcm(0x10, 0x400000002, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @bcast, @bpq0, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x8004c60)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x40000)
accept$packet(0xffffffffffffffff, 0x0, 0x0)
connect$rose(r1, &(0x7f0000000200)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}}, 0x1c)
connect$rose(r1, &(0x7f0000000180)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x1c)

179.686174ms ago: executing program 2 (id=2227):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000800), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2c, r1, 0xa5456c2fe1cd7aeb, 0x70bd2d, 0x35dfdbfa, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000010}, 0x40892)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0xa, 0x9}, {}, {0xc, 0x8}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x60000080}, 0x40000d0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x40044)

50.031075ms ago: executing program 2 (id=2228):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xf0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r3, 0x4068aea3, &(0x7f0000000000))
connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e23, @empty}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000008c0)={'bridge_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="280000001c00010200000000fedbdf2507000000", @ANYRES32=r5, @ANYBLOB="8000000a0a000200aaaaaaaaaa0c"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4040000)
ioctl$sock_ax25_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x3, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})

0s ago: executing program 1 (id=2229):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r0, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
recvfrom$inet6(r1, &(0x7f0000000040)=""/117, 0x75, 0x40000000, &(0x7f00000000c0)={0xa, 0x4e22, 0x80, @private0, 0x10001}, 0x1c)
connect$rose(r0, &(0x7f0000000000)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x4, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x40)

0s ago: executing program 2 (id=2230):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
syz_emit_ethernet(0xd6, &(0x7f0000000100)={@multicast, @local, @val={@val={0x88a8, 0x7, 0x0, 0x2}, {0x8100, 0x0, 0x1, 0x1}}, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x98, 0x0, 0x0, @empty, @local, {[@routing={0x0, 0x12, 0x0, 0x0, 0x31, [@mcast1, @dev={0xfe, 0x80, '\x00', 0x2c}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @local, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}, @private2={0xfc, 0x2, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}]}]}}}}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0xf, 0xde, &(0x7f0000000040)="37f3902dffe6044ce53f3832fed6c4", &(0x7f0000000200)=""/222, 0x1000000, 0x0, 0xf8, 0xb5, &(0x7f0000000300)="aa4d78205fbbf2a77af4d5efd670070c5e7b043053d757b524ab288c7ac6e0817fd9fa81f6e1e0dd4078d544e05edea1d680a018bd69bd930ed0df71bf7afb9bbcd5c9cd8d821c232a29b8a9e988cc7ce95484ff6fbf3f7b6bd6d655191c02bc19e32ad3bb69b9c5fdbf14e846d99383a40a292b2522abac2820ed1d88f0864939ae0a3275cf1ad59f28a43c434e484e2edbfaad67d45dc368fb1dec6f64913c0071c1e1c1fabc2b7b3cbfa83d0878d546f577c0595ae660ef096374918dd5afa585ecd0ad65e5eebb39fed2f4f094481a886bcebec28c449444fcee0f3b0c90d997419c055777cbae1c60735240869f482e2bcfe09a5683", &(0x7f0000000400)="dd6a4d7b7f16fa0c9eff22d66556798101c5285d4cf5f4d4e436cde83d76249d23225f27f8f5afe6c9d3844a08fa82da90d8ead38d119563aafd37d8cd00929fa8bf91f9b904387f6778cab6ea6a33deecde2bba25d70bf231075ba0316ba511051e3ada735e175529cf8e7a14496bfe955efadaa7838d95c2ea95b2c7a7dd6954616ff5e2a6736866daaa22a70888ac12f52fd111200daa154d14471afbd8ff04bcab2597e734a36912e609f6c8a8fe4ce233f074", 0x4, 0x0, 0xfffff486}, 0x50)

kernel console output (not intermixed with test programs):

<eth:syzkaller0>
[  193.989987][T10776] tipc: Resetting bearer <eth:syzkaller0>
[  193.999336][T10776] tipc: Disabling bearer <eth:syzkaller0>
[  194.132554][T10785] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  194.202962][T10787] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1793'.
[  194.592910][T10803] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  194.595433][T10803] syzkaller0: entered promiscuous mode
[  194.597170][T10803] syzkaller0: entered allmulticast mode
[  194.608389][T10803] tipc: Resetting bearer <eth:syzkaller0>
[  194.612439][T10802] tipc: Resetting bearer <eth:syzkaller0>
[  194.619486][T10802] tipc: Disabling bearer <eth:syzkaller0>
[  194.692113][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  194.692123][   T40] audit: type=1400 audit(1762563374.995:554): avc:  denied  { open } for  pid=10806 comm="syz.4.1802" path="/dev/ptyqd" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  194.695260][T10807] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1802'.
[  194.701581][   T40] audit: type=1400 audit(1762563374.995:555): avc:  denied  { ioctl } for  pid=10806 comm="syz.4.1802" path="/dev/ptyqd" dev="devtmpfs" ino=140 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  194.707746][ T5938] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  194.717946][ T5938] CPU: 1 UID: 0 PID: 5938 Comm: kworker/u33:2 Not tainted syzkaller #0 PREEMPT(full) 
[  194.717991][ T5938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  194.718004][ T5938] Workqueue: hci4 hci_rx_work
[  194.718034][ T5938] Call Trace:
[  194.718041][ T5938]  <TASK>
[  194.718049][ T5938]  dump_stack_lvl+0x16c/0x1f0
[  194.718080][ T5938]  sysfs_warn_dup+0x7f/0xa0
[  194.718104][ T5938]  sysfs_create_dir_ns+0x24b/0x2b0
[  194.718124][ T5938]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  194.718142][ T5938]  ? find_held_lock+0x2b/0x80
[  194.718169][ T5938]  ? do_raw_spin_unlock+0x172/0x230
[  194.718191][ T5938]  kobject_add_internal+0x2c4/0x9b0
[  194.718215][ T5938]  kobject_add+0x16e/0x240
[  194.718234][ T5938]  ? __pfx_kobject_add+0x10/0x10
[  194.718251][ T5938]  ? do_raw_spin_unlock+0x172/0x230
[  194.718271][ T5938]  ? kobject_put+0xab/0x5a0
[  194.718296][ T5938]  device_add+0x288/0x1aa0
[  194.718318][ T5938]  ? __pfx_dev_set_name+0x10/0x10
[  194.718342][ T5938]  ? __pfx_device_add+0x10/0x10
[  194.718361][ T5938]  ? mgmt_send_event_skb+0x2fb/0x460
[  194.718392][ T5938]  hci_conn_add_sysfs+0x17e/0x230
[  194.718422][ T5938]  le_conn_complete_evt+0x1260/0x2150
[  194.718454][ T5938]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  194.718476][ T5938]  ? hci_event_packet+0x459/0x11c0
[  194.718506][ T5938]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  194.718530][ T5938]  ? skb_pull_data+0x166/0x210
[  194.718552][ T5938]  hci_le_meta_evt+0x357/0x5e0
[  194.718574][ T5938]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  194.718599][ T5938]  hci_event_packet+0x685/0x11c0
[  194.718622][ T5938]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  194.718650][ T5938]  ? __pfx_hci_event_packet+0x10/0x10
[  194.718679][ T5938]  ? kcov_remote_start+0x3c9/0x6d0
[  194.718699][ T5938]  ? lockdep_hardirqs_on+0x7c/0x110
[  194.718732][ T5938]  hci_rx_work+0x2c5/0x16b0
[  194.718760][ T5938]  ? rcu_is_watching+0x12/0xc0
[  194.718786][ T5938]  process_one_work+0x9cf/0x1b70
[  194.718814][ T5938]  ? __pfx_process_one_work+0x10/0x10
[  194.718840][ T5938]  ? assign_work+0x1a0/0x250
[  194.718860][ T5938]  worker_thread+0x6c8/0xf10
[  194.718900][ T5938]  ? __pfx_worker_thread+0x10/0x10
[  194.718919][ T5938]  kthread+0x3c5/0x780
[  194.718936][ T5938]  ? __pfx_kthread+0x10/0x10
[  194.718955][ T5938]  ? rcu_is_watching+0x12/0xc0
[  194.718998][ T5938]  ? __pfx_kthread+0x10/0x10
[  194.719017][ T5938]  ret_from_fork+0x675/0x7d0
[  194.719033][ T5938]  ? __pfx_kthread+0x10/0x10
[  194.719048][ T5938]  ret_from_fork_asm+0x1a/0x30
[  194.719089][ T5938]  </TASK>
[  194.719154][ T5938] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  194.746094][T10813] FAULT_INJECTION: forcing a failure.
[  194.746094][T10813] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.746123][T10813] CPU: 3 UID: 0 PID: 10813 Comm: syz.4.1805 Not tainted syzkaller #0 PREEMPT(full) 
[  194.746136][T10813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  194.746142][T10813] Call Trace:
[  194.746146][T10813]  <TASK>
[  194.746150][T10813]  dump_stack_lvl+0x16c/0x1f0
[  194.746170][T10813]  should_fail_ex+0x512/0x640
[  194.746185][T10813]  _copy_to_user+0x32/0xd0
[  194.746199][T10813]  simple_read_from_buffer+0xcb/0x170
[  194.746218][T10813]  proc_fail_nth_read+0x197/0x240
[  194.746231][T10813]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  194.746244][T10813]  ? rw_verify_area+0xcf/0x6c0
[  194.746259][T10813]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  194.746271][T10813]  vfs_read+0x1e4/0xcf0
[  194.746282][T10813]  ? __pfx___mutex_lock+0x10/0x10
[  194.746293][T10813]  ? __pfx_vfs_read+0x10/0x10
[  194.746306][T10813]  ? __fget_files+0x20e/0x3c0
[  194.746320][T10813]  ksys_read+0x12a/0x250
[  194.746329][T10813]  ? __pfx_ksys_read+0x10/0x10
[  194.746339][T10813]  ? __secure_computing+0x28e/0x3b0
[  194.746353][T10813]  do_syscall_64+0xcd/0xfa0
[  194.746363][T10813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.746374][T10813] RIP: 0033:0x7f6776b8e0dc
[  194.746382][T10813] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  194.746392][T10813] RSP: 002b:00007f6777ad9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  194.746402][T10813] RAX: ffffffffffffffda RBX: 00007f6776de5fa0 RCX: 00007f6776b8e0dc
[  194.746408][T10813] RDX: 000000000000000f RSI: 00007f6777ad90a0 RDI: 0000000000000006
[  194.746414][T10813] RBP: 00007f6777ad9090 R08: 0000000000000000 R09: 0000000000000000
[  194.746420][T10813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  194.746426][T10813] R13: 00007f6776de6038 R14: 00007f6776de5fa0 R15: 00007ffdbab8d8a8
[  194.746439][T10813]  </TASK>
[  194.765914][T10781] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  194.767362][ T5938] Bluetooth: hci4: failed to register connection device
[  194.769011][T10781] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  194.896002][T10781] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  194.898083][T10781] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  194.901194][T10781] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  194.903062][T10781] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  194.908518][T10781] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  194.912147][T10781] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  195.024964][T10830] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  195.027541][T10830] syzkaller0: entered promiscuous mode
[  195.029357][T10830] syzkaller0: entered allmulticast mode
[  195.041977][T10830] tipc: Resetting bearer <eth:syzkaller0>
[  195.045006][T10829] tipc: Resetting bearer <eth:syzkaller0>
[  195.051287][T10829] tipc: Disabling bearer <eth:syzkaller0>
[  195.084237][T10832] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1812'.
[  195.088987][T10832] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1812'.
[  195.151214][T10834] FAULT_INJECTION: forcing a failure.
[  195.151214][T10834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.155372][T10834] CPU: 1 UID: 0 PID: 10834 Comm: syz.1.1813 Not tainted syzkaller #0 PREEMPT(full) 
[  195.155386][T10834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  195.155393][T10834] Call Trace:
[  195.155397][T10834]  <TASK>
[  195.155401][T10834]  dump_stack_lvl+0x16c/0x1f0
[  195.155421][T10834]  should_fail_ex+0x512/0x640
[  195.155436][T10834]  _copy_from_iter+0x29f/0x1720
[  195.155450][T10834]  ? _copy_from_iter+0x15d/0x1720
[  195.155463][T10834]  ? __pfx__copy_from_iter+0x10/0x10
[  195.155477][T10834]  ? __pfx__copy_from_iter+0x10/0x10
[  195.155489][T10834]  ? _copy_from_iter+0x15d/0x1720
[  195.155503][T10834]  copy_page_from_iter+0xde/0x180
[  195.155517][T10834]  skb_copy_datagram_from_iter+0x2a0/0x740
[  195.155535][T10834]  tun_get_user+0x1850/0x3cc0
[  195.155556][T10834]  ? __pfx_tun_get_user+0x10/0x10
[  195.155571][T10834]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  195.155588][T10834]  ? find_held_lock+0x2b/0x80
[  195.155602][T10834]  ? tun_get+0x191/0x370
[  195.155617][T10834]  tun_chr_write_iter+0xdc/0x210
[  195.155632][T10834]  vfs_write+0x7d3/0x11d0
[  195.155643][T10834]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  195.155659][T10834]  ? __pfx_vfs_write+0x10/0x10
[  195.155668][T10834]  ? find_held_lock+0x2b/0x80
[  195.155688][T10834]  ksys_write+0x12a/0x250
[  195.155697][T10834]  ? __pfx_ksys_write+0x10/0x10
[  195.155710][T10834]  do_syscall_64+0xcd/0xfa0
[  195.155721][T10834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.155731][T10834] RIP: 0033:0x7f1eaab8f6c9
[  195.155740][T10834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.155750][T10834] RSP: 002b:00007f1eab9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  195.155760][T10834] RAX: ffffffffffffffda RBX: 00007f1eaade5fa0 RCX: 00007f1eaab8f6c9
[  195.155767][T10834] RDX: 000000000000fdef RSI: 0000200000000040 RDI: 0000000000000003
[  195.155773][T10834] RBP: 00007f1eab9eb090 R08: 0000000000000000 R09: 0000000000000000
[  195.155779][T10834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  195.155785][T10834] R13: 00007f1eaade6038 R14: 00007f1eaade5fa0 R15: 00007ffdd36a4898
[  195.155798][T10834]  </TASK>
[  195.228477][    C1] vkms_vblank_simulate: vblank timer overrun
[  195.272807][T10840] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10840 comm=syz.3.1816
[  195.337372][   T40] audit: type=1400 audit(1762563375.635:556): avc:  denied  { nlmsg_read } for  pid=10839 comm="syz.3.1816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  195.440231][   T40] audit: type=1400 audit(1762563375.745:557): avc:  denied  { name_bind 0x1000000 } for  pid=10849 comm="syz.3.1821" path="socket:[29486]" dev="sockfs" ino=29486 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  195.753972][T10856] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  195.757221][T10856] syzkaller0: entered promiscuous mode
[  195.759425][T10856] syzkaller0: entered allmulticast mode
[  195.771326][T10856] tipc: Resetting bearer <eth:syzkaller0>
[  195.774488][T10855] tipc: Resetting bearer <eth:syzkaller0>
[  195.781686][T10855] tipc: Disabling bearer <eth:syzkaller0>
[  195.893601][T10858] FAULT_INJECTION: forcing a failure.
[  195.893601][T10858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.897625][T10858] CPU: 3 UID: 0 PID: 10858 Comm: syz.2.1824 Not tainted syzkaller #0 PREEMPT(full) 
[  195.897639][T10858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  195.897645][T10858] Call Trace:
[  195.897649][T10858]  <TASK>
[  195.897654][T10858]  dump_stack_lvl+0x16c/0x1f0
[  195.897677][T10858]  should_fail_ex+0x512/0x640
[  195.897692][T10858]  _copy_from_user+0x2e/0xd0
[  195.897706][T10858]  copy_msghdr_from_user+0x98/0x160
[  195.897721][T10858]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  195.897734][T10858]  ? lockdep_hardirqs_on+0x7c/0x110
[  195.897752][T10858]  ? kfree+0x2b8/0x6d0
[  195.897765][T10858]  ? ___sys_sendmsg+0x141/0x1d0
[  195.897781][T10858]  ___sys_sendmsg+0xfe/0x1d0
[  195.897795][T10858]  ? __pfx____sys_sendmsg+0x10/0x10
[  195.897820][T10858]  ? __pfx___might_resched+0x10/0x10
[  195.897837][T10858]  __sys_sendmmsg+0x200/0x420
[  195.897852][T10858]  ? __pfx___sys_sendmmsg+0x10/0x10
[  195.897870][T10858]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  195.897890][T10858]  ? fput+0x9b/0xd0
[  195.897903][T10858]  ? ksys_write+0x1ac/0x250
[  195.897913][T10858]  ? __pfx_ksys_write+0x10/0x10
[  195.897924][T10858]  __x64_sys_sendmmsg+0x9c/0x100
[  195.897937][T10858]  ? lockdep_hardirqs_on+0x7c/0x110
[  195.897976][T10858]  do_syscall_64+0xcd/0xfa0
[  195.897992][T10858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.898004][T10858] RIP: 0033:0x7f7b5038f6c9
[  195.898013][T10858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.898023][T10858] RSP: 002b:00007f7b512d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  195.898033][T10858] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038f6c9
[  195.898040][T10858] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003
[  195.898046][T10858] RBP: 00007f7b512d7090 R08: 0000000000000000 R09: 0000000000000000
[  195.898052][T10858] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000002
[  195.898057][T10858] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  195.898071][T10858]  </TASK>
[  196.294555][   T40] audit: type=1400 audit(1762563376.595:558): avc:  denied  { read } for  pid=10868 comm="syz.1.1828" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  196.302075][   T40] audit: type=1400 audit(1762563376.595:559): avc:  denied  { open } for  pid=10868 comm="syz.1.1828" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  196.426088][T10874] FAULT_INJECTION: forcing a failure.
[  196.426088][T10874] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  196.430488][T10874] CPU: 1 UID: 0 PID: 10874 Comm: syz.1.1830 Not tainted syzkaller #0 PREEMPT(full) 
[  196.430502][T10874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.430509][T10874] Call Trace:
[  196.430513][T10874]  <TASK>
[  196.430517][T10874]  dump_stack_lvl+0x16c/0x1f0
[  196.430538][T10874]  should_fail_ex+0x512/0x640
[  196.430554][T10874]  should_fail_alloc_page+0xe7/0x130
[  196.430571][T10874]  prepare_alloc_pages+0x3c2/0x610
[  196.430594][T10874]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  196.430622][T10874]  ? __lock_acquire+0xb8a/0x1c90
[  196.430659][T10874]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  196.430681][T10874]  ? do_raw_spin_lock+0x12c/0x2b0
[  196.430693][T10874]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  196.430704][T10874]  ? find_held_lock+0x2b/0x80
[  196.430721][T10874]  ? __lock_acquire+0xb8a/0x1c90
[  196.430737][T10874]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  196.430752][T10874]  ? policy_nodemask+0xea/0x4e0
[  196.430765][T10874]  alloc_pages_mpol+0x1fb/0x550
[  196.430777][T10874]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  196.430794][T10874]  folio_alloc_mpol_noprof+0x36/0x2f0
[  196.430808][T10874]  shmem_alloc_folio+0x135/0x160
[  196.430822][T10874]  shmem_alloc_and_add_folio+0x499/0xc20
[  196.430840][T10874]  ? __pfx_filemap_get_entry+0x10/0x10
[  196.430856][T10874]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  196.430872][T10874]  ? shmem_allowable_huge_orders+0xd4/0x3f0
[  196.430896][T10874]  shmem_get_folio_gfp+0x67f/0x1610
[  196.430914][T10874]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  196.430930][T10874]  ? filemap_map_pages+0xe01/0x1b70
[  196.430947][T10874]  shmem_fault+0x1fe/0xa30
[  196.430963][T10874]  ? __pfx_shmem_fault+0x10/0x10
[  196.430981][T10874]  ? __pfx_filemap_map_pages+0x10/0x10
[  196.431000][T10874]  ? __pfx_filemap_map_pages+0x10/0x10
[  196.431013][T10874]  __do_fault+0x10d/0x490
[  196.431031][T10874]  ? __pfx_filemap_map_pages+0x10/0x10
[  196.431044][T10874]  do_pte_missing+0xf4a/0x3ba0
[  196.431059][T10874]  ? find_held_lock+0x2b/0x80
[  196.431072][T10874]  ? __handle_mm_fault+0x1529/0x2aa0
[  196.431088][T10874]  __handle_mm_fault+0x1556/0x2aa0
[  196.431105][T10874]  ? __pfx___handle_mm_fault+0x10/0x10
[  196.431121][T10874]  ? __pte_offset_map_lock+0x174/0x310
[  196.431134][T10874]  ? find_held_lock+0x2b/0x80
[  196.431150][T10874]  ? follow_page_pte+0x5cf/0x1390
[  196.431165][T10874]  handle_mm_fault+0x589/0xd10
[  196.431182][T10874]  __get_user_pages+0x54e/0x3530
[  196.431200][T10874]  ? __pfx___get_user_pages+0x10/0x10
[  196.431216][T10874]  populate_vma_page_range+0x267/0x3f0
[  196.431230][T10874]  ? __pfx_populate_vma_page_range+0x10/0x10
[  196.431242][T10874]  ? __pfx_find_vma_intersection+0x10/0x10
[  196.431255][T10874]  ? do_mmap+0x69c/0x1210
[  196.431267][T10874]  __mm_populate+0x1d8/0x380
[  196.431280][T10874]  ? __pfx___mm_populate+0x10/0x10
[  196.431294][T10874]  ? up_write+0x1b2/0x520
[  196.431306][T10874]  vm_mmap_pgoff+0x37f/0x470
[  196.431319][T10874]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  196.431333][T10874]  ? __fget_files+0x20e/0x3c0
[  196.431346][T10874]  ksys_mmap_pgoff+0x32c/0x5c0
[  196.431357][T10874]  ? __pfx_ksys_write+0x10/0x10
[  196.431368][T10874]  __x64_sys_mmap+0x125/0x190
[  196.431379][T10874]  do_syscall_64+0xcd/0xfa0
[  196.431390][T10874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.431401][T10874] RIP: 0033:0x7f1eaab8f6c9
[  196.431410][T10874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.431420][T10874] RSP: 002b:00007f1eab9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  196.431430][T10874] RAX: ffffffffffffffda RBX: 00007f1eaade5fa0 RCX: 00007f1eaab8f6c9
[  196.431436][T10874] RDX: 0000000000000002 RSI: 0000000000b36000 RDI: 0000200000000000
[  196.431442][T10874] RBP: 00007f1eab9eb090 R08: 0000000000000003 R09: 0000000000000000
[  196.431449][T10874] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000002
[  196.431455][T10874] R13: 00007f1eaade6038 R14: 00007f1eaade5fa0 R15: 00007ffdd36a4898
[  196.431469][T10874]  </TASK>
[  196.559495][    C1] vkms_vblank_simulate: vblank timer overrun
[  196.616672][T10878] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  196.619181][T10878] syzkaller0: entered promiscuous mode
[  196.621296][T10878] syzkaller0: entered allmulticast mode
[  196.631311][T10877] tipc: Resetting bearer <eth:syzkaller0>
[  196.640995][T10877] tipc: Disabling bearer <eth:syzkaller0>
[  197.035021][T10885] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1835'.
[  197.639141][T10889] FAULT_INJECTION: forcing a failure.
[  197.639141][T10889] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.643820][T10889] CPU: 2 UID: 0 PID: 10889 Comm: syz.1.1837 Not tainted syzkaller #0 PREEMPT(full) 
[  197.643834][T10889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  197.643840][T10889] Call Trace:
[  197.643844][T10889]  <TASK>
[  197.643848][T10889]  dump_stack_lvl+0x16c/0x1f0
[  197.643868][T10889]  should_fail_ex+0x512/0x640
[  197.643885][T10889]  _copy_to_user+0x32/0xd0
[  197.643900][T10889]  simple_read_from_buffer+0xcb/0x170
[  197.643919][T10889]  proc_fail_nth_read+0x197/0x240
[  197.643932][T10889]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  197.643945][T10889]  ? rw_verify_area+0xcf/0x6c0
[  197.643960][T10889]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  197.643971][T10889]  vfs_read+0x1e4/0xcf0
[  197.643983][T10889]  ? __pfx___mutex_lock+0x10/0x10
[  197.643994][T10889]  ? __pfx_vfs_read+0x10/0x10
[  197.644007][T10889]  ? __fget_files+0x20e/0x3c0
[  197.644021][T10889]  ksys_read+0x12a/0x250
[  197.644030][T10889]  ? __pfx_ksys_read+0x10/0x10
[  197.644040][T10889]  ? fput+0x9b/0xd0
[  197.644054][T10889]  do_syscall_64+0xcd/0xfa0
[  197.644065][T10889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.644076][T10889] RIP: 0033:0x7f1eaab8e0dc
[  197.644085][T10889] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  197.644095][T10889] RSP: 002b:00007f1eab9eb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  197.644106][T10889] RAX: ffffffffffffffda RBX: 00007f1eaade5fa0 RCX: 00007f1eaab8e0dc
[  197.644112][T10889] RDX: 000000000000000f RSI: 00007f1eab9eb0a0 RDI: 0000000000000003
[  197.644118][T10889] RBP: 00007f1eab9eb090 R08: 0000000000000000 R09: 0000000000000000
[  197.644129][T10889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.644135][T10889] R13: 00007f1eaade6038 R14: 00007f1eaade5fa0 R15: 00007ffdd36a4898
[  197.644149][T10889]  </TASK>
[  197.794132][T10895] FAULT_INJECTION: forcing a failure.
[  197.794132][T10895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.798346][T10895] CPU: 0 UID: 0 PID: 10895 Comm: syz.2.1840 Not tainted syzkaller #0 PREEMPT(full) 
[  197.798360][T10895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  197.798366][T10895] Call Trace:
[  197.798371][T10895]  <TASK>
[  197.798375][T10895]  dump_stack_lvl+0x16c/0x1f0
[  197.798395][T10895]  should_fail_ex+0x512/0x640
[  197.798410][T10895]  _copy_to_user+0x32/0xd0
[  197.798424][T10895]  simple_read_from_buffer+0xcb/0x170
[  197.798442][T10895]  proc_fail_nth_read+0x197/0x240
[  197.798455][T10895]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  197.798468][T10895]  ? rw_verify_area+0xcf/0x6c0
[  197.798483][T10895]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  197.798495][T10895]  vfs_read+0x1e4/0xcf0
[  197.798506][T10895]  ? __pfx___mutex_lock+0x10/0x10
[  197.798517][T10895]  ? __pfx_vfs_read+0x10/0x10
[  197.798530][T10895]  ? __fget_files+0x20e/0x3c0
[  197.798544][T10895]  ksys_read+0x12a/0x250
[  197.798553][T10895]  ? __pfx_ksys_read+0x10/0x10
[  197.798563][T10895]  ? fput+0x9b/0xd0
[  197.798577][T10895]  do_syscall_64+0xcd/0xfa0
[  197.798588][T10895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.798599][T10895] RIP: 0033:0x7f7b5038e0dc
[  197.798607][T10895] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  197.798618][T10895] RSP: 002b:00007f7b512d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  197.798628][T10895] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038e0dc
[  197.798634][T10895] RDX: 000000000000000f RSI: 00007f7b512d70a0 RDI: 0000000000000004
[  197.798640][T10895] RBP: 00007f7b512d7090 R08: 0000000000000000 R09: 0000000000000000
[  197.798646][T10895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.798652][T10895] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  197.798665][T10895]  </TASK>
[  197.936613][T10904] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  197.942021][T10904] syzkaller0: entered promiscuous mode
[  197.943779][T10904] syzkaller0: entered allmulticast mode
[  197.955792][T10902] tipc: Resetting bearer <eth:syzkaller0>
[  197.963875][T10902] tipc: Disabling bearer <eth:syzkaller0>
[  199.107972][ T6361] IPVS: starting estimator thread 0...
[  199.185779][T10956] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1860'.
[  199.190803][T10956] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1860'.
[  199.203498][   T40] audit: type=1400 audit(1762563379.495:560): avc:  denied  { ioctl } for  pid=10957 comm="syz.4.1861" path="socket:[29675]" dev="sockfs" ino=29675 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  199.217461][T10952] IPVS: using max 42 ests per chain, 100800 per kthread
[  199.309575][   T40] audit: type=1400 audit(1762563379.605:561): avc:  denied  { ioctl } for  pid=10963 comm="syz.4.1864" path="socket:[30536]" dev="sockfs" ino=30536 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  199.380712][T10964] veth1_to_team: mtu less than device minimum
[  199.428391][   T40] audit: type=1400 audit(1762563379.725:562): avc:  denied  { setopt } for  pid=10972 comm="syz.3.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  199.479217][ T9774] bridge0: port 3(syz_tun) entered disabled state
[  199.486162][ T9774] syz_tun (unregistering): left allmulticast mode
[  199.488259][ T9774] syz_tun (unregistering): left promiscuous mode
[  199.490597][ T9774] bridge0: port 3(syz_tun) entered disabled state
[  199.758541][ T1152] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  199.763583][ T1152] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.844922][ T1152] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  199.848395][ T1152] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.933557][ T5943] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  199.941788][ T5943] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  199.945532][ T5943] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  199.950563][ T5943] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  199.954250][ T5943] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  199.968742][ T5938] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  199.974083][ T5938] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  199.975157][ T1152] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  199.976602][ T5938] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  199.983411][ T5938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  199.986891][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  199.990167][   T40] audit: type=1400 audit(1762563380.285:563): avc:  denied  { getopt } for  pid=10981 comm="syz.1.1873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  199.996846][ T1152] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.020759][T10984] netlink: 236 bytes leftover after parsing attributes in process `syz.4.1872'.
[  200.025511][   T40] audit: type=1400 audit(1762563380.325:564): avc:  denied  { listen } for  pid=10982 comm="syz.4.1872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  200.048723][T10979] xfrm0 speed is unknown, defaulting to 1000
[  200.065026][T10990] FAULT_INJECTION: forcing a failure.
[  200.065026][T10990] name failslab, interval 1, probability 0, space 0, times 0
[  200.068937][T10990] CPU: 2 UID: 0 PID: 10990 Comm: syz.4.1875 Not tainted syzkaller #0 PREEMPT(full) 
[  200.068951][T10990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  200.068958][T10990] Call Trace:
[  200.068961][T10990]  <TASK>
[  200.068966][T10990]  dump_stack_lvl+0x16c/0x1f0
[  200.068985][T10990]  should_fail_ex+0x512/0x640
[  200.069000][T10990]  should_failslab+0xc2/0x120
[  200.069013][T10990]  kmem_cache_alloc_noprof+0x75/0x6e0
[  200.069030][T10990]  ? skb_clone+0x190/0x3f0
[  200.069046][T10990]  ? skb_clone+0x190/0x3f0
[  200.069058][T10990]  skb_clone+0x190/0x3f0
[  200.069072][T10990]  bpf_clone_redirect+0xb2/0x3f0
[  200.069087][T10990]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  200.069105][T10990]  bpf_prog_1939c40fbf65037b+0x5f/0x68
[  200.069114][T10990]  ? workqueue_offline_cpu+0x4e0/0x840
[  200.069133][T10990]  ? unwind_get_return_address+0x59/0xa0
[  200.069148][T10990]  ? __lock_acquire+0xb8a/0x1c90
[  200.069165][T10990]  ? __lock_acquire+0x622/0x1c90
[  200.069185][T10990]  ? find_held_lock+0x2b/0x80
[  200.069199][T10990]  ? ktime_get+0x200/0x310
[  200.069213][T10990]  ? lockdep_hardirqs_on+0x7c/0x110
[  200.069230][T10990]  ? ktime_get+0x1a7/0x310
[  200.069245][T10990]  ? __pfx___cant_migrate+0x10/0x10
[  200.069259][T10990]  ? bpf_test_timer_continue+0x13e/0x610
[  200.069272][T10990]  ? lockdep_hardirqs_on+0x7c/0x110
[  200.069288][T10990]  bpf_test_run+0x3d3/0xa60
[  200.069305][T10990]  ? __pfx_bpf_test_run+0x10/0x10
[  200.069328][T10990]  ? __asan_memset+0x23/0x50
[  200.069346][T10990]  bpf_prog_test_run_skb+0xbae/0x2290
[  200.069364][T10990]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  200.069380][T10990]  ? fput+0x9b/0xd0
[  200.069393][T10990]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  200.069408][T10990]  __sys_bpf+0x1035/0x4980
[  200.069426][T10990]  ? __pfx___sys_bpf+0x10/0x10
[  200.069440][T10990]  ? find_held_lock+0x2b/0x80
[  200.069456][T10990]  ? find_held_lock+0x2b/0x80
[  200.069471][T10990]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  200.069489][T10990]  ? fput+0x9b/0xd0
[  200.069501][T10990]  ? ksys_write+0x1ac/0x250
[  200.069510][T10990]  ? __pfx_ksys_write+0x10/0x10
[  200.069522][T10990]  __x64_sys_bpf+0x78/0xc0
[  200.069537][T10990]  ? lockdep_hardirqs_on+0x7c/0x110
[  200.069553][T10990]  do_syscall_64+0xcd/0xfa0
[  200.069563][T10990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.069574][T10990] RIP: 0033:0x7f6776b8f6c9
[  200.069582][T10990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.069592][T10990] RSP: 002b:00007f6777ad9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  200.069602][T10990] RAX: ffffffffffffffda RBX: 00007f6776de5fa0 RCX: 00007f6776b8f6c9
[  200.069608][T10990] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  200.069614][T10990] RBP: 00007f6777ad9090 R08: 0000000000000000 R09: 0000000000000000
[  200.069620][T10990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.069626][T10990] R13: 00007f6776de6038 R14: 00007f6776de5fa0 R15: 00007ffdbab8d8a8
[  200.069639][T10990]  </TASK>
[  200.192526][ T1152] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  200.196773][ T1152] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.245755][T10997] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1878'.
[  200.290699][   T40] audit: type=1400 audit(1762563380.595:565): avc:  denied  { setopt } for  pid=10996 comm="syz.1.1878" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  200.297682][T10997] ieee802154 phy1 wpan1: encryption failed: -22
[  200.321540][T10979] chnl_net:caif_netlink_parms(): no params data found
[  200.375484][ T1152] bridge_slave_1: left allmulticast mode
[  200.377578][   T40] audit: type=1400 audit(1762563380.675:566): avc:  denied  { kexec_image_load } for  pid=11002 comm="syz.2.1879" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  200.381075][ T1152] bridge_slave_1: left promiscuous mode
[  200.387056][ T1152] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.393198][ T1152] bridge_slave_0: left allmulticast mode
[  200.394971][ T1152] bridge_slave_0: left promiscuous mode
[  200.396790][ T1152] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.844060][ T1152] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  200.849091][ T1152] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  200.852878][ T1152] bond0 (unregistering): Released all slaves
[  200.859390][ T1152] bond1 (unregistering): Released all slaves
[  200.911014][T10979] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.913333][T10979] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.915662][T10979] bridge_slave_0: entered allmulticast mode
[  200.918404][T10979] bridge_slave_0: entered promiscuous mode
[  200.921689][T10979] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.923973][T10979] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.926297][T10979] bridge_slave_1: entered allmulticast mode
[  200.929166][T10979] bridge_slave_1: entered promiscuous mode
[  200.966830][ T1152] tipc: Left network mode
[  200.968869][T10979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.976507][T10979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.016475][ T1152] team0: Port device wlan1 removed
[  201.027031][T10979] team0: Port device team_slave_0 added
[  201.031550][T10979] team0: Port device team_slave_1 added
[  201.068868][T10979] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.073151][T10979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  201.084135][T10979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.090254][T10979] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.092505][T10979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  201.100788][T10979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.202818][T10979] hsr_slave_0: entered promiscuous mode
[  201.205119][T10979] hsr_slave_1: entered promiscuous mode
[  201.206193][   T40] audit: type=1400 audit(1762563381.505:567): avc:  denied  { listen } for  pid=11017 comm="syz.4.1882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  201.207463][T10979] debugfs: 'hsr0' already exists in 'hsr'
[  201.213017][   T40] audit: type=1400 audit(1762563381.505:568): avc:  denied  { accept } for  pid=11017 comm="syz.4.1882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  201.220828][T10979] Cannot create hsr debugfs directory
[  201.229364][T11023] can0: slcan on ttyprintk.
[  201.320962][ T1152] hsr_slave_0: left promiscuous mode
[  201.323580][ T1152] hsr_slave_1: left promiscuous mode
[  201.325793][ T1152] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  201.328427][ T1152] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.332606][ T1152] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.335040][ T1152] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.365129][ T1152] veth1_macvtap: left promiscuous mode
[  201.367150][ T1152] veth0_macvtap: left promiscuous mode
[  201.368960][ T1152] veth1_vlan: left promiscuous mode
[  201.370911][ T1152] veth0_vlan: left promiscuous mode
[  201.490037][T10045] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  201.650923][T10045] usb 7-1: config 0 has an invalid descriptor of length 235, skipping remainder of the config
[  201.654120][T10045] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  201.658367][T10045] usb 7-1: New USB device found, idVendor=13d8, idProduct=0010, bcdDevice=8f.72
[  201.661400][T10045] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.663914][T10045] usb 7-1: Product: syz
[  201.665255][T10045] usb 7-1: Manufacturer: syz
[  201.666968][T10045] usb 7-1: SerialNumber: syz
[  201.673435][T10045] usb 7-1: config 0 descriptor??
[  201.911347][ T1152] team0 (unregistering): Port device team_slave_1 removed
[  201.973356][ T1152] team0 (unregistering): Port device team_slave_0 removed
[  202.061194][ T5943] Bluetooth: hci0: command tx timeout
[  202.427126][T10045] usb 7-1: USB disconnect, device number 5
[  202.532600][T10979] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  202.536815][T10979] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  202.541105][T10979] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  202.545049][T10979] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  202.570729][T11022] can0 (unregistered): slcan off ttyprintk.
[  202.609135][T10979] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.614909][T11051] tmpfs: Unknown parameter '�01777777777777777777777�'
[  202.649509][T10979] 8021q: adding VLAN 0 to HW filter on device team0
[  202.655350][  T219] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.657964][  T219] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.669618][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.672165][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.688254][T10979] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  202.692107][T10979] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  202.718122][T11061] netlink: 'syz.4.1888': attribute type 1 has an invalid length.
[  202.721035][T11061] netlink: 228 bytes leftover after parsing attributes in process `syz.4.1888'.
[  202.731449][ T1152] IPVS: stop unused estimator thread 0...
[  202.764364][T11071] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1889'.
[  202.789350][T10979] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.924203][T10979] veth0_vlan: entered promiscuous mode
[  202.929045][T10979] veth1_vlan: entered promiscuous mode
[  202.950273][T10979] veth0_macvtap: entered promiscuous mode
[  202.955925][T10979] veth1_macvtap: entered promiscuous mode
[  202.966337][T10979] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.972428][T10979] batman_adv: batadv0: Interface activated: batadv_slave_1
[  202.980344][   T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.983211][   T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.986184][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.988892][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.019944][ T1152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.023961][ T1152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.036133][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.038624][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.041077][ T1471] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  203.049954][   T40] audit: type=1400 audit(1762563383.345:569): avc:  denied  { mounton } for  pid=10979 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  203.190560][ T1471] usb 9-1: Using ep0 maxpacket: 16
[  203.195310][ T1471] usb 9-1: config 0 has no interfaces?
[  203.197708][ T1471] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  203.202441][ T1471] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.206627][ T1471] usb 9-1: config 0 descriptor??
[  203.415430][T11076] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1890'.
[  203.422724][ T6361] usb 9-1: USB disconnect, device number 5
[  203.466573][   T40] audit: type=1400 audit(1762563383.765:570): avc:  denied  { create } for  pid=11099 comm="syz.2.1895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  203.724967][T11111] FAULT_INJECTION: forcing a failure.
[  203.724967][T11111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.729031][T11111] CPU: 2 UID: 0 PID: 11111 Comm: syz.2.1896 Not tainted syzkaller #0 PREEMPT(full) 
[  203.729045][T11111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.729052][T11111] Call Trace:
[  203.729056][T11111]  <TASK>
[  203.729060][T11111]  dump_stack_lvl+0x16c/0x1f0
[  203.729080][T11111]  should_fail_ex+0x512/0x640
[  203.729095][T11111]  _copy_to_user+0x32/0xd0
[  203.729109][T11111]  simple_read_from_buffer+0xcb/0x170
[  203.729130][T11111]  proc_fail_nth_read+0x197/0x240
[  203.729143][T11111]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  203.729156][T11111]  ? rw_verify_area+0xcf/0x6c0
[  203.729171][T11111]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  203.729183][T11111]  vfs_read+0x1e4/0xcf0
[  203.729194][T11111]  ? __pfx___mutex_lock+0x10/0x10
[  203.729205][T11111]  ? __pfx_vfs_read+0x10/0x10
[  203.729218][T11111]  ? __fget_files+0x20e/0x3c0
[  203.729232][T11111]  ksys_read+0x12a/0x250
[  203.729241][T11111]  ? __pfx_ksys_read+0x10/0x10
[  203.729254][T11111]  do_syscall_64+0xcd/0xfa0
[  203.729265][T11111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.729276][T11111] RIP: 0033:0x7f7b5038e0dc
[  203.729284][T11111] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  203.729294][T11111] RSP: 002b:00007f7b512d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  203.729304][T11111] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038e0dc
[  203.729311][T11111] RDX: 000000000000000f RSI: 00007f7b512d70a0 RDI: 0000000000000003
[  203.729317][T11111] RBP: 00007f7b512d7090 R08: 0000000000000000 R09: 0000000000000000
[  203.729323][T11111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.729329][T11111] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  203.729342][T11111]  </TASK>
[  203.812317][T11115] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  203.815526][T11115] /dev/nullb0: Can't open blockdev
[  204.107570][T11143] netlink: 2644 bytes leftover after parsing attributes in process `syz.2.1904'.
[  204.111672][   T40] audit: type=1400 audit(1762563384.415:571): avc:  denied  { getopt } for  pid=11133 comm="syz.2.1904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  204.149947][ T5943] Bluetooth: hci0: command tx timeout
[  204.216878][   T40] audit: type=1400 audit(1762563384.515:572): avc:  denied  { getopt } for  pid=11149 comm="syz.1.1906" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  204.272934][T11155] FAULT_INJECTION: forcing a failure.
[  204.272934][T11155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.278351][T11155] CPU: 1 UID: 0 PID: 11155 Comm: syz.1.1907 Not tainted syzkaller #0 PREEMPT(full) 
[  204.278374][T11155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.278385][T11155] Call Trace:
[  204.278392][T11155]  <TASK>
[  204.278400][T11155]  dump_stack_lvl+0x16c/0x1f0
[  204.278431][T11155]  should_fail_ex+0x512/0x640
[  204.278454][T11155]  _copy_from_iter+0x29f/0x1720
[  204.278479][T11155]  ? _copy_from_iter+0x15d/0x1720
[  204.278500][T11155]  ? __pfx__copy_from_iter+0x10/0x10
[  204.278524][T11155]  ? __pfx__copy_from_iter+0x10/0x10
[  204.278545][T11155]  ? _copy_from_iter+0x15d/0x1720
[  204.278568][T11155]  copy_page_from_iter+0xde/0x180
[  204.278593][T11155]  skb_copy_datagram_from_iter+0x2a0/0x740
[  204.278623][T11155]  tun_get_user+0x1850/0x3cc0
[  204.278659][T11155]  ? __pfx_tun_get_user+0x10/0x10
[  204.278684][T11155]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  204.278714][T11155]  ? find_held_lock+0x2b/0x80
[  204.278737][T11155]  ? tun_get+0x191/0x370
[  204.278763][T11155]  tun_chr_write_iter+0xdc/0x210
[  204.278788][T11155]  vfs_write+0x7d3/0x11d0
[  204.278812][T11155]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  204.278837][T11155]  ? __pfx_vfs_write+0x10/0x10
[  204.278851][T11155]  ? find_held_lock+0x2b/0x80
[  204.278888][T11155]  ksys_write+0x12a/0x250
[  204.278903][T11155]  ? __pfx_ksys_write+0x10/0x10
[  204.278927][T11155]  do_syscall_64+0xcd/0xfa0
[  204.278945][T11155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.278962][T11155] RIP: 0033:0x7f1eaab8f6c9
[  204.278976][T11155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.278992][T11155] RSP: 002b:00007f1eab9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  204.279008][T11155] RAX: ffffffffffffffda RBX: 00007f1eaade5fa0 RCX: 00007f1eaab8f6c9
[  204.279019][T11155] RDX: 000000000000fdef RSI: 0000200000000040 RDI: 0000000000000003
[  204.279030][T11155] RBP: 00007f1eab9eb090 R08: 0000000000000000 R09: 0000000000000000
[  204.279039][T11155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  204.279049][T11155] R13: 00007f1eaade6038 R14: 00007f1eaade5fa0 R15: 00007ffdd36a4898
[  204.279074][T11155]  </TASK>
[  204.638631][T11169] FAULT_INJECTION: forcing a failure.
[  204.638631][T11169] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.643366][T11169] CPU: 3 UID: 0 PID: 11169 Comm: syz.1.1911 Not tainted syzkaller #0 PREEMPT(full) 
[  204.643380][T11169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.643386][T11169] Call Trace:
[  204.643390][T11169]  <TASK>
[  204.643394][T11169]  dump_stack_lvl+0x16c/0x1f0
[  204.643414][T11169]  should_fail_ex+0x512/0x640
[  204.643428][T11169]  _copy_from_user+0x2e/0xd0
[  204.643442][T11169]  copy_msghdr_from_user+0x98/0x160
[  204.643456][T11169]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  204.643469][T11169]  ? lockdep_hardirqs_on+0x7c/0x110
[  204.643487][T11169]  ? kfree+0x2b8/0x6d0
[  204.643500][T11169]  ? ___sys_sendmsg+0x141/0x1d0
[  204.643516][T11169]  ___sys_sendmsg+0xfe/0x1d0
[  204.643530][T11169]  ? __pfx____sys_sendmsg+0x10/0x10
[  204.643555][T11169]  ? __pfx___might_resched+0x10/0x10
[  204.643572][T11169]  __sys_sendmmsg+0x200/0x420
[  204.643587][T11169]  ? __pfx___sys_sendmmsg+0x10/0x10
[  204.643604][T11169]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  204.643620][T11169]  ? fput+0x9b/0xd0
[  204.643633][T11169]  ? ksys_write+0x1ac/0x250
[  204.643643][T11169]  ? __pfx_ksys_write+0x10/0x10
[  204.643654][T11169]  __x64_sys_sendmmsg+0x9c/0x100
[  204.643668][T11169]  ? lockdep_hardirqs_on+0x7c/0x110
[  204.643683][T11169]  do_syscall_64+0xcd/0xfa0
[  204.643694][T11169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.643704][T11169] RIP: 0033:0x7f1eaab8f6c9
[  204.643713][T11169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.643723][T11169] RSP: 002b:00007f1eab9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  204.643733][T11169] RAX: ffffffffffffffda RBX: 00007f1eaade5fa0 RCX: 00007f1eaab8f6c9
[  204.643740][T11169] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003
[  204.643746][T11169] RBP: 00007f1eab9eb090 R08: 0000000000000000 R09: 0000000000000000
[  204.643752][T11169] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000002
[  204.643758][T11169] R13: 00007f1eaade6038 R14: 00007f1eaade5fa0 R15: 00007ffdd36a4898
[  204.643771][T11169]  </TASK>
[  204.769583][T11171] netlink: 'syz.1.1912': attribute type 12 has an invalid length.
[  204.773329][T11171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1912'.
[  204.780621][   T61] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  204.781078][T11171] netlink: 'syz.1.1912': attribute type 12 has an invalid length.
[  204.783500][   T61] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  204.783528][   T61] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  204.783558][   T61] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  204.786020][T11171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1912'.
[  204.799559][T11171] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1912'.
[  204.804700][T11171] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  204.900867][T11186] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ2
[  205.003498][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  205.003508][   T40] audit: type=1400 audit(1762563385.305:574): avc:  denied  { append } for  pid=11197 comm="syz.4.1918" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  205.288418][T11224] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1922'.
[  205.410635][ T5986] e1000 0000:00:06.0 eth0: Reset adapter
[  205.520131][ T5986] e1000 0000:00:06.0 eth0: Reset adapter
[  205.722627][T11238] bridge0: port 3(syz_tun) entered disabled state
[  205.738323][T11238] netlink: 'syz.1.1924': attribute type 1 has an invalid length.
[  205.741234][T11238] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1924'.
[  206.219864][ T5943] Bluetooth: hci0: command tx timeout
[  207.662512][ T6361] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  208.299996][ T5943] Bluetooth: hci0: command tx timeout
[  223.453168][T11317] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  223.573035][T11317] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1934'.
[  223.665862][T11333] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1935'.
[  224.779741][ T5986] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  224.951977][ T5986] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  224.955185][ T5986] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  224.957931][ T5986] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  224.961013][ T5986] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.964854][ T5986] usb 6-1: config 0 descriptor??
[  224.968263][ T5986] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  224.970918][ T5986] dvb-usb: bulk message failed: -22 (3/0)
[  224.980411][ T5986] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  224.983619][ T5986] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  224.986032][ T5986] usb 6-1: media controller created
[  224.988956][ T5986] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  224.996752][ T5986] dvb-usb: bulk message failed: -22 (6/0)
[  224.998722][ T5986] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  225.002673][ T5986] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input11
[  225.009301][ T5986] dvb-usb: schedule remote query interval to 150 msecs.
[  225.011572][ T5986] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  225.168273][T11366] dvb-usb: bulk message failed: -22 (4/0)
[  225.173820][ T5986] dvb-usb: bulk message failed: -22 (1/0)
[  225.177401][ T5986] dvb-usb: error while querying for an remote control event.
[  225.180564][ T6361] usb 6-1: USB disconnect, device number 5
[  225.196883][ T6361] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  225.822763][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  235.155981][T11389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1946'.
[  235.258213][   T40] audit: type=1400 audit(1762563415.555:575): avc:  denied  { getopt } for  pid=11392 comm="syz.4.1944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  235.291746][  T842] e1000 0000:00:06.0 eth0: Reset adapter
[  236.460614][T11398] Set syz1 is full, maxelem 65536 reached
[  238.301626][    T9] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  249.063075][T11458] exFAT-fs (nullb0): mounting with "discard" option, but the device does not support discard
[  249.067799][T11458] exFAT-fs (nullb0): invalid boot record signature
[  249.070273][T11458] exFAT-fs (nullb0): failed to read boot sector
[  249.072986][T11458] exFAT-fs (nullb0): failed to recognize exfat type
[  250.309888][ T6022] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  250.459809][ T6022] usb 10-1: Using ep0 maxpacket: 8
[  250.463416][ T6022] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  250.466645][ T6022] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  250.470258][ T6022] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  250.473360][ T6022] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  250.477477][ T6022] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  250.480965][ T6022] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.694439][ T6022] usb 10-1: GET_CAPABILITIES returned 0
[  250.696285][ T6022] usbtmc 10-1:16.0: can't read capabilities
[  250.898006][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  250.902546][ T6022] usb 10-1: USB disconnect, device number 2
[  251.221624][T11486] Set syz1 is full, maxelem 65536 reached
[  251.434304][T11506] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  251.442689][T11506] FAULT_INJECTION: forcing a failure.
[  251.442689][T11506] name failslab, interval 1, probability 0, space 0, times 0
[  251.446847][T11506] CPU: 2 UID: 0 PID: 11506 Comm: syz.5.1973 Not tainted syzkaller #0 PREEMPT(full) 
[  251.446861][T11506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.446868][T11506] Call Trace:
[  251.446873][T11506]  <TASK>
[  251.446877][T11506]  dump_stack_lvl+0x16c/0x1f0
[  251.446898][T11506]  should_fail_ex+0x512/0x640
[  251.446913][T11506]  should_failslab+0xc2/0x120
[  251.446926][T11506]  __kmalloc_cache_noprof+0x72/0x780
[  251.446942][T11506]  ? sctp_add_bind_addr+0xae/0x3f0
[  251.446959][T11506]  ? sctp_add_bind_addr+0xae/0x3f0
[  251.446973][T11506]  sctp_add_bind_addr+0xae/0x3f0
[  251.446989][T11506]  sctp_copy_local_addr_list+0x349/0x550
[  251.447007][T11506]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  251.447025][T11506]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  251.447036][T11506]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  251.447052][T11506]  sctp_bind_addr_copy+0xe0/0x530
[  251.447070][T11506]  sctp_connect_new_asoc+0x1c9/0x770
[  251.447083][T11506]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  251.447101][T11506]  sctp_sendmsg+0x1557/0x1e00
[  251.447115][T11506]  ? __lock_acquire+0xb8a/0x1c90
[  251.447132][T11506]  ? __pfx_sctp_sendmsg+0x10/0x10
[  251.447150][T11506]  ? __pfx_sock_has_perm+0x10/0x10
[  251.447183][T11506]  ? __import_iovec+0x1dd/0x650
[  251.447207][T11506]  ? __pfx_sctp_sendmsg+0x10/0x10
[  251.447227][T11506]  inet_sendmsg+0x11c/0x140
[  251.447249][T11506]  ____sys_sendmsg+0x973/0xc70
[  251.447263][T11506]  ? copy_msghdr_from_user+0x10a/0x160
[  251.447277][T11506]  ? __pfx_____sys_sendmsg+0x10/0x10
[  251.447293][T11506]  ___sys_sendmsg+0x134/0x1d0
[  251.447307][T11506]  ? __pfx____sys_sendmsg+0x10/0x10
[  251.447333][T11506]  ? __lock_acquire+0x622/0x1c90
[  251.447365][T11506]  __sys_sendmsg+0x16d/0x220
[  251.447379][T11506]  ? __pfx___sys_sendmsg+0x10/0x10
[  251.447401][T11506]  do_syscall_64+0xcd/0xfa0
[  251.447411][T11506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.447423][T11506] RIP: 0033:0x7fc680d8f6c9
[  251.447432][T11506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.447442][T11506] RSP: 002b:00007fc67eff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  251.447452][T11506] RAX: ffffffffffffffda RBX: 00007fc680fe5fa0 RCX: 00007fc680d8f6c9
[  251.447458][T11506] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000000000000006
[  251.447464][T11506] RBP: 00007fc67eff6090 R08: 0000000000000000 R09: 0000000000000000
[  251.447470][T11506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  251.447476][T11506] R13: 00007fc680fe6038 R14: 00007fc680fe5fa0 R15: 00007ffc27c58b28
[  251.447489][T11506]  </TASK>
[  251.625517][ T2303] IPVS: starting estimator thread 0...
[  251.645594][T11515] FAULT_INJECTION: forcing a failure.
[  251.645594][T11515] name failslab, interval 1, probability 0, space 0, times 0
[  251.650923][T11515] CPU: 0 UID: 0 PID: 11515 Comm: syz.1.1977 Not tainted syzkaller #0 PREEMPT(full) 
[  251.650958][T11515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.650969][T11515] Call Trace:
[  251.650975][T11515]  <TASK>
[  251.650981][T11515]  dump_stack_lvl+0x16c/0x1f0
[  251.651012][T11515]  should_fail_ex+0x512/0x640
[  251.651037][T11515]  should_failslab+0xc2/0x120
[  251.651058][T11515]  kmem_cache_alloc_noprof+0x75/0x6e0
[  251.651084][T11515]  ? skb_clone+0x190/0x3f0
[  251.651111][T11515]  ? skb_clone+0x190/0x3f0
[  251.651132][T11515]  skb_clone+0x190/0x3f0
[  251.651154][T11515]  bpf_clone_redirect+0xb2/0x3f0
[  251.651179][T11515]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  251.651208][T11515]  bpf_prog_1939c40fbf65037b+0x5f/0x68
[  251.651224][T11515]  ? workqueue_offline_cpu+0x4e0/0x840
[  251.651259][T11515]  ? __pfx___schedule+0x10/0x10
[  251.651281][T11515]  ? __lock_acquire+0x622/0x1c90
[  251.651316][T11515]  ? find_held_lock+0x2b/0x80
[  251.651338][T11515]  ? preempt_schedule_thunk+0x16/0x30
[  251.651366][T11515]  ? preempt_schedule_common+0x44/0xc0
[  251.651392][T11515]  ? preempt_schedule_thunk+0x16/0x30
[  251.651419][T11515]  ? __pfx___cant_migrate+0x10/0x10
[  251.651442][T11515]  ? bpf_test_timer_continue+0x13e/0x610
[  251.651464][T11515]  ? lockdep_hardirqs_on+0x7c/0x110
[  251.651491][T11515]  bpf_test_run+0x3d3/0xa60
[  251.651520][T11515]  ? __pfx_bpf_test_run+0x10/0x10
[  251.651562][T11515]  ? __asan_memset+0x23/0x50
[  251.651591][T11515]  bpf_prog_test_run_skb+0xbae/0x2290
[  251.651624][T11515]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  251.651650][T11515]  ? fput+0x9b/0xd0
[  251.651679][T11515]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  251.651702][T11515]  __sys_bpf+0x1035/0x4980
[  251.651732][T11515]  ? __pfx___sys_bpf+0x10/0x10
[  251.651755][T11515]  ? find_held_lock+0x2b/0x80
[  251.651782][T11515]  ? find_held_lock+0x2b/0x80
[  251.651809][T11515]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  251.651842][T11515]  ? fput+0x9b/0xd0
[  251.651863][T11515]  ? ksys_write+0x1ac/0x250
[  251.651879][T11515]  ? __pfx_ksys_write+0x10/0x10
[  251.651899][T11515]  __x64_sys_bpf+0x78/0xc0
[  251.651924][T11515]  ? lockdep_hardirqs_on+0x7c/0x110
[  251.651950][T11515]  do_syscall_64+0xcd/0xfa0
[  251.651968][T11515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.651985][T11515] RIP: 0033:0x7f1eaab8f6c9
[  251.651999][T11515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.652015][T11515] RSP: 002b:00007f1eab9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  251.652031][T11515] RAX: ffffffffffffffda RBX: 00007f1eaade5fa0 RCX: 00007f1eaab8f6c9
[  251.652043][T11515] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  251.652053][T11515] RBP: 00007f1eab9eb090 R08: 0000000000000000 R09: 0000000000000000
[  251.652062][T11515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  251.652073][T11515] R13: 00007f1eaade6038 R14: 00007f1eaade5fa0 R15: 00007ffdd36a4898
[  251.652098][T11515]  </TASK>
[  251.719786][T11513] IPVS: using max 42 ests per chain, 100800 per kthread
[  251.721265][    C0] vkms_vblank_simulate: vblank timer overrun
[  251.771336][    C0] vkms_vblank_simulate: vblank timer overrun
[  251.778456][T11516] IPVS: set_ctl: invalid protocol: 33 10.1.1.1:20003
[  252.688394][   T40] audit: type=1400 audit(1762563432.985:576): avc:  denied  { setopt } for  pid=11533 comm="syz.1.1985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  252.694546][   T40] audit: type=1400 audit(1762563432.985:577): avc:  denied  { setattr } for  pid=11533 comm="syz.1.1985" name="/" dev="9p" ino=71827697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  252.696533][T11534] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1985'.
[  252.704556][T11534] netem: change failed
[  252.954708][ T5938] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  252.958880][ T5938] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  252.962126][ T5938] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  252.965118][ T5938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  252.967785][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  252.986794][T11545] xfrm0 speed is unknown, defaulting to 1000
[  253.136242][T11545] chnl_net:caif_netlink_parms(): no params data found
[  253.222106][T11545] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.224459][T11545] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.226768][T11545] bridge_slave_0: entered allmulticast mode
[  253.229302][T11545] bridge_slave_0: entered promiscuous mode
[  253.232481][T11545] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.234739][T11545] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.236961][T11545] bridge_slave_1: entered allmulticast mode
[  253.239550][T11545] bridge_slave_1: entered promiscuous mode
[  253.271870][T11545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.276242][T11545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.306519][T11545] team0: Port device team_slave_0 added
[  253.311324][T11545] team0: Port device team_slave_1 added
[  253.348798][   T40] audit: type=1400 audit(1762563433.645:578): avc:  denied  { ioctl } for  pid=11555 comm="syz.4.1991" path="socket:[36297]" dev="sockfs" ino=36297 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  253.361616][T11545] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.362842][   T40] audit: type=1400 audit(1762563433.665:579): avc:  denied  { read } for  pid=11555 comm="syz.4.1991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  253.364058][T11545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  253.364074][T11545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.365229][T11545] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.389070][T11545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  253.399943][T11545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.417599][T11557] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  253.452842][T11545] hsr_slave_0: entered promiscuous mode
[  253.455150][T11545] hsr_slave_1: entered promiscuous mode
[  253.457263][T11545] debugfs: 'hsr0' already exists in 'hsr'
[  253.459049][T11545] Cannot create hsr debugfs directory
[  253.599477][T11545] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.684630][T11545] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.773508][T11545] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.853282][T11545] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.886987][   T40] audit: type=1400 audit(1762563434.185:580): avc:  denied  { execute } for  pid=11565 comm="syz.1.1995" path="/blkio.bfq.io_wait_time" dev="ramfs" ino=33361 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  253.962036][T11545] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  253.966204][T11545] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  253.971347][T11545] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  253.975428][T11545] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  254.014145][T11545] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.024030][T11545] 8021q: adding VLAN 0 to HW filter on device team0
[  254.030188][ T1152] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.032424][ T1152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.039286][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.041598][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.137481][T11545] 8021q: adding VLAN 0 to HW filter on device batadv0
[  254.254834][T11545] veth0_vlan: entered promiscuous mode
[  254.260686][T11545] veth1_vlan: entered promiscuous mode
[  254.279073][T11545] veth0_macvtap: entered promiscuous mode
[  254.283044][T11545] veth1_macvtap: entered promiscuous mode
[  254.291920][T11545] batman_adv: batadv0: Interface activated: batadv_slave_0
[  254.297278][T11545] batman_adv: batadv0: Interface activated: batadv_slave_1
[  254.303834][   T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.306837][   T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.311045][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.314036][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.351524][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.354351][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.372413][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.374951][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.555562][T11619] "syz.5.2006" (11619) uses obsolete ecb(arc4) skcipher
[  254.565283][   T40] audit: type=1400 audit(1762563434.865:581): avc:  denied  { getopt } for  pid=11617 comm="syz.5.2006" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  254.565377][T11619] tmpfs: Bad value for 'gid'
[  254.575748][T11619] tmpfs: Bad value for 'gid'
[  254.594647][   T40] audit: type=1400 audit(1762563434.895:582): avc:  denied  { read } for  pid=11638 comm="syz.4.2011" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  254.614434][T11625] kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[  254.620216][T11625] kvm: requested 69561 ns i8254 timer period limited to 200000 ns
[  254.626289][T11625] kvm: requested 71238 ns i8254 timer period limited to 200000 ns
[  254.659307][T11625] kvm: requested 129904 ns i8254 timer period limited to 200000 ns
[  254.663621][T11625] kvm: requested 190247 ns i8254 timer period limited to 200000 ns
[  254.694230][T11625] kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[  254.779479][T11653] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  254.908335][T11655] sp0: Synchronizing with TNC
[  255.029968][ T5938] Bluetooth: hci0: command tx timeout
[  255.065510][T11657] mmap: syz.2.2017 (11657) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  255.072293][T11657] netlink: 212924 bytes leftover after parsing attributes in process `syz.2.2017'.
[  255.079442][   T40] audit: type=1400 audit(1762563435.375:583): avc:  denied  { remount } for  pid=11670 comm="syz.1.2022" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  255.082406][T11671] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  255.086008][   T40] audit: type=1400 audit(1762563435.385:584): avc:  denied  { getattr } for  pid=11670 comm="syz.1.2022" name="/" dev="9p" ino=71827697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  255.097006][   T40] audit: type=1400 audit(1762563435.395:585): avc:  denied  { read } for  pid=11670 comm="syz.1.2022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  255.431922][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  255.650641][T11692] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  255.844007][T11707] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  255.846714][T11707] syzkaller0: entered promiscuous mode
[  255.848445][T11707] syzkaller0: entered allmulticast mode
[  256.027949][T11707] tipc: Resetting bearer <eth:syzkaller0>
[  256.033912][T11706] tipc: Resetting bearer <eth:syzkaller0>
[  256.042104][T11706] tipc: Disabling bearer <eth:syzkaller0>
[  256.247964][T11716] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  256.250671][T11718] netlink: 'syz.2.2039': attribute type 29 has an invalid length.
[  256.251768][T11716] block device autoloading is deprecated and will be removed.
[  256.253711][T11718] netlink: 'syz.2.2039': attribute type 3 has an invalid length.
[  256.258539][T11718] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2039'.
[  256.332431][T11714] md: could not open device unknown-block(0,0).
[  256.334801][T11714] md: md_import_device returned -6
[  256.593576][T11739] program syz.5.2046 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  256.596853][T11739] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2046'.
[  256.596909][T11740] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2046'.
[  256.699798][T11747] FAULT_INJECTION: forcing a failure.
[  256.699798][T11747] name failslab, interval 1, probability 0, space 0, times 0
[  256.703944][T11747] CPU: 2 UID: 0 PID: 11747 Comm: syz.4.2049 Not tainted syzkaller #0 PREEMPT(full) 
[  256.703957][T11747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  256.703964][T11747] Call Trace:
[  256.703968][T11747]  <TASK>
[  256.703972][T11747]  dump_stack_lvl+0x16c/0x1f0
[  256.703992][T11747]  should_fail_ex+0x512/0x640
[  256.704007][T11747]  should_failslab+0xc2/0x120
[  256.704033][T11747]  __kmalloc_cache_noprof+0x72/0x780
[  256.704056][T11747]  ? sctp_add_bind_addr+0xae/0x3f0
[  256.704081][T11747]  ? sctp_add_bind_addr+0xae/0x3f0
[  256.704097][T11747]  sctp_add_bind_addr+0xae/0x3f0
[  256.704113][T11747]  sctp_copy_local_addr_list+0x349/0x550
[  256.704132][T11747]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  256.704150][T11747]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  256.704161][T11747]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  256.704177][T11747]  sctp_bind_addr_copy+0xe0/0x530
[  256.704195][T11747]  sctp_connect_new_asoc+0x1c9/0x770
[  256.704208][T11747]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  256.704226][T11747]  sctp_sendmsg+0x1557/0x1e00
[  256.704240][T11747]  ? __lock_acquire+0xb8a/0x1c90
[  256.704257][T11747]  ? __pfx_sctp_sendmsg+0x10/0x10
[  256.704272][T11747]  ? __pfx_sock_has_perm+0x10/0x10
[  256.704298][T11747]  ? __import_iovec+0x1dd/0x650
[  256.704313][T11747]  ? __pfx_sctp_sendmsg+0x10/0x10
[  256.704325][T11747]  inet_sendmsg+0x11c/0x140
[  256.704339][T11747]  ____sys_sendmsg+0x973/0xc70
[  256.704350][T11747]  ? copy_msghdr_from_user+0x10a/0x160
[  256.704363][T11747]  ? __pfx_____sys_sendmsg+0x10/0x10
[  256.704379][T11747]  ___sys_sendmsg+0x134/0x1d0
[  256.704393][T11747]  ? __pfx____sys_sendmsg+0x10/0x10
[  256.704405][T11747]  ? __lock_acquire+0x622/0x1c90
[  256.704438][T11747]  __sys_sendmsg+0x16d/0x220
[  256.704452][T11747]  ? __pfx___sys_sendmsg+0x10/0x10
[  256.704475][T11747]  do_syscall_64+0xcd/0xfa0
[  256.704486][T11747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.704496][T11747] RIP: 0033:0x7f6776b8f6c9
[  256.704506][T11747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.704516][T11747] RSP: 002b:00007f6777ad9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  256.704526][T11747] RAX: ffffffffffffffda RBX: 00007f6776de5fa0 RCX: 00007f6776b8f6c9
[  256.704533][T11747] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000000000000006
[  256.704539][T11747] RBP: 00007f6777ad9090 R08: 0000000000000000 R09: 0000000000000000
[  256.704547][T11747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  256.704553][T11747] R13: 00007f6776de6038 R14: 00007f6776de5fa0 R15: 00007ffdbab8d8a8
[  256.704567][T11747]  </TASK>
[  257.100030][ T5938] Bluetooth: hci0: command tx timeout
[  257.164246][T11772] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  257.170040][T11772] iommufd_mock iommufd_mock1: Adding to iommu group 10
[  257.986653][T11789] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  257.990411][T11789] syzkaller0: entered promiscuous mode
[  257.992212][T11789] syzkaller0: entered allmulticast mode
[  258.009165][T11791] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  258.010434][T11789] tipc: Resetting bearer <eth:syzkaller0>
[  258.012707][T11791] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  258.018861][T11791] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  258.021990][T11791] overlayfs: conflicting lowerdir path
[  258.022123][T11788] tipc: Resetting bearer <eth:syzkaller0>
[  258.034249][T11788] tipc: Disabling bearer <eth:syzkaller0>
[  258.056943][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  258.056952][   T40] audit: type=1400 audit(1762563438.355:600): avc:  denied  { mount } for  pid=11792 comm="syz.5.2068" name="/" dev="9p" ino=71827697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  258.082391][T11797] loop5: detected capacity change from 0 to 7
[  258.094456][T11459] Dev loop5: unable to read RDB block 7
[  258.096642][T11459]  loop5: unable to read partition table
[  258.099018][T11459] loop5: partition table beyond EOD, truncated
[  258.110747][T11797] Dev loop5: unable to read RDB block 7
[  258.112921][T11797]  loop5: unable to read partition table
[  258.115210][T11797] loop5: partition table beyond EOD, truncated
[  258.118663][T11797] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  258.381201][T10045] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  258.483533][   T40] audit: type=1400 audit(1762563438.785:601): avc:  denied  { unmount } for  pid=11545 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  258.530893][T10045] usb 9-1: Using ep0 maxpacket: 8
[  258.535308][T10045] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  258.539337][T10045] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  258.544449][T10045] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  258.548517][T10045] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  258.552788][T10045] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  258.555606][T10045] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.648794][T11813] macvtap1: entered promiscuous mode
[  258.650854][T11813] macvtap1: entered allmulticast mode
[  258.652880][T11813] veth1_to_bridge: entered promiscuous mode
[  258.655035][T11813] veth1_to_bridge: entered allmulticast mode
[  258.657839][T11813] team0: Device macvtap1 failed to register rx_handler
[  258.660775][T11813] veth1_to_bridge: left allmulticast mode
[  258.662806][T11813] veth1_to_bridge: left promiscuous mode
[  258.767989][T10045] usb 9-1: GET_CAPABILITIES returned 0
[  258.770008][T10045] usbtmc 9-1:16.0: can't read capabilities
[  258.779036][   T40] audit: type=1400 audit(1762563439.075:602): avc:  denied  { append } for  pid=11814 comm="syz.5.2077" name="001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  258.788766][   T40] audit: type=1400 audit(1762563439.085:603): avc:  denied  { map } for  pid=11814 comm="syz.5.2077" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  258.807207][   T40] audit: type=1400 audit(1762563439.105:604): avc:  denied  { accept } for  pid=11816 comm="syz.1.2078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  258.934179][T11834] netlink: 'syz.1.2084': attribute type 10 has an invalid length.
[  258.936629][T11834] team0: Cannot enslave team device to itself
[  258.971854][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  258.975637][  T842] usb 9-1: USB disconnect, device number 6
[  258.985699][T11838] FAULT_INJECTION: forcing a failure.
[  258.985699][T11838] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.989970][T11838] CPU: 3 UID: 0 PID: 11838 Comm: syz.5.2086 Not tainted syzkaller #0 PREEMPT(full) 
[  258.989984][T11838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.989990][T11838] Call Trace:
[  258.989994][T11838]  <TASK>
[  258.989998][T11838]  dump_stack_lvl+0x16c/0x1f0
[  258.990017][T11838]  should_fail_ex+0x512/0x640
[  258.990032][T11838]  _copy_from_user+0x2e/0xd0
[  258.990045][T11838]  move_addr_to_kernel+0x65/0x170
[  258.990057][T11838]  __sys_connect+0xb1/0x160
[  258.990069][T11838]  ? __pfx___sys_connect+0x10/0x10
[  258.990085][T11838]  ? __pfx_ksys_write+0x10/0x10
[  258.990098][T11838]  __x64_sys_connect+0x72/0xb0
[  258.990109][T11838]  ? lockdep_hardirqs_on+0x7c/0x110
[  258.990125][T11838]  do_syscall_64+0xcd/0xfa0
[  258.990136][T11838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.990146][T11838] RIP: 0033:0x7f4be558f6c9
[  258.990154][T11838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.990164][T11838] RSP: 002b:00007f4be6381038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  258.990174][T11838] RAX: ffffffffffffffda RBX: 00007f4be57e5fa0 RCX: 00007f4be558f6c9
[  258.990181][T11838] RDX: 0000000000000040 RSI: 0000200000000100 RDI: 0000000000000009
[  258.990187][T11838] RBP: 00007f4be6381090 R08: 0000000000000000 R09: 0000000000000000
[  258.990193][T11838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.990198][T11838] R13: 00007f4be57e6038 R14: 00007f4be57e5fa0 R15: 00007fff034cfc48
[  258.990211][T11838]  </TASK>
[  259.056462][   T40] audit: type=1400 audit(1762563439.355:605): avc:  denied  { map } for  pid=11844 comm="syz.5.2088" path="socket:[35811]" dev="sockfs" ino=35811 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  259.064362][   T40] audit: type=1400 audit(1762563439.355:606): avc:  denied  { read } for  pid=11844 comm="syz.5.2088" path="socket:[35811]" dev="sockfs" ino=35811 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  259.189944][ T5938] Bluetooth: hci0: command tx timeout
[  259.509637][   T40] audit: type=1400 audit(1762563439.805:607): avc:  denied  { setopt } for  pid=11846 comm="syz.4.2089" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  259.645217][   T40] audit: type=1400 audit(1762563439.945:608): avc:  denied  { module_load } for  pid=11850 comm="syz.4.2090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  259.645277][T11851] Invalid ELF header type: 3 != 1
[  259.656406][T11851] Invalid ELF header type: 2 != 1
[  259.658262][T11851] Invalid ELF header type: 2 != 1
[  259.661212][T11851] Invalid ELF header type: 3 != 1
[  259.664638][T11851] Invalid ELF header type: 0 != 1
[  259.767023][T11859] vivid-007: =================  START STATUS  =================
[  259.767055][T11859] vivid-007: Generate PTS: true
[  259.767079][T11859] vivid-007: Generate SCR: true
[  259.767091][T11859] tpg source WxH: 320x240 (Y'CbCr)
[  259.767097][T11859] tpg field: 1
[  259.767101][T11859] tpg crop: (0,0)/320x240
[  259.767108][T11859] tpg compose: (0,0)/320x240
[  259.767115][T11859] tpg colorspace: 8
[  259.767119][T11859] tpg transfer function: 0/0
[  259.767124][T11859] tpg Y'CbCr encoding: 0/0
[  259.767129][T11859] tpg quantization: 0/0
[  259.767133][T11859] tpg RGB range: 0/2
[  259.767138][T11859] vivid-007: ==================  END STATUS  ==================
[  259.795656][   T40] audit: type=1400 audit(1762563440.095:609): avc:  denied  { append } for  pid=11856 comm="syz.2.2093" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  259.799050][T11861] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  259.807707][T11861] syzkaller0: entered promiscuous mode
[  259.809453][T11861] syzkaller0: entered allmulticast mode
[  259.833187][T11860] tipc: Resetting bearer <eth:syzkaller0>
[  259.847247][T11860] tipc: Disabling bearer <eth:syzkaller0>
[  259.965238][T11871] FAULT_INJECTION: forcing a failure.
[  259.965238][T11871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.969303][T11871] CPU: 3 UID: 0 PID: 11871 Comm: syz.4.2099 Not tainted syzkaller #0 PREEMPT(full) 
[  259.969317][T11871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  259.969324][T11871] Call Trace:
[  259.969338][T11871]  <TASK>
[  259.969343][T11871]  dump_stack_lvl+0x16c/0x1f0
[  259.969396][T11871]  should_fail_ex+0x512/0x640
[  259.969416][T11871]  _copy_from_user+0x2e/0xd0
[  259.969429][T11871]  move_addr_to_kernel+0x65/0x170
[  259.969441][T11871]  __sys_connect+0xb1/0x160
[  259.969453][T11871]  ? __pfx___sys_connect+0x10/0x10
[  259.969469][T11871]  ? __pfx_ksys_write+0x10/0x10
[  259.969483][T11871]  __x64_sys_connect+0x72/0xb0
[  259.969494][T11871]  ? lockdep_hardirqs_on+0x7c/0x110
[  259.969510][T11871]  do_syscall_64+0xcd/0xfa0
[  259.969521][T11871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.969532][T11871] RIP: 0033:0x7f6776b8f6c9
[  259.969541][T11871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.969551][T11871] RSP: 002b:00007f6777ad9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  259.969561][T11871] RAX: ffffffffffffffda RBX: 00007f6776de5fa0 RCX: 00007f6776b8f6c9
[  259.969568][T11871] RDX: 0000000000000040 RSI: 0000200000000180 RDI: 0000000000000007
[  259.969574][T11871] RBP: 00007f6777ad9090 R08: 0000000000000000 R09: 0000000000000000
[  259.969580][T11871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.969586][T11871] R13: 00007f6776de6038 R14: 00007f6776de5fa0 R15: 00007ffdbab8d8a8
[  259.969599][T11871]  </TASK>
[  260.902459][T11886] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  260.904887][T11886] syzkaller0: entered promiscuous mode
[  260.906742][T11886] syzkaller0: entered allmulticast mode
[  260.920012][T11886] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  260.923536][T11886] tipc: Resetting bearer <eth:syzkaller0>
[  260.929774][T11885] tipc: Resetting bearer <eth:syzkaller0>
[  260.939291][T11885] tipc: Disabling bearer <eth:syzkaller0>
[  261.000705][T11889] FAULT_INJECTION: forcing a failure.
[  261.000705][T11889] name failslab, interval 1, probability 0, space 0, times 0
[  261.004768][T11889] CPU: 1 UID: 0 PID: 11889 Comm: syz.2.2105 Not tainted syzkaller #0 PREEMPT(full) 
[  261.004782][T11889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  261.004788][T11889] Call Trace:
[  261.004792][T11889]  <TASK>
[  261.004796][T11889]  dump_stack_lvl+0x16c/0x1f0
[  261.004816][T11889]  should_fail_ex+0x512/0x640
[  261.004829][T11889]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  261.004843][T11889]  should_failslab+0xc2/0x120
[  261.004857][T11889]  kmem_cache_alloc_noprof+0x75/0x6e0
[  261.004872][T11889]  ? skb_clone+0x190/0x3f0
[  261.004889][T11889]  ? skb_clone+0x190/0x3f0
[  261.004901][T11889]  skb_clone+0x190/0x3f0
[  261.004915][T11889]  netlink_deliver_tap+0xabd/0xd30
[  261.004933][T11889]  netlink_unicast+0x64c/0x870
[  261.004950][T11889]  ? __pfx_netlink_unicast+0x10/0x10
[  261.004970][T11889]  netlink_sendmsg+0x8c8/0xdd0
[  261.004987][T11889]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.005007][T11889]  ____sys_sendmsg+0xa98/0xc70
[  261.005017][T11889]  ? copy_msghdr_from_user+0x10a/0x160
[  261.005031][T11889]  ? __pfx_____sys_sendmsg+0x10/0x10
[  261.005047][T11889]  ___sys_sendmsg+0x134/0x1d0
[  261.005062][T11889]  ? __pfx____sys_sendmsg+0x10/0x10
[  261.005074][T11889]  ? __lock_acquire+0x622/0x1c90
[  261.005107][T11889]  __sys_sendmsg+0x16d/0x220
[  261.005121][T11889]  ? __pfx___sys_sendmsg+0x10/0x10
[  261.005143][T11889]  do_syscall_64+0xcd/0xfa0
[  261.005154][T11889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.005165][T11889] RIP: 0033:0x7f7b5038f6c9
[  261.005174][T11889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.005185][T11889] RSP: 002b:00007f7b512b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.005196][T11889] RAX: ffffffffffffffda RBX: 00007f7b505e6090 RCX: 00007f7b5038f6c9
[  261.005202][T11889] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000006
[  261.005208][T11889] RBP: 00007f7b512b6090 R08: 0000000000000000 R09: 0000000000000000
[  261.005214][T11889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.005220][T11889] R13: 00007f7b505e6128 R14: 00007f7b505e6090 R15: 00007ffe39911d48
[  261.005237][T11889]  </TASK>
[  261.114249][T11891] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  261.259841][ T5938] Bluetooth: hci0: command tx timeout
[  261.310945][T11908] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  261.319520][T11908] FAULT_INJECTION: forcing a failure.
[  261.319520][T11908] name failslab, interval 1, probability 0, space 0, times 0
[  261.323884][T11908] CPU: 1 UID: 0 PID: 11908 Comm: syz.5.2115 Not tainted syzkaller #0 PREEMPT(full) 
[  261.323897][T11908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  261.323904][T11908] Call Trace:
[  261.323907][T11908]  <TASK>
[  261.323911][T11908]  dump_stack_lvl+0x16c/0x1f0
[  261.323943][T11908]  should_fail_ex+0x512/0x640
[  261.323959][T11908]  should_failslab+0xc2/0x120
[  261.323971][T11908]  __kmalloc_cache_noprof+0x72/0x780
[  261.323987][T11908]  ? sctp_add_bind_addr+0xae/0x3f0
[  261.324005][T11908]  ? sctp_add_bind_addr+0xae/0x3f0
[  261.324018][T11908]  sctp_add_bind_addr+0xae/0x3f0
[  261.324035][T11908]  sctp_copy_local_addr_list+0x349/0x550
[  261.324053][T11908]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  261.324071][T11908]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  261.324082][T11908]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  261.324098][T11908]  sctp_bind_addr_copy+0xe0/0x530
[  261.324116][T11908]  sctp_connect_new_asoc+0x1c9/0x770
[  261.324129][T11908]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  261.324147][T11908]  sctp_sendmsg+0x1557/0x1e00
[  261.324161][T11908]  ? __lock_acquire+0xb8a/0x1c90
[  261.324178][T11908]  ? __pfx_sctp_sendmsg+0x10/0x10
[  261.324193][T11908]  ? __pfx_sock_has_perm+0x10/0x10
[  261.324214][T11908]  ? __import_iovec+0x1dd/0x650
[  261.324230][T11908]  ? __pfx_sctp_sendmsg+0x10/0x10
[  261.324248][T11908]  inet_sendmsg+0x11c/0x140
[  261.324274][T11908]  ____sys_sendmsg+0x973/0xc70
[  261.324294][T11908]  ? copy_msghdr_from_user+0x10a/0x160
[  261.324315][T11908]  ? __pfx_____sys_sendmsg+0x10/0x10
[  261.324336][T11908]  ___sys_sendmsg+0x134/0x1d0
[  261.324358][T11908]  ? __pfx____sys_sendmsg+0x10/0x10
[  261.324378][T11908]  ? __lock_acquire+0x622/0x1c90
[  261.324436][T11908]  __sys_sendmsg+0x16d/0x220
[  261.324458][T11908]  ? __pfx___sys_sendmsg+0x10/0x10
[  261.324484][T11908]  do_syscall_64+0xcd/0xfa0
[  261.324495][T11908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.324507][T11908] RIP: 0033:0x7f4be558f6c9
[  261.324517][T11908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.324527][T11908] RSP: 002b:00007f4be6381038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.324538][T11908] RAX: ffffffffffffffda RBX: 00007f4be57e5fa0 RCX: 00007f4be558f6c9
[  261.324544][T11908] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000000000000006
[  261.324550][T11908] RBP: 00007f4be6381090 R08: 0000000000000000 R09: 0000000000000000
[  261.324557][T11908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  261.324563][T11908] R13: 00007f4be57e6038 R14: 00007f4be57e5fa0 R15: 00007fff034cfc48
[  261.324577][T11908]  </TASK>
[  261.325916][T11909] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2114'.
[  261.589834][T10045] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  261.739791][T10045] usb 10-1: Using ep0 maxpacket: 8
[  261.746004][T10045] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  261.750641][T10045] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  261.754806][T10045] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  261.759056][T10045] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  261.765184][T10045] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  261.769069][T10045] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.969790][   T34] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  261.978254][T10045] usb 10-1: GET_CAPABILITIES returned 0
[  261.980244][T10045] usbtmc 10-1:16.0: can't read capabilities
[  262.119745][   T34] usb 6-1: Using ep0 maxpacket: 8
[  262.123408][   T34] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  262.127229][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  262.131138][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  262.134645][   T34] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  262.138526][   T34] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  262.141323][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.347469][   T34] usb 6-1: GET_CAPABILITIES returned 0
[  262.349297][   T34] usbtmc 6-1:16.0: can't read capabilities
[  262.429240][T11942] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  262.432716][T11942] syzkaller0: entered promiscuous mode
[  262.434477][T11942] syzkaller0: entered allmulticast mode
[  262.445932][T11942] tipc: Resetting bearer <eth:syzkaller0>
[  262.449097][T11941] tipc: Resetting bearer <eth:syzkaller0>
[  262.456323][T11941] tipc: Disabling bearer <eth:syzkaller0>
[  262.561842][T11944] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  262.762557][T11951] FAULT_INJECTION: forcing a failure.
[  262.762557][T11951] name failslab, interval 1, probability 0, space 0, times 0
[  262.766473][T11951] CPU: 1 UID: 0 PID: 11951 Comm: syz.2.2130 Not tainted syzkaller #0 PREEMPT(full) 
[  262.766487][T11951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  262.766493][T11951] Call Trace:
[  262.766497][T11951]  <TASK>
[  262.766502][T11951]  dump_stack_lvl+0x16c/0x1f0
[  262.766526][T11951]  should_fail_ex+0x512/0x640
[  262.766541][T11951]  should_failslab+0xc2/0x120
[  262.766553][T11951]  kmem_cache_alloc_node_noprof+0x78/0x770
[  262.766569][T11951]  ? __pfx_avc_has_perm+0x10/0x10
[  262.766582][T11951]  ? __alloc_skb+0x2b2/0x380
[  262.766599][T11951]  ? __alloc_skb+0x2b2/0x380
[  262.766610][T11951]  __alloc_skb+0x2b2/0x380
[  262.766622][T11951]  ? __pfx___alloc_skb+0x10/0x10
[  262.766640][T11951]  rose_write_internal+0xd1/0x1850
[  262.766658][T11951]  ? __local_bh_enable_ip+0xa4/0x120
[  262.766672][T11951]  ? __pfx_rose_write_internal+0x10/0x10
[  262.766684][T11951]  ? rose_find_socket+0xf4/0x130
[  262.766694][T11951]  ? __local_bh_enable_ip+0xa4/0x120
[  262.766706][T11951]  ? rose_route_free_lci+0xd6/0x160
[  262.766722][T11951]  rose_connect+0x6e5/0x1980
[  262.766734][T11951]  ? __pfx_rose_connect+0x10/0x10
[  262.766744][T11951]  ? selinux_netlbl_socket_connect+0x30/0x40
[  262.766756][T11951]  ? rcu_is_watching+0x12/0xc0
[  262.766770][T11951]  ? __local_bh_enable_ip+0xa4/0x120
[  262.766782][T11951]  ? lockdep_hardirqs_on+0x7c/0x110
[  262.766798][T11951]  ? selinux_netlbl_socket_connect+0x30/0x40
[  262.766808][T11951]  ? __local_bh_enable_ip+0xa4/0x120
[  262.766821][T11951]  ? selinux_netlbl_socket_connect+0x30/0x40
[  262.766832][T11951]  ? selinux_socket_connect+0x6b/0x80
[  262.766844][T11951]  ? __pfx_rose_connect+0x10/0x10
[  262.766853][T11951]  __sys_connect_file+0x141/0x1a0
[  262.766867][T11951]  __sys_connect+0x13b/0x160
[  262.766878][T11951]  ? __pfx___sys_connect+0x10/0x10
[  262.766894][T11951]  ? __pfx_ksys_write+0x10/0x10
[  262.766907][T11951]  __x64_sys_connect+0x72/0xb0
[  262.766917][T11951]  ? lockdep_hardirqs_on+0x7c/0x110
[  262.766933][T11951]  do_syscall_64+0xcd/0xfa0
[  262.766943][T11951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.766954][T11951] RIP: 0033:0x7f7b5038f6c9
[  262.766962][T11951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.766972][T11951] RSP: 002b:00007f7b512d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  262.766982][T11951] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038f6c9
[  262.766988][T11951] RDX: 0000000000000040 RSI: 0000200000000180 RDI: 0000000000000007
[  262.766994][T11951] RBP: 00007f7b512d7090 R08: 0000000000000000 R09: 0000000000000000
[  262.767000][T11951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.767006][T11951] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  262.767019][T11951]  </TASK>
[  263.561729][T11953] loop2: detected capacity change from 0 to 7
[  263.565236][T11802] Dev loop2: unable to read RDB block 7
[  263.567027][T11802]  loop2: AHDI p1 p2 p3
[  263.568390][T11802] loop2: partition table partially beyond EOD, truncated
[  263.570723][T11802] loop2: p1 start 1601398130 is beyond EOD, truncated
[  263.572849][T11802] loop2: p2 start 1702059890 is beyond EOD, truncated
[  263.576762][T11953] Dev loop2: unable to read RDB block 7
[  263.578560][T11953]  loop2: AHDI p1 p2 p3
[  263.580521][T11953] loop2: partition table partially beyond EOD, truncated
[  263.583087][T11953] loop2: p1 start 1601398130 is beyond EOD, truncated
[  263.585243][T11953] loop2: p2 start 1702059890 is beyond EOD, truncated
[  263.608468][ T5345] Dev loop2: unable to read RDB block 7
[  263.610456][ T5345]  loop2: AHDI p1 p2 p3
[  263.611784][ T5345] loop2: partition table partially beyond EOD, truncated
[  263.614632][ T5345] loop2: p1 start 1601398130 is beyond EOD, truncated
[  263.616719][ T5345] loop2: p2 start 1702059890 is beyond EOD, truncated
[  263.691865][ T5345] Dev loop2: unable to read RDB block 7
[  263.693735][ T5345]  loop2: AHDI p1 p2 p3
[  263.695233][ T5345] loop2: partition table partially beyond EOD, truncated
[  263.698027][ T5345] loop2: p1 start 1601398130 is beyond EOD, truncated
[  263.700912][ T5345] loop2: p2 start 1702059890 is beyond EOD, truncated
[  263.704075][T11963] FAULT_INJECTION: forcing a failure.
[  263.704075][T11963] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.709158][T11963] CPU: 3 UID: 0 PID: 11963 Comm: syz.2.2133 Not tainted syzkaller #0 PREEMPT(full) 
[  263.709178][T11963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  263.709187][T11963] Call Trace:
[  263.709193][T11963]  <TASK>
[  263.709199][T11963]  dump_stack_lvl+0x16c/0x1f0
[  263.709227][T11963]  should_fail_ex+0x512/0x640
[  263.709248][T11963]  _copy_from_user+0x2e/0xd0
[  263.709268][T11963]  move_addr_to_kernel+0x65/0x170
[  263.709286][T11963]  __sys_connect+0xb1/0x160
[  263.709302][T11963]  ? __pfx___sys_connect+0x10/0x10
[  263.709347][T11963]  ? __pfx_ksys_write+0x10/0x10
[  263.709367][T11963]  __x64_sys_connect+0x72/0xb0
[  263.709383][T11963]  ? lockdep_hardirqs_on+0x7c/0x110
[  263.709406][T11963]  do_syscall_64+0xcd/0xfa0
[  263.709422][T11963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.709437][T11963] RIP: 0033:0x7f7b5038f6c9
[  263.709451][T11963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.709466][T11963] RSP: 002b:00007f7b512d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  263.709480][T11963] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038f6c9
[  263.709490][T11963] RDX: 0000000000000040 RSI: 0000200000000000 RDI: 0000000000000004
[  263.709499][T11963] RBP: 00007f7b512d7090 R08: 0000000000000000 R09: 0000000000000000
[  263.709514][T11963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.709524][T11963] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  263.709546][T11963]  </TASK>
[  263.781921][ T5345] Dev loop2: unable to read RDB block 7
[  263.783856][ T5345]  loop2: AHDI p1 p2 p3
[  263.785271][ T5345] loop2: partition table partially beyond EOD, truncated
[  263.787698][ T5345] loop2: p1 start 1601398130 is beyond EOD, truncated
[  263.790475][ T5345] loop2: p2 start 1702059890 is beyond EOD, truncated
[  263.806535][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  263.806544][   T40] audit: type=1400 audit(1762563444.105:616): avc:  denied  { relabelfrom } for  pid=11964 comm="syz.2.2134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  263.815282][   T40] audit: type=1400 audit(1762563444.105:617): avc:  denied  { relabelto } for  pid=11964 comm="syz.2.2134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  263.917527][ T5345] Dev loop2: unable to read RDB block 7
[  263.919526][ T5345]  loop2: AHDI p1 p2 p3
[  263.921378][ T5345] loop2: partition table partially beyond EOD, truncated
[  263.924013][ T5345] loop2: p1 start 1601398130 is beyond EOD, truncated
[  263.926750][ T5345] loop2: p2 start 1702059890 is beyond EOD, truncated
[  263.974506][T11972] xt_connbytes: Forcing CT accounting to be enabled
[  263.977515][T11972] xt_CT: You must specify a L4 protocol and not use inversions on it
[  264.137997][ T5345] Dev loop2: unable to read RDB block 7
[  264.140347][ T5345]  loop2: AHDI p1 p2 p3
[  264.141693][ T5345] loop2: partition table partially beyond EOD, truncated
[  264.143964][ T5345] loop2: p1 start 1601398130 is beyond EOD, truncated
[  264.146008][ T5345] loop2: p2 start 1702059890 is beyond EOD, truncated
[  264.657482][ T6361] usb 6-1: USB disconnect, device number 6
[  265.034970][   T40] audit: type=1400 audit(1762563445.335:618): avc:  denied  { setopt } for  pid=11992 comm="syz.2.2140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  265.042140][   T40] audit: type=1400 audit(1762563445.335:619): avc:  denied  { map } for  pid=11992 comm="syz.2.2140" path="socket:[39212]" dev="sockfs" ino=39212 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  265.049556][   T40] audit: type=1400 audit(1762563445.335:620): avc:  denied  { accept } for  pid=11992 comm="syz.2.2140" path="socket:[39212]" dev="sockfs" ino=39212 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  265.084053][   T40] audit: type=1400 audit(1762563445.385:621): avc:  denied  { read append } for  pid=11995 comm="syz.2.2141" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  265.091745][   T40] audit: type=1400 audit(1762563445.385:622): avc:  denied  { open } for  pid=11995 comm="syz.2.2141" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  265.099210][   T40] audit: type=1400 audit(1762563445.385:623): avc:  denied  { read } for  pid=11995 comm="syz.2.2141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  265.136890][T11996] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  265.279819][T11999] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  265.282572][T11999] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  265.287972][T11999] vhci_hcd vhci_hcd.0: Device attached
[  265.293460][T11999] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(5)
[  265.296039][T11999] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  265.299322][T11999] vhci_hcd vhci_hcd.0: Device attached
[  265.306522][T11999] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(131)
[  265.308627][T11999] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  265.314121][T11999] vhci_hcd vhci_hcd.0: Device attached
[  265.317398][T11999] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(141)
[  265.319520][T11999] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  265.322936][T11999] vhci_hcd vhci_hcd.0: Device attached
[  265.325995][T11999] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(144)
[  265.328492][T11999] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  265.332156][T11999] vhci_hcd vhci_hcd.0: Device attached
[  265.334965][T11999] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(146)
[  265.337087][T11999] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  265.341207][T11999] vhci_hcd vhci_hcd.0: Device attached
[  265.352386][T11999] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(148)
[  265.355246][T11999] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  265.358599][T11999] vhci_hcd vhci_hcd.0: Device attached
[  265.372223][T12010] vhci_hcd: connection closed
[  265.372476][T12012] vhci_hcd: connection closed
[  265.373373][  T219] vhci_hcd: stop threads
[  265.374140][T12006] vhci_hcd: connection closed
[  265.375994][  T219] vhci_hcd: release socket
[  265.376008][  T219] vhci_hcd: disconnect device
[  265.379732][T12008] vhci_hcd: connection closed
[  265.380808][  T219] vhci_hcd: stop threads
[  265.385772][  T219] vhci_hcd: release socket
[  265.386319][T12014] vhci_hcd: connection closed
[  265.387644][  T219] vhci_hcd: disconnect device
[  265.387759][  T219] vhci_hcd: stop threads
[  265.393673][  T219] vhci_hcd: release socket
[  265.395596][  T219] vhci_hcd: disconnect device
[  265.397720][  T219] vhci_hcd: stop threads
[  265.399132][  T219] vhci_hcd: release socket
[  265.400754][  T219] vhci_hcd: disconnect device
[  265.402443][  T219] vhci_hcd: stop threads
[  265.403828][  T219] vhci_hcd: release socket
[  265.405343][  T219] vhci_hcd: disconnect device
[  265.461854][T12003] vhci_hcd: connection closed
[  265.462013][   T12] vhci_hcd: stop threads
[  265.464950][   T12] vhci_hcd: release socket
[  265.467629][   T12] vhci_hcd: disconnect device
[  265.473214][T12001] vhci_hcd: connection closed
[  265.474006][   T12] vhci_hcd: stop threads
[  265.477361][   T12] vhci_hcd: release socket
[  265.478957][   T12] vhci_hcd: disconnect device
[  265.869830][ T6361] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  265.962462][T12029] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  266.021756][T12035] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2150'.
[  266.029785][ T6361] usb 6-1: Using ep0 maxpacket: 8
[  266.033474][ T6361] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  266.037559][ T6361] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  266.041634][ T6361] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  266.045681][ T6361] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  266.051115][ T6361] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  266.054828][ T6361] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.257673][T12041] FAULT_INJECTION: forcing a failure.
[  266.257673][T12041] name failslab, interval 1, probability 0, space 0, times 0
[  266.261782][T12041] CPU: 1 UID: 0 PID: 12041 Comm: syz.2.2153 Not tainted syzkaller #0 PREEMPT(full) 
[  266.261798][T12041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  266.261804][T12041] Call Trace:
[  266.261808][T12041]  <TASK>
[  266.261813][T12041]  dump_stack_lvl+0x16c/0x1f0
[  266.261833][T12041]  should_fail_ex+0x512/0x640
[  266.261849][T12041]  should_failslab+0xc2/0x120
[  266.261862][T12041]  kmem_cache_alloc_node_noprof+0x78/0x770
[  266.261878][T12041]  ? __pfx_avc_has_perm+0x10/0x10
[  266.261892][T12041]  ? __alloc_skb+0x2b2/0x380
[  266.261907][T12041]  ? __alloc_skb+0x2b2/0x380
[  266.261919][T12041]  __alloc_skb+0x2b2/0x380
[  266.261931][T12041]  ? __pfx___alloc_skb+0x10/0x10
[  266.261949][T12041]  rose_write_internal+0xd1/0x1850
[  266.261967][T12041]  ? __local_bh_enable_ip+0xa4/0x120
[  266.261981][T12041]  ? __pfx_rose_write_internal+0x10/0x10
[  266.261994][T12041]  ? rose_find_socket+0xf4/0x130
[  266.262003][T12041]  ? __local_bh_enable_ip+0xa4/0x120
[  266.262016][T12041]  ? rose_route_free_lci+0xd6/0x160
[  266.262031][T12041]  rose_connect+0x6e5/0x1980
[  266.262044][T12041]  ? __pfx_rose_connect+0x10/0x10
[  266.262054][T12041]  ? selinux_netlbl_socket_connect+0x30/0x40
[  266.262066][T12041]  ? rcu_is_watching+0x12/0xc0
[  266.262079][T12041]  ? __local_bh_enable_ip+0xa4/0x120
[  266.262092][T12041]  ? lockdep_hardirqs_on+0x7c/0x110
[  266.262103][ T6361] usb 6-1: GET_CAPABILITIES returned 0
[  266.262108][T12041]  ? selinux_netlbl_socket_connect+0x30/0x40
[  266.262119][T12041]  ? __local_bh_enable_ip+0xa4/0x120
[  266.262131][T12041]  ? selinux_netlbl_socket_connect+0x30/0x40
[  266.262149][T12041]  ? selinux_socket_connect+0x6b/0x80
[  266.262166][T12041]  ? __pfx_rose_connect+0x10/0x10
[  266.262178][T12041]  __sys_connect_file+0x141/0x1a0
[  266.262197][T12041]  __sys_connect+0x13b/0x160
[  266.262212][T12041]  ? __pfx___sys_connect+0x10/0x10
[  266.262232][T12041]  ? __pfx_ksys_write+0x10/0x10
[  266.262245][T12041]  __x64_sys_connect+0x72/0xb0
[  266.262256][T12041]  ? lockdep_hardirqs_on+0x7c/0x110
[  266.262271][T12041]  do_syscall_64+0xcd/0xfa0
[  266.262282][T12041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.262293][T12041] RIP: 0033:0x7f7b5038f6c9
[  266.262301][T12041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.262312][T12041] RSP: 002b:00007f7b512d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  266.262321][T12041] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038f6c9
[  266.262328][T12041] RDX: 0000000000000040 RSI: 0000200000000000 RDI: 0000000000000004
[  266.262334][T12041] RBP: 00007f7b512d7090 R08: 0000000000000000 R09: 0000000000000000
[  266.262340][T12041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.262345][T12041] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  266.262359][T12041]  </TASK>
[  266.352127][ T6361] usbtmc 6-1:16.0: can't read capabilities
[  266.513756][T12042] FAULT_INJECTION: forcing a failure.
[  266.513756][T12042] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.519291][T12042] CPU: 2 UID: 0 PID: 12042 Comm: syz.1.2146 Not tainted syzkaller #0 PREEMPT(full) 
[  266.519312][T12042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  266.519321][T12042] Call Trace:
[  266.519327][T12042]  <TASK>
[  266.519333][T12042]  dump_stack_lvl+0x16c/0x1f0
[  266.519361][T12042]  should_fail_ex+0x512/0x640
[  266.519382][T12042]  _copy_from_user+0x2e/0xd0
[  266.519402][T12042]  kstrtouint_from_user+0xd6/0x1d0
[  266.519425][T12042]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  266.519447][T12042]  ? __lock_acquire+0xb8a/0x1c90
[  266.519487][T12042]  proc_fail_nth_write+0x83/0x220
[  266.519506][T12042]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  266.519530][T12042]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  266.519546][T12042]  vfs_write+0x2a0/0x11d0
[  266.519565][T12042]  ? __pfx___mutex_lock+0x10/0x10
[  266.519581][T12042]  ? __pfx_vfs_write+0x10/0x10
[  266.519603][T12042]  ? __fget_files+0x20e/0x3c0
[  266.519625][T12042]  ksys_write+0x12a/0x250
[  266.519639][T12042]  ? __pfx_ksys_write+0x10/0x10
[  266.519654][T12042]  ? fdget+0x187/0x210
[  266.519690][T12042]  do_syscall_64+0xcd/0xfa0
[  266.519707][T12042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.519722][T12042] RIP: 0033:0x7f1eaab8e17f
[  266.519736][T12042] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  266.519751][T12042] RSP: 002b:00007f1eab9ca030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  266.519767][T12042] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1eaab8e17f
[  266.519776][T12042] RDX: 0000000000000001 RSI: 00007f1eab9ca0a0 RDI: 0000000000000005
[  266.519785][T12042] RBP: 00007f1eab9ca090 R08: 0000000000000000 R09: 0000000000000000
[  266.519794][T12042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  266.519803][T12042] R13: 00007f1eaade6128 R14: 00007f1eaade6090 R15: 00007ffdd36a4898
[  266.519826][T12042]  </TASK>
[  267.115964][T12049] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  267.271174][T11911] usbtmc 10-1:16.0: usb_control_msg returned -110
[  267.285577][  T842] usb 10-1: USB disconnect, device number 3
[  267.287781][T10045] usb 6-1: USB disconnect, device number 7
[  267.984480][T12067] FAULT_INJECTION: forcing a failure.
[  267.984480][T12067] name failslab, interval 1, probability 0, space 0, times 0
[  267.988311][T12067] CPU: 3 UID: 0 PID: 12067 Comm: syz.2.2162 Not tainted syzkaller #0 PREEMPT(full) 
[  267.988325][T12067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  267.988331][T12067] Call Trace:
[  267.988334][T12067]  <TASK>
[  267.988338][T12067]  dump_stack_lvl+0x16c/0x1f0
[  267.988359][T12067]  should_fail_ex+0x512/0x640
[  267.988374][T12067]  should_failslab+0xc2/0x120
[  267.988387][T12067]  kmem_cache_alloc_noprof+0x75/0x6e0
[  267.988402][T12067]  ? skb_clone+0x190/0x3f0
[  267.988418][T12067]  ? skb_clone+0x190/0x3f0
[  267.988430][T12067]  skb_clone+0x190/0x3f0
[  267.988444][T12067]  bpf_clone_redirect+0xb2/0x3f0
[  267.988460][T12067]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  267.988477][T12067]  bpf_prog_1939c40fbf65037b+0x5f/0x68
[  267.988486][T12067]  ? workqueue_offline_cpu+0x4e0/0x840
[  267.988502][T12067]  ? unwind_get_return_address+0x59/0xa0
[  267.988516][T12067]  ? __lock_acquire+0xb8a/0x1c90
[  267.988534][T12067]  ? __lock_acquire+0x622/0x1c90
[  267.988553][T12067]  ? find_held_lock+0x2b/0x80
[  267.988567][T12067]  ? ktime_get+0x200/0x310
[  267.988581][T12067]  ? lockdep_hardirqs_on+0x7c/0x110
[  267.988597][T12067]  ? ktime_get+0x1a7/0x310
[  267.988612][T12067]  ? __pfx___cant_migrate+0x10/0x10
[  267.988626][T12067]  ? bpf_test_timer_continue+0x13e/0x610
[  267.988639][T12067]  ? lockdep_hardirqs_on+0x7c/0x110
[  267.988655][T12067]  bpf_test_run+0x3d3/0xa60
[  267.988671][T12067]  ? __pfx_bpf_test_run+0x10/0x10
[  267.988694][T12067]  ? __asan_memset+0x23/0x50
[  267.988712][T12067]  bpf_prog_test_run_skb+0xbae/0x2290
[  267.988730][T12067]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  267.988746][T12067]  ? fput+0x9b/0xd0
[  267.988759][T12067]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  267.988773][T12067]  __sys_bpf+0x1035/0x4980
[  267.988791][T12067]  ? __pfx___sys_bpf+0x10/0x10
[  267.988805][T12067]  ? find_held_lock+0x2b/0x80
[  267.988820][T12067]  ? find_held_lock+0x2b/0x80
[  267.988836][T12067]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  267.988853][T12067]  ? fput+0x9b/0xd0
[  267.988865][T12067]  ? ksys_write+0x1ac/0x250
[  267.988874][T12067]  ? __pfx_ksys_write+0x10/0x10
[  267.988886][T12067]  __x64_sys_bpf+0x78/0xc0
[  267.988901][T12067]  ? lockdep_hardirqs_on+0x7c/0x110
[  267.988917][T12067]  do_syscall_64+0xcd/0xfa0
[  267.988927][T12067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.988937][T12067] RIP: 0033:0x7f7b5038f6c9
[  267.988945][T12067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.988955][T12067] RSP: 002b:00007f7b512d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  267.988965][T12067] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038f6c9
[  267.988972][T12067] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  267.988978][T12067] RBP: 00007f7b512d7090 R08: 0000000000000000 R09: 0000000000000000
[  267.988984][T12067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  267.988990][T12067] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  267.989003][T12067]  </TASK>
[  268.301471][T12085] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  268.312705][T12085] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2169'.
[  269.077434][   T40] audit: type=1400 audit(1762563449.375:624): avc:  denied  { accept } for  pid=12110 comm="syz.2.2177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  269.459755][ T1471] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  269.619778][ T1471] usb 10-1: Using ep0 maxpacket: 8
[  269.623807][ T1471] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  269.627930][ T1471] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  269.632027][ T1471] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  269.636018][ T1471] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  269.641627][ T1471] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  269.645419][ T1471] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.855515][ T1471] usb 10-1: GET_CAPABILITIES returned 0
[  269.857327][ T1471] usbtmc 10-1:16.0: can't read capabilities
[  270.215795][T12131] xfrm0 speed is unknown, defaulting to 1000
[  270.975334][T12145] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  270.979002][T12145] FAULT_INJECTION: forcing a failure.
[  270.979002][T12145] name failslab, interval 1, probability 0, space 0, times 0
[  270.983582][T12145] CPU: 2 UID: 0 PID: 12145 Comm: syz.2.2188 Not tainted syzkaller #0 PREEMPT(full) 
[  270.983598][T12145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  270.983605][T12145] Call Trace:
[  270.983615][T12145]  <TASK>
[  270.983619][T12145]  dump_stack_lvl+0x16c/0x1f0
[  270.983651][T12145]  should_fail_ex+0x512/0x640
[  270.983671][T12145]  should_failslab+0xc2/0x120
[  270.983685][T12145]  __kmalloc_cache_noprof+0x72/0x780
[  270.983701][T12145]  ? sctp_add_bind_addr+0xae/0x3f0
[  270.983718][T12145]  ? sctp_add_bind_addr+0xae/0x3f0
[  270.983732][T12145]  sctp_add_bind_addr+0xae/0x3f0
[  270.983748][T12145]  sctp_copy_local_addr_list+0x349/0x550
[  270.983767][T12145]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  270.983785][T12145]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  270.983796][T12145]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  270.983812][T12145]  sctp_bind_addr_copy+0xe0/0x530
[  270.983833][T12145]  sctp_connect_new_asoc+0x1c9/0x770
[  270.983847][T12145]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  270.983942][T12145]  sctp_sendmsg+0x1557/0x1e00
[  270.983958][T12145]  ? __lock_acquire+0xb8a/0x1c90
[  270.983979][T12145]  ? __pfx_sctp_sendmsg+0x10/0x10
[  270.983997][T12145]  ? __pfx_sock_has_perm+0x10/0x10
[  270.984035][T12145]  ? __import_iovec+0x1dd/0x650
[  270.984050][T12145]  ? __pfx_sctp_sendmsg+0x10/0x10
[  270.984063][T12145]  inet_sendmsg+0x11c/0x140
[  270.984077][T12145]  ____sys_sendmsg+0x973/0xc70
[  270.984088][T12145]  ? copy_msghdr_from_user+0x10a/0x160
[  270.984102][T12145]  ? __pfx_____sys_sendmsg+0x10/0x10
[  270.984118][T12145]  ___sys_sendmsg+0x134/0x1d0
[  270.984132][T12145]  ? __pfx____sys_sendmsg+0x10/0x10
[  270.984145][T12145]  ? __lock_acquire+0x622/0x1c90
[  270.984177][T12145]  __sys_sendmsg+0x16d/0x220
[  270.984190][T12145]  ? __pfx___sys_sendmsg+0x10/0x10
[  270.984213][T12145]  do_syscall_64+0xcd/0xfa0
[  270.984241][T12145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.984252][T12145] RIP: 0033:0x7f7b5038f6c9
[  270.984261][T12145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.984270][T12145] RSP: 002b:00007f7b512d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  270.984280][T12145] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038f6c9
[  270.984287][T12145] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000000000000006
[  270.984293][T12145] RBP: 00007f7b512d7090 R08: 0000000000000000 R09: 0000000000000000
[  270.984299][T12145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  270.984338][T12145] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  270.984354][T12145]  </TASK>
[  271.962031][T12162] binder: 12161:12162 ioctl c02064b9 200000000500 returned -22
[  272.084120][T12173] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.133178][T12173] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.290745][   T40] audit: type=1400 audit(1762563452.595:625): avc:  denied  { remount } for  pid=12178 comm="syz.1.2198" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  272.359618][T12185] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  272.442697][T12189] xfrm0 speed is unknown, defaulting to 1000
[  273.209795][ T6361] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  273.369796][ T6361] usb 7-1: Using ep0 maxpacket: 8
[  273.373104][ T6361] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  273.376348][ T6361] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  273.379567][ T6361] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  273.383076][ T6361] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  273.387134][ T6361] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  273.390236][ T6361] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.623398][T12195] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.626479][T12195] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.030519][T12195] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.033453][T12195] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.037632][T12195] usb usb4: usbfs: process 12195 (syz.2.2203) did not claim interface 0 before use
[  274.041336][ T6361] usb 7-1: GET_CAPABILITIES returned 0
[  274.043234][ T6361] usbtmc 7-1:16.0: can't read capabilities
[  274.266072][T12211] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  274.321388][  T842] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  274.492201][  T842] usb 9-1: config 2 has an invalid interface number: 67 but max is 1
[  274.495586][  T842] usb 9-1: config 2 contains an unexpected descriptor of type 0x1, skipping
[  274.499143][  T842] usb 9-1: config 2 contains an unexpected descriptor of type 0x1, skipping
[  274.502822][  T842] usb 9-1: config 2 has an invalid interface number: 138 but max is 1
[  274.505585][  T842] usb 9-1: config 2 has no interface number 0
[  274.507519][  T842] usb 9-1: config 2 has no interface number 1
[  274.509549][  T842] usb 9-1: config 2 interface 67 altsetting 9 endpoint 0x8 has invalid maxpacket 512, setting to 64
[  274.512992][  T842] usb 9-1: config 2 interface 67 altsetting 9 has a duplicate endpoint with address 0xE, skipping
[  274.516293][  T842] usb 9-1: config 2 interface 67 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  274.519819][  T842] usb 9-1: config 2 interface 67 altsetting 9 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  274.523186][  T842] usb 9-1: config 2 interface 67 altsetting 9 has a duplicate endpoint with address 0x3, skipping
[  274.526405][  T842] usb 9-1: config 2 interface 67 altsetting 9 endpoint 0x5 has invalid maxpacket 1024, setting to 64
[  274.529813][  T842] usb 9-1: config 2 interface 67 altsetting 9 bulk endpoint 0xD has invalid maxpacket 64
[  274.532908][  T842] usb 9-1: config 2 interface 67 altsetting 9 endpoint 0x9 has invalid maxpacket 991, setting to 64
[  274.536190][  T842] usb 9-1: config 2 interface 67 altsetting 9 has a duplicate endpoint with address 0xE, skipping
[  274.539861][  T842] usb 9-1: config 2 interface 138 altsetting 180 has an invalid descriptor for endpoint zero, skipping
[  274.543230][  T842] usb 9-1: config 2 interface 138 altsetting 180 has a duplicate endpoint with address 0x8, skipping
[  274.546548][  T842] usb 9-1: config 2 interface 138 altsetting 180 has a duplicate endpoint with address 0x9, skipping
[  274.550362][  T842] usb 9-1: config 2 interface 138 altsetting 180 has an invalid descriptor for endpoint zero, skipping
[  274.553779][  T842] usb 9-1: config 2 interface 138 altsetting 180 has a duplicate endpoint with address 0xB, skipping
[  274.558049][  T842] usb 9-1: config 2 interface 138 altsetting 180 has a duplicate endpoint with address 0x8, skipping
[  274.562329][  T842] usb 9-1: config 2 interface 138 altsetting 180 has a duplicate endpoint with address 0xF, skipping
[  274.566607][  T842] usb 9-1: config 2 interface 138 altsetting 180 has an invalid descriptor for endpoint zero, skipping
[  274.571031][  T842] usb 9-1: config 2 interface 138 altsetting 180 has a duplicate endpoint with address 0x9, skipping
[  274.574632][  T842] usb 9-1: config 2 interface 138 altsetting 180 has a duplicate endpoint with address 0x8, skipping
[  274.577964][  T842] usb 9-1: config 2 interface 138 altsetting 180 has a duplicate endpoint with address 0x3, skipping
[  274.581429][  T842] usb 9-1: config 2 interface 138 altsetting 180 endpoint 0x1 has invalid maxpacket 511, setting to 64
[  274.584716][  T842] usb 9-1: config 2 interface 138 altsetting 180 endpoint 0xC has invalid maxpacket 592, setting to 64
[  274.588155][  T842] usb 9-1: config 2 interface 138 altsetting 180 has a duplicate endpoint with address 0x3, skipping
[  274.592203][  T842] usb 9-1: config 2 interface 67 has no altsetting 0
[  274.594284][  T842] usb 9-1: config 2 interface 138 has no altsetting 0
[  274.597990][  T842] usb 9-1: New USB device found, idVendor=0733, idProduct=1311, bcdDevice=29.c6
[  274.600885][  T842] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.603320][  T842] usb 9-1: Product: syz
[  274.604612][  T842] usb 9-1: Manufacturer: 苒ꫵ崉臞ﴸ냖膝喐ᔨ阩㺖艥ﱓᗩᕞ낋쐗蚋탍㇆ꀹ蔇립㋍ᙜ펆쾤쏖뜵獽枔돠懹鍭䐈ﵭힾ嗀鯻℧뗊덀쐉鲉䎟ó៞넃䢯⁓벸ҟ┹扟穕孭홆煉庩⸟湗
[  274.611490][  T842] usb 9-1: SerialNumber: syz
[  274.616017][T12207] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[  274.884988][T12228] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2216'.
[  275.023886][   T40] audit: type=1400 audit(1762563455.325:626): avc:  denied  { map } for  pid=12206 comm="syz.4.2208" path="/dev/ubi_ctrl" dev="devtmpfs" ino=718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  275.025530][  T842] usb 9-1: USB disconnect, device number 7
[  275.111484][T12120] usbtmc 10-1:16.0: usb_control_msg returned -110
[  275.118991][    T9] usb 7-1: USB disconnect, device number 6
[  275.131681][ T6022] usb 10-1: USB disconnect, device number 4
[  275.287375][T12242] netlink: 'syz.5.2220': attribute type 1 has an invalid length.
[  275.320273][T12244] netlink: 'syz.5.2221': attribute type 4 has an invalid length.
[  275.349248][T12246] tipc: Started in network mode
[  275.350984][T12246] tipc: Node identity 0a17bcfa7df, cluster identity 4711
[  275.353274][T12246] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  275.355732][T12246] syzkaller0: entered promiscuous mode
[  275.357479][T12246] syzkaller0: entered allmulticast mode
[  275.371080][T12246] netlink: 80 bytes leftover after parsing attributes in process `syz.5.2222'.
[  275.377009][T12246] tipc: Resetting bearer <eth:syzkaller0>
[  275.383227][T12245] tipc: Resetting bearer <eth:syzkaller0>
[  275.394960][T12245] tipc: Disabling bearer <eth:syzkaller0>
[  275.643545][T12250] netlink: 328 bytes leftover after parsing attributes in process `syz.2.2224'.
[  275.739743][   T34] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  275.889866][   T34] usb 10-1: Using ep0 maxpacket: 8
[  275.893112][   T34] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  275.896542][   T34] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  275.900024][   T34] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  275.900028][    C1] ------------[ cut here ]------------
[  275.903464][   T34] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  275.906179][    C1] ODEBUG: free active (active state 0) object: ffff8880483ad890 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150
[  275.910964][   T34] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  275.916148][    C1] WARNING: CPU: 1 PID: 12262 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0
[  275.919269][   T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.923341][    C1] Modules linked in:
[  275.923406][    C1] CPU: 1 UID: 0 PID: 12262 Comm: syz.2.2230 Not tainted syzkaller #0 PREEMPT(full) 
[  275.932868][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  275.937368][    C1] RIP: 0010:debug_print_object+0x1a2/0x2b0
[  275.939922][    C1] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 20 81 f0 8b 4c 89 e6 48 c7 c7 a0 75 f0 8b e8 0f c2 ce fc 90 <0f> 0b 90 90 58 83 05 16 c2 d5 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[  275.947949][    C1] RSP: 0018:ffffc900006a0a18 EFLAGS: 00010282
[  275.950676][    C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b3ee8
[  275.954030][    C1] RDX: ffff88802cbe4900 RSI: ffffffff817b3ef5 RDI: 0000000000000001
[  275.957382][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  275.960793][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8bf07c40
[  275.964119][    C1] R13: ffffffff8b9021a0 R14: ffffffff8a4db200 R15: ffffc900006a0b18
[  275.967466][    C1] FS:  00007f7b512d76c0(0000) GS:ffff8880d6b08000(0000) knlGS:0000000000000000
[  275.970821][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  275.972881][    C1] CR2: 00007f7b512d6f98 CR3: 000000010ea42000 CR4: 0000000000352ef0
[  275.975365][    C1] Call Trace:
[  275.976441][    C1]  <IRQ>
[  275.977368][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  275.979117][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  275.981005][    C1]  debug_check_no_obj_freed+0x4b7/0x600
[  275.982745][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  275.984642][    C1]  kfree+0x291/0x6d0
[  275.985887][    C1]  ? rose_timer_expiry+0x53f/0x630
[  275.987507][    C1]  ? rose_timer_expiry+0x53f/0x630
[  275.989107][    C1]  rose_timer_expiry+0x53f/0x630
[  275.990739][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  275.992449][    C1]  call_timer_fn+0x19a/0x620
[  275.993910][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  275.995519][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  275.997235][    C1]  __run_timers+0x6ef/0x960
[  275.998669][    C1]  ? __pfx___run_timers+0x10/0x10
[  276.000309][    C1]  run_timer_base+0x114/0x190
[  276.001792][    C1]  ? __pfx_run_timer_base+0x10/0x10
[  276.003421][    C1]  run_timer_softirq+0x1a/0x40
[  276.004921][    C1]  handle_softirqs+0x219/0x8e0
[  276.006452][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  276.008102][    C1]  __irq_exit_rcu+0x109/0x170
[  276.009613][    C1]  irq_exit_rcu+0x9/0x30
[  276.011020][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  276.012788][    C1]  </IRQ>
[  276.013743][    C1]  <TASK>
[  276.014684][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  276.016560][    C1] RIP: 0010:lock_acquire+0x62/0x350
[  276.018202][    C1] Code: 94 08 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 12 21 e9 0e 0f 82 74 02 00 00 8b 35 8a 51 e9 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 29 94 08 12 0f 85 c7 02 00 00 48 83 c4
[  276.024189][    C1] RSP: 0018:ffffc9000631fb68 EFLAGS: 00000206
[  276.026117][    C1] RAX: 0000000000000046 RBX: ffffffff8e3c4760 RCX: 00000000ef9d33e4
[  276.028585][    C1] RDX: 0000000000000000 RSI: ffffffff8da05d1b RDI: ffffffff8bf07040
[  276.031109][    C1] RBP: 0000000000000002 R08: 0ac0d5affe09d4ff R09: 0000000000000000
[  276.033581][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  276.036033][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  276.038531][    C1]  css_put+0x70/0x1b0
[  276.039844][    C1]  ? css_put+0x5c/0x1b0
[  276.041167][    C1]  __memcg_slab_post_alloc_hook+0x13d/0x940
[  276.043036][    C1]  ? kasan_save_track+0x14/0x30
[  276.044583][    C1]  kmem_cache_alloc_lru_noprof+0x556/0x6e0
[  276.046431][    C1]  ? __d_alloc+0x32/0xae0
[  276.047823][    C1]  ? __d_alloc+0x32/0xae0
[  276.049249][    C1]  __d_alloc+0x32/0xae0
[  276.050628][    C1]  d_alloc_pseudo+0x1c/0xc0
[  276.052049][    C1]  alloc_file_pseudo+0xcf/0x230
[  276.053616][    C1]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  276.055337][    C1]  ? alloc_fd+0x471/0x7d0
[  276.056712][    C1]  sock_alloc_file+0x50/0x210
[  276.058233][    C1]  __sys_socket+0x1c0/0x260
[  276.059716][    C1]  ? __pfx___sys_socket+0x10/0x10
[  276.061324][    C1]  ? do_user_addr_fault+0x843/0x1370
[  276.062992][    C1]  __x64_sys_socket+0x72/0xb0
[  276.064484][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  276.066144][    C1]  do_syscall_64+0xcd/0xfa0
[  276.067588][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.069464][    C1] RIP: 0033:0x7f7b5038f6c9
[  276.070928][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.076907][    C1] RSP: 002b:00007f7b512d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  276.079533][    C1] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038f6c9
[  276.082057][    C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: 0000000000000002
[  276.084531][    C1] RBP: 00007f7b50411f91 R08: 0000000000000000 R09: 0000000000000000
[  276.087021][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  276.089521][    C1] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  276.092047][    C1]  </TASK>
[  276.093047][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  276.095328][    C1] CPU: 1 UID: 0 PID: 12262 Comm: syz.2.2230 Not tainted syzkaller #0 PREEMPT(full) 
[  276.098242][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.101587][    C1] Call Trace:
[  276.102655][    C1]  <IRQ>
[  276.103579][    C1]  dump_stack_lvl+0x3d/0x1f0
[  276.105052][    C1]  vpanic+0x640/0x6f0
[  276.106347][    C1]  ? debug_print_object+0x1a2/0x2b0
[  276.107985][    C1]  panic+0xca/0xd0
[  276.109185][    C1]  ? __pfx_panic+0x10/0x10
[  276.110655][    C1]  ? check_panic_on_warn+0x1f/0xb0
[  276.112282][    C1]  check_panic_on_warn+0xab/0xb0
[  276.113826][    C1]  __warn+0xf6/0x3c0
[  276.115029][    C1]  ? debug_print_object+0x1a2/0x2b0
[  276.116667][    C1]  report_bug+0x3c3/0x580
[  276.118051][    C1]  ? debug_print_object+0x1a2/0x2b0
[  276.119706][    C1]  handle_bug+0x184/0x210
[  276.121078][    C1]  exc_invalid_op+0x17/0x50
[  276.122534][    C1]  asm_exc_invalid_op+0x1a/0x20
[  276.124071][    C1] RIP: 0010:debug_print_object+0x1a2/0x2b0
[  276.125918][    C1] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 20 81 f0 8b 4c 89 e6 48 c7 c7 a0 75 f0 8b e8 0f c2 ce fc 90 <0f> 0b 90 90 58 83 05 16 c2 d5 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[  276.131905][    C1] RSP: 0018:ffffc900006a0a18 EFLAGS: 00010282
[  276.133829][    C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b3ee8
[  276.136304][    C1] RDX: ffff88802cbe4900 RSI: ffffffff817b3ef5 RDI: 0000000000000001
[  276.138803][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  276.141295][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8bf07c40
[  276.143772][    C1] R13: ffffffff8b9021a0 R14: ffffffff8a4db200 R15: ffffc900006a0b18
[  276.146262][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  276.148035][    C1]  ? __warn_printk+0x198/0x350
[  276.149590][    C1]  ? __warn_printk+0x1a5/0x350
[  276.151107][    C1]  ? debug_print_object+0x1a1/0x2b0
[  276.152752][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  276.154522][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  276.156367][    C1]  debug_check_no_obj_freed+0x4b7/0x600
[  276.158121][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  276.160046][    C1]  kfree+0x291/0x6d0
[  276.161320][    C1]  ? rose_timer_expiry+0x53f/0x630
[  276.162945][    C1]  ? rose_timer_expiry+0x53f/0x630
[  276.164565][    C1]  rose_timer_expiry+0x53f/0x630
[  276.166152][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  276.167874][    C1]  call_timer_fn+0x19a/0x620
[  276.169374][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  276.171003][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  276.172730][    C1]  __run_timers+0x6ef/0x960
[  276.174188][    C1]  ? __pfx___run_timers+0x10/0x10
[  276.175789][    C1]  run_timer_base+0x114/0x190
[  276.177288][    C1]  ? __pfx_run_timer_base+0x10/0x10
[  276.178935][    C1]  run_timer_softirq+0x1a/0x40
[  276.180448][    C1]  handle_softirqs+0x219/0x8e0
[  276.181974][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  276.183644][    C1]  __irq_exit_rcu+0x109/0x170
[  276.185133][    C1]  irq_exit_rcu+0x9/0x30
[  276.186503][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  276.188289][    C1]  </IRQ>
[  276.189239][    C1]  <TASK>
[  276.190192][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  276.192073][    C1] RIP: 0010:lock_acquire+0x62/0x350
[  276.193724][    C1] Code: 94 08 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 12 21 e9 0e 0f 82 74 02 00 00 8b 35 8a 51 e9 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 29 94 08 12 0f 85 c7 02 00 00 48 83 c4
[  276.199582][    C1] RSP: 0018:ffffc9000631fb68 EFLAGS: 00000206
[  276.201477][    C1] RAX: 0000000000000046 RBX: ffffffff8e3c4760 RCX: 00000000ef9d33e4
[  276.203918][    C1] RDX: 0000000000000000 RSI: ffffffff8da05d1b RDI: ffffffff8bf07040
[  276.206364][    C1] RBP: 0000000000000002 R08: 0ac0d5affe09d4ff R09: 0000000000000000
[  276.208818][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  276.211270][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  276.213724][    C1]  css_put+0x70/0x1b0
[  276.214985][    C1]  ? css_put+0x5c/0x1b0
[  276.216292][    C1]  __memcg_slab_post_alloc_hook+0x13d/0x940
[  276.218216][    C1]  ? kasan_save_track+0x14/0x30
[  276.219732][    C1]  kmem_cache_alloc_lru_noprof+0x556/0x6e0
[  276.221555][    C1]  ? __d_alloc+0x32/0xae0
[  276.222909][    C1]  ? __d_alloc+0x32/0xae0
[  276.224257][    C1]  __d_alloc+0x32/0xae0
[  276.225565][    C1]  d_alloc_pseudo+0x1c/0xc0
[  276.226988][    C1]  alloc_file_pseudo+0xcf/0x230
[  276.228545][    C1]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  276.230247][    C1]  ? alloc_fd+0x471/0x7d0
[  276.231594][    C1]  sock_alloc_file+0x50/0x210
[  276.233067][    C1]  __sys_socket+0x1c0/0x260
[  276.234503][    C1]  ? __pfx___sys_socket+0x10/0x10
[  276.236068][    C1]  ? do_user_addr_fault+0x843/0x1370
[  276.237718][    C1]  __x64_sys_socket+0x72/0xb0
[  276.239210][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  276.240834][    C1]  do_syscall_64+0xcd/0xfa0
[  276.242262][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.244094][    C1] RIP: 0033:0x7f7b5038f6c9
[  276.245501][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.251390][    C1] RSP: 002b:00007f7b512d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  276.253962][    C1] RAX: ffffffffffffffda RBX: 00007f7b505e5fa0 RCX: 00007f7b5038f6c9
[  276.256386][    C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: 0000000000000002
[  276.258856][    C1] RBP: 00007f7b50411f91 R08: 0000000000000000 R09: 0000000000000000
[  276.261304][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  276.263738][    C1] R13: 00007f7b505e6038 R14: 00007f7b505e5fa0 R15: 00007ffe39911d48
[  276.266200][    C1]  </TASK>
[  276.267863][    C1] Kernel Offset: disabled
[  276.269288][    C1] Rebooting in 86400 seconds..

VM DIAGNOSIS:
00:57:36  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=00000000000005b3 RCX=00007f1eaabc1f85 RDX=00007ffdd36a4bf0
RSI=0000000000000000 RDI=0000000000000000 RBP=00007ffdd36a4c5c RSP=00007ffdd36a4bb0
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000293
R12=0000000000001388 R13=00000000000927c0 R14=000000000004352a R15=00007ffdd36a4cb0
RIP=00007f1eaabc1f8c RFL=00000293 [--S-A-C] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055556c6a8500 ffffffff 00c00000
GS =0000 0000000000000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1eab9cad58 CR3=000000004ff61000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdd36a4c20 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac13050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac1305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac13057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac1306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000080000104 RBX=0000000000000051 RCX=ffffffff819bf1c1 RDX=ffff88802cbe4900
RSI=ffffffff819bf1af RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900006a0690
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=1ffff920000d40d5 R13=0000000000000200 R14=ffff88801e6ac900 R15=ffffc900006a0760
RIP=ffffffff81bd0db7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f7b512d76c0 ffffffff 00c00000
GS =0000 ffff8880d6b08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f7b512d6f98 CR3=000000010ea42000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b50413050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b5041305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b50413057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b5041306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b504130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b504131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b505b74a8 00007f7b505b74a0 00007f7b505b7498 00007f7b505b7470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b5111d100 00007f7b505b7460 00007f7b505b7478 00007f7b505b74c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b505b74b8 00007f7b505b74b0 00007f7b505b74a8 00007f7b505b74a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000080000000 RBX=0000000000000002 RCX=ffffffff81605393 RDX=0000000000000000
RSI=ffffffff8db1af4c RDI=ffffffff8bf07040 RBP=1ffff9200019ef3b RSP=ffffc90000cf7938
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffffffff815f98fb R13=0000000000000283 R14=ffff888021b94900 R15=ffffffff8e281a80
RIP=ffffffff8b60ba5d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6c08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1eab9c9f98 CR3=000000000e182000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdd36a4c20 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac13050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac1305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac13057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac1306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eaac131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000005 RBX=ffff88803532d690 RCX=ffffffff826523ec RDX=0000000000000000
RSI=ffffffff826523fa RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc900006df618
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffff88803532d6f4 R13=ffff88801c68f118 R14=0000000000000000 R15=ffff88801c68f118
RIP=ffffffff8265242f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6d08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1eab9eaf98 CR3=0000000060a14000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000010000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff034cffd0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4be5613050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4be561305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4be5613057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4be561306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4be56130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4be56131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000