last executing test programs:

1.801215248s ago: executing program 2 (id=3369):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000000208000140000000160900010073797a30000000000900020073797a3200000000140000001100"], 0x78}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f00000000c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x64, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x4e24, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x100, 0x1}]}}}}}}}, 0x0)

1.73305239s ago: executing program 3 (id=3371):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
socket$packet(0x11, 0x2, 0x300)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
socket$packet(0x11, 0x3, 0x300)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="38010000fe0000", @ANYRES16=r1], 0x138)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 11)

1.67052134s ago: executing program 2 (id=3373):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000001700)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x1, 0x0, 0x14}, @ipv4=@generic={{0x6, 0x4, 0x2, 0x2, 0xec6, 0x64, 0x0, 0xb, 0x29, 0x0, @private=0xa0100fe, @dev={0xac, 0x14, 0x14, 0x1a}, {[@timestamp_prespec={0x44, 0x4, 0x51}]}}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed03a977a3df4224895629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d40a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88569ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a1003e6670d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf92b32d6422d79f66261eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f3ab62c07f1e41d59470decee7b0cc41ac49e4b75a9ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9cc5b72d0210e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d801a9ad3b27f26ba601d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c006106c8c9e22b30947e3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9ff93638dfa9a84c77562aa2cf897f55a97b79c18544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc84561f417f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e84434ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cabffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8d1c2aac74ae9e1c355ccde9d54ddd833293f5df09224482179e5bcd8e227c9eaacb5793498be490de32baba49172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72ed67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19411e0ebe001b990b177b8db0c592b18a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e87070754025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae0907f345593736506efc626498c974753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a7402d11c666964f024da4c016eb556ba2c5fab86c60c12efb1496295d80f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb97800763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac170613cf4b515e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f10975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319b3e77f96bec001c9300000000000000009cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14ca3ef4b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a35ab397bb9ec4a8b2030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199ce5f12469bca7ba39314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47c96beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f7f2ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73e1e82c3e189ec5add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c20ca9bc7c156f3bd255a5b408df172396baf"}}, 0xed4)

1.669636018s ago: executing program 3 (id=3375):
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff01"], 0x15)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, 0x0)

1.61427927s ago: executing program 1 (id=3376):
socket$inet6(0xa, 0x3, 0x33b)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[])
sched_setaffinity(0x0, 0x0, 0x0)
socket(0x1f, 0x80000, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
unshare(0x62040200)
setns(0xffffffffffffffff, 0x24020000)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)

1.613813815s ago: executing program 3 (id=3377):
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="38010000fe0000"], 0x138)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1.613571048s ago: executing program 3 (id=3378):
io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d37, 0x100, 0x10, 0x3fffffe})
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$sock(r0, &(0x7f0000000cc0)=[{{&(0x7f0000000100)=@l2tp={0x2, 0x0, @broadcast, 0x3}, 0x80, 0x0}}, {{&(0x7f0000000700)=@in6={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, '\x00', 0x18}, 0x60}, 0x80, 0x0}}], 0x2, 0x48094) (fail_nth: 3)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

1.473823066s ago: executing program 3 (id=3379):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340007003c0007010000000000000000010000000400fc800c00018008000600ffff0000080002"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0)

1.473276903s ago: executing program 2 (id=3380):
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000000)=""/27, 0x1b)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e04000f08"], 0x7)

1.423584276s ago: executing program 3 (id=3381):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x20000)
ioctl$HIDIOCGCOLLECTIONINFO(r1, 0xc0104811, &(0x7f0000000040)={0x2, 0x10000, 0x1ffff, 0x400006})

1.342608213s ago: executing program 1 (id=3382):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000000208000140000000160900010073797a30000000000900020073797a3200000000140000001100"], 0x78}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f00000000c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x64, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x4e24, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x100, 0x1}]}}}}}}}, 0x0)

1.342326299s ago: executing program 1 (id=3383):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000500), r1)
sendmsg$NFC_CMD_DISABLE_SE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="84973800cbcfcc751ba153d1eb772249108e0a1bebc3d9ca2161b65f5a8f40180c4480bf842b0da0e4f4681397df1e26374dca685e5321bcccdc9ddb25dbec846444600108276d74a306", @ANYRES16=r2, @ANYBLOB="01002abd7000ffdbdf251200000008000100", @ANYRES32=0x0, @ANYBLOB="08001500c0000000"], 0x24}, 0x1, 0x0, 0x0, 0x20008840}, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000017b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.251998155s ago: executing program 1 (id=3384):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000100)=0x100000001, 0xfffffe16) (async)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r1, &(0x7f0000003a00)=[{{&(0x7f0000000580)={0xa, 0x20, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x9}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000200)="c5df6a3b", 0x34000}], 0x1}}, {{&(0x7f0000000b40)={0xa, 0x4e21, 0x900000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000e40)="af", 0x1}], 0x1}}], 0x2, 0xc0c0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x1, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0), 0xfffffffffffffe6e)
getsockopt$bt_hci(r0, 0x11a, 0x1, 0x0, &(0x7f0000000340))

983.132479ms ago: executing program 0 (id=3389):
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r0 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="38010000fe0000"], 0x138)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f00000003c0))

893.6469ms ago: executing program 0 (id=3390):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x18d)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r0, &(0x7f0000000080)='./file0\x00', 0x9000, &(0x7f00000000c0)={0x0, 0x74, 0x100000}, 0x20)
recvmsg$inet_nvme(r0, &(0x7f00000005c0)={&(0x7f00000001c0)=@rc={0x1f, @none}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000240)=""/189, 0xbd}, {&(0x7f0000000400)=""/165, 0xa5}, {&(0x7f0000000140)=""/26, 0x1a}, {&(0x7f0000000380)=""/54, 0x36}], 0x4, &(0x7f0000000500)=""/164, 0xa4}, 0x40002103)
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}})
splice(r1, 0x0, r3, 0x0, 0x1fffffffffff, 0x0)

783.39644ms ago: executing program 0 (id=3391):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x3c, r3, 0x1, 0x0, 0x0, {0x33}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}}, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x44, r0, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x584}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x9}]}, 0x44}}, 0x0)

783.181505ms ago: executing program 0 (id=3392):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@multicast, @link_local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, @remote, @dev, @remote}}}}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x13)

693.870894ms ago: executing program 0 (id=3393):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x40c180)
r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0x2})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1f, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000fce5ffff000000000900000018100000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000020000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000850000002300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000440), 0x4200, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)={0x24, r0, 0x300, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0xc, 0xcd, [0xd, 0x3, 0x3, 0x8]}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x4000005)
dup(r7)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000f1ffffff00"/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r8, &(0x7f0000000ac0)="f7", &(0x7f0000000080)=""/71}, 0x20)
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="050000000000fedbdf254400000008000300", @ANYRES32, @ANYBLOB="0a001800030303030203000008005a8004000380be83ed4a1534aa456dc9f3dc87765f7b4cf095d0f4c199e916653eebf43e35886863a24598c306b0acd40446c15d48cb401b67064ac27cf45977b97c176949d75cde35c492a2579ec9d8e43d28"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0)

552.476965ms ago: executing program 2 (id=3394):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
socket$packet(0x11, 0x2, 0x300)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x3c, r3, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}}]}, 0x3c}}, 0x4000050)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000140)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2d, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffc01, 0x0, 0x0, 0x0, 0xdad}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_val={0x18, 0xc, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x8}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x14}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @map_fd={0x18, 0x6, 0x1, 0x0, r0}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffffe}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000400)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41100, 0x31, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000440)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000480)={0x3, 0xd, 0x3, 0xbb}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[r0, r1, r1, r1], 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000180)='skip_task_reaping\x00', r6, 0x0, 0x6}, 0x18)
r7 = dup(r5)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="38010000fe0000", @ANYRES16=r5], 0x138)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})

552.157258ms ago: executing program 2 (id=3395):
futex(&(0x7f00000040c0), 0x6, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f000091e000/0x3000)=nil, 0x3000, 0x4)
futex(&(0x7f00000040c0), 0x7, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000000906638d582b2500000000000100000a0520010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4084)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_load={'load ', 'default', 0x20, 'trusted:', 's}z', 0x20, 0xfcd}, 0x2f, 0xfffffffffffffffa)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r2, 0x0, 0x2, 0x0)
getpgrp(0xffffffffffffffff)
socket$key(0xf, 0x3, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x14, 0x34, 0x9, 0x0, 0x4000, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x4841}, 0x4000010)

384.123176ms ago: executing program 1 (id=3396):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x1, 0x0, @loopback}, 0x1c)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="48c5"], 0x69)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1}}, 0x40)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="03c900271e37"], 0x12b)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@remote, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)

383.928106ms ago: executing program 1 (id=3397):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x10001, 0xa0000)
r1 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000040)={0x0, 0x7, 0x4, &(0x7f0000000000)={0x1d, "67d60edc3620031d451e5aa44d3cdb5637321451672f37163f5c64b821c4b14563"}})
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r3, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
close(0x3)
sendmmsg$unix(r3, &(0x7f0000002640)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x8800}}], 0x1, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073737a300000000040000000030a09000000000000000000010000000900030073797a310000000014000480080002400000000008000140000000020900010073797a300000000064000000060a010400000000000000000100000008000b40000000000900010073797a3000000000300004802c0001800e000100696d6d6564696174650000001800028008000140000000010c000280050001004c0000000c000340000000000000000314000000110001000000000000"], 0xec}}, 0x0)
ioctl$VIDIOC_OVERLAY(r0, 0x4004560e, &(0x7f0000000040)=0x5)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
fcntl$getown(r5, 0x9)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x9)
r6 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
ioctl$I2C_PEC(r6, 0x708, 0x2)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f00000001c0)={0x0, 0x6, 0x0, 0x0})
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)

254.288042ms ago: executing program 2 (id=3398):
unshare(0x2a020480)
r0 = memfd_create(&(0x7f0000000000)='\t^\x1ax1\xc7\xbe\xa1\xc6F\xfa\x9cq\xb1w&\xdfP\xba\xdf\xf9F\xc1\xd4x\xaa\x92~srQ\xeaS\x88\xad\xd1Js\\\xb2\xc5\xed\xe8\x7f\xdc(\x01\xcey\xc7\x15?\n\xad\xe7R\x9e\xe1K\xfd\xc95f@O}\\\xdd\xca!;\xf38\'D9\xcb\xda\xa1\xc1p\xd4)\x18x\x17\xab7\x06\x9f\xe3X\v\xf2\xcc\x05\xb4( m\xde\x0f\xf3\xf8\x1b\vW\x00\x90\x01\xfe\x1e<\xabL-3\xe6\x81V\x8d3\x1b$\x0e\x00\x00\x00\x00\x00\x00\x94&\xac\x88\x95\xff\xda\x14d\xcbx\bx\x95\xab\xcb@\x8d\xa0\xe4I\xff\x87\x90\xd9\x89O\x98\x90\x86\xff\xcc\xc1\xf5\r\xea\x19c\xba\xa9\"d$\x01h\x0f&/B\xa5\x18%\xc7\x00\x17\x00\x00sH\xc7ex#\xb0\xe4\x1b\xce\x0f\xear,-\n\xe6gB#\x8ch=:F$\xe6\x87\xf0AF\xd5\x84c\xd5\xd5(\xb3\xac\x9b\x80\x81y\xf1\a\x0f \xbb\xfa\xd3\x88\xad=5J\x13>u\x8c\x00\x00\x00\x00\xff\xff\xff\xff\xb8~\xaa-\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1f\xdf\xcf\b\x9f\xb6\xf2\x84\xbag\xe5.\xe4\x1f\xb3\xf4\xc6\xad\x06\x1btb\"\x87\x0f\xd7\xf9\x10~\xdc7\xe7\xdc\x11\xd8?\x040\xc5%%\x1c\x8d\xe0\xb99\x10\x11\x84\xbb\xa9\x9em\x1d\xfd\xd4\xcf\x8cH\xa6\x980\xadg\x9b\x8b$\x0e\x04\xd8\xaa\x17\xac\xf4\xda\xd0z\x87H\x03Du\x91\x839\xec\xd7\xde\xf2P\xf6dj-b\x84\x18\xe9\fy`\xca\x86Za7\xe4P\x95B\xeefTdk\x83\xcc\xa4\xa5\b\x1e\x998\x042\xb2\xdd\x8a\xea\xefQ\xf3-Z\a\xd3\xbb\xd5\x80\xb7\v\xa9\xae*\xca\xd90\xc8\xf4_\xe9N7*K:\xe1\xa4\xf7G\a\xd4Q\f7\xdeK,&\xf8\xe7\xffj\xd1\xae\xa1\x04\xf9\xd5\xc5\\\xcc:\xb1\xa70\x84\xf72 \xd1\xcb}Ky\xa5\x9bx&\xad\xf0U\x1aK\x8bN\xcd\xf50\xa3\xc7\xee\x7f\x1a#\xc9\xb3^\xdd/\x13\xb6\xe9%\xed\x04\xf4o}\x17U\x16C\xb2\xea7C\xb6fH$\xd6\xeb\x03\xd2\xa9\xa0\x9a\x93\xed-S\xe5p\xa28*\x98C\xa9\xf5\xf1*\xaa3\xb9\x88\xb3E\x03\x06\xf7\xa7', 0xa)
r1 = fsopen(&(0x7f0000000140)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fchmod(r0, 0x184)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r2, 0x11, 0x66, &(0x7f0000000100)=0xc6, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x50}, [@ldst={0x7}]}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3c)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000002c0)={0x2, &(0x7f0000000280)=[{0x6, 0x6, 0x4, 0xc}, {0x0, 0x5, 0x5, 0x7}]})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x7, 0x1, 0x2, 0x6, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x7, 0x0, 0xb}}}}}]}}]}}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x7c, r4, 0x1, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x96c}], @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x4000, 0x1, 0x6, 0x0, {0xc3, 0x3, 0x0, 0x37a, 0x0, 0x1, 0x1, 0x3, 0x1}, 0x1, 0x3ff, 0x4}}, @NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x1000, 0x3, 0x0, 0x0, {0x5, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x9, 0xa}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000815}, 0x850)

0s ago: executing program 0 (id=3399):
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x1}}, './file0\x00'})
syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x5ca5, 0x200, 0xfffffffe, 0x2000356, 0x0, r0}, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000300)=0x49b9, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$SIOCGSTAMPNS(r3, 0x8907, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r6, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@default_permissions}]})
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r6, 0x84, 0x15, &(0x7f0000000100)={0xa}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r6, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x80, @local, 0xffffffff}, 0x1c)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001380)={r0, 0x0, 0xcb, 0xcd, &(0x7f0000000180)="622aa5d4e2756b8fe8b411ed8e41877cdf2030162eb6bb049422c11e0809fa1c79381e4abfa0f13a428d3ad2c7e65045efec5434770f7b186c68a22936757f18668a8dbf0a38f19249aa84a2f79b80afb8d9a923af1ddd73c2f4cbf874b8f60c3a8ee0c4da4abc89da315b1ace821fd9a13b9ba628c9bdeb194695d74205debd600deb6d2da3684614470f9c92c11eccb302cc031ddc92293700dcd97d67fe9b126cc74a12a8f66f3b1d0edb502602427204a42222d2455479fa1cc41aa1c4219cb2748821b4929117520b", &(0x7f0000000280)=""/205, 0x800, 0x0, 0x12, 0x1000, &(0x7f0000000040)="478873879dd81b78268f6e729b9d54d13175", &(0x7f0000000380)="fcc3e90bc21ee355b1c064390eb9e58e0da6f657c6a60caf63ccee71e0458ccd95bfaa4bf74b8a5d0f42592d041af4fe90a5d9c43fe086dc861c4b0c8db0aef85819ea159b260cfce6185bfaeea52b495e0128110e88267e5b7e480459564b49522b97f2e0f6fac9212d4261cab9e0b2cb36d1ff487622e11af706837e2edd29c701d22d20fde4be515e43390c9438d7b68d0f5ec87171cd28a424bf74ddcb1c914f5387b59fd82a7bd597be757ec978332eb13c47723cc2b38b068bac49740d6aacea2c82b2097fb3ecf66cbd05a906345d2214786950dbd4799d2001ca663a6fd1e04dc1fac19f841fdd5df54034a44c74b22fdc9e0d8120d2a35d445b85c91d929f5b39ce784a6c03e4f393f3df027e8f558ebabef076b7176e4ec48ba37c3c220e7629066c292435ac55f5edbcc6ce32e540c191d179240ba09c1ad9a2a8a62e5d4b6325807059529a87117d935ff431e718cff998ad4cfa755a355ad22e914c4a568223db516029c888af05963f14b4563cc6c26c655809e1534f59fa682fab570215762cdee5af1ac7a28738d846413af178df9ed6f994eb7e0cd47b881da57964933f80ece5940cc7e8aa524a34f7dae046bfd7cabdc5801b606c194928ec085a60f69019367680d18420016a19a53acaf05dfdc6088e1d52878b88c8e0d599bebaa1330dc7eec033f743cf44f8d0dfcbbbef9d29e59866ecf988015270ff767f32f97b9fab58d38036c2c3846430ff67a54c766ebaa720f2cee319e244f194f9b0dd9136ca31128b13df2d679ed9d583fe4abbffbb3b88b7a642ba0145a8b340bcd13d6bb53752280fa1777bc41e55ecbad6c01dc42a830f9f488a9022de3caa37b24f496db13484141ae8e0d487a311fd8ed33f1e4f9ba9ce3bd22cfebe004e8851207ba8b237e66d43578a0d096f97e29c53b3fa31bba778518090f13057d51784dc84ee558eda23371dda8a45b787ecbabedb6a2d99661d33f3a576cceabad74188f9f7ff274ad5401fe580faeb50d082d7ab113cfaff00624ac96cebd25ac8d51c4e244cc729e6bf633e56f034612f2b6e5bb2ecad3411c25f60944b57956b931a19fe7c57db6ac2003580213cbdf16fbb2e2bb1e47fcaaacf2e304f5d8219afcb295ab014def878ea4d3f67050c6301b865b068511355791a9d397e26967ec0ea401e98987df7dae70775f7d88fdfca535e3d59949784956b950e63798fbb32212d20a81e17037f4b0820786cf76828280761dcfff810b7972403e3fecd1869b8f775caa591968a02a15ee4ffc1df5aca4587484e51c00fecfdb96b54d2bc630cad0594b8cd240cb074c1d84926ceb031287f64afc334f665ae27d59c39abc80b1f0533b6486bb4730859cc09b07d43a7e102d95276a4cfa84f90d8fc01c7fd60bd5a2c049c86383a900aa6dd4a3a66ab15e310cad4fe624880e4cf55c7a1b01854efbeb396df640d94586e2c9e55425dd7df7f98b748840b2921887c9cb48189f1a5ab8368a0cb15e8d36a1a4edf1675d4b877029b698041cb22d825c0ad970e8054719c495624be126e1849e2861be9cfd884859105f82d5707ec760b895a69ffb611d9cb594719d0c50dca1edb31a1dbd5419bedfb1c6190f9b4721cd4fa5ff338736713d73d1e36fdd867fd18d4687333fd814bd4518c47491225bc931dc5807cda715ef3378ab11c0f580ea97d80d0d889a45715ae9dd353fe8381d81ef99fd9b3e8c4de1dd63a36cbe69ac87f08296ea1dc84843de172c7591a91019ebf4f933abfc0bafb5ab658ff6fdf9d1bb05aef15d37ced06c92bc1617bf4cf16ea9a6a71eaee0b1c3cd3c69b5741825f8c83818825d1c9d3098360422903e0de3c54d706c96df868698c230dd94c1e8c2c9a2d9faa83caeb9481d4a5c5e223fb659a2080a1e95bccbf97bb573a54ec1bf2c16c01a5ad0cb685535dc6aeb575a035e84c2f60f054062eae7943aa687a448894b19a90a3762975491f238fe4cea75bfc8be91f9365e669a1f7ffc0d61e8c600f5c8a87bc8cf1db58b4246ee5bd0214870ccb7a7826bb59023e22a20486e67b03d91172f5f35fcc9814969f1341caaaa079f6a1a7d761b7bd4bbff5ecaa01265b7bd9abf87b7642d91d3598fe0380767df41332720e86de4056c61bfaebcce34798e28c7fd0a6f91422add22c42aac8b6efa7e2f8889e7b8a040b884aa4003f6afe1a351fe471ca63a863d5030a8d7e91b638d190863cdb634f69f2a64787bf3f2d2a7c6e3da0b7f9641f0ea14a7f4986c6323c31bc057c9f27b1f0ff48cf1048aaeb549f4ba44da367101edb05046fe2801f978412194addc18a6503f7d2771467e5e7a974602f4f37f5df5eea03362d403403316f8b1248b439716ffa447b13748d858914a6b18c791cbf6e6d2c0cb480f8d4dee14b034a71fe06f501a7d2ed0c925d8071531360eeb52e2b5ef0e53114b3dccc3c0c2f92a6dfb57a45e2a680e214e39cc338f2b171bddcc9e609f55fcee3ec83369aac40b18532b1d26cf3aa7b755f06c49bcd28527c83ae17b14c60210a4080b75b5716247abb7ba9c27ba04094fff8a72572ce89878c61689ea0191de7de133dbaab012f8efd9d8212b7ed3393bc55ce67aea2bd6afbf44407d75379edea376a985710f8d3feacbcfbda399c9aae293885303d01a2a6bf1633697bba95d95fbb8877143fbf52a03a9188f16ba5f161581b9dab1feb8e45e134274f1b3152df12deec525c1042feea179e64cdeab8cd1d040ce7ee791b956a60de9c931577e155d33d6de3b471ab8a60ee79b526a6e194669e61101fb37c9536901e1d6c83b1869f018ca3981da86fe78596cca55652f5b2564eb536c48322a0de316a01a848822ddae9b03294fa56461851e9569f797512f26165206af0b3e7f40075f5ee85c11d9d0c4bf580099492b4257193ff33df83f46cacc38efd455463f496e13cd75a5fe3bd8e7f7436628ef91bf2c9e059897f94c936c78d011df990ab006505cbdbaca70569d865e7c1284e7035056dbade63ac79bdcaff415784b1cae17f9337c8b310354889ed4bc0569d6895efb4bdd186ec1f7714c25d2eb9233f293c35779d337fed141291d5cca0735479979f9080c9d750726bb18d7e349e6596091c74d299a33499de7964647ba98987e7b5c286a377a47e028f76b0f9436e984dabb8fadf4460eb7522ab4e0c4bf7030416f712b5ef388283f707aca515c5cbcfd7c6dd07fa0a8827a5bfc79eb452bfef8abcee33b9530670a0012763fa9949be3481c4795c635f6c156c9785d40092d37660d9d57d8bc17920dffa7ac4c9d84e603c400e169a4c613ed4dfecd445087a7d000f4c10547b6a495a4058edc8fedf4c16f436bf454f6978606e11a30b21606cca66a9d5fa81ed867d980d886f7a75852416367ad1f47945a903d225f15ee0783a5d3a8299bdd5ea56e9606fba507303f1787d881bae75b14570e6a656d2e69203de4cd63c571007d5dda4f4ec4164cf0928d7dacf2471176e88596d3aff443354f903d6a4d73f9e8f97cef6631e6147714bfeb8b664d0a3ca0838ebae1389ae03d4978a634b79ba04df765c662956e428d5fe084c49c582e21e4a0ae2b0839df4caeaeee884a4bc101fa63a486836d1e0902ca19d08781c2a6115ddb0bfef9fc9e862da6d8213e8aaa327a4f16d1584fc00da612024de2190c77f11906e2fa155ee975dccd010e46075be1d3e47b1c2002de936c1870f64a0a059a9d71e9e58c128e7972466b9592c476211190110e62ee703b520ef02f71b0f4d33fa037aa965a70aa3269483768bfd67c6bcd29ab7d29940f81118310c4de5e37c628330cd8d710c46bfe33c77cf3f0092a7bcd8b26eb086514015bdf7c8fd2b1429f2ae1fad6dd551989a23b26ef239234eba927cfb0809391f2ec48b5ee634378b52d31e18f8371d30cb262ed1832b7815eb48014c3753859f76dc4f87a453cad5fec8e765f2ad4f7ab7fa520016bcafa0ecccf7708d6e1f87c7fd08218bc82fc2301ef9578408d11f9f97efcc24a48375fd6ba89aa82cc2c6e2a5bf37b7ee1fa7f6830d97b2ef13e4a41ce6ce35dc44dd5f45f67f5de9a1e5f376cfacfe2910dd2ed26db134e73d3c3228118c039bf2f39652201d3a854af6917b26f1b11c63a4ec7770bf03658f769a0fe1f196d4170c4964b6ea73bea4ef87d3575677d2adcf36509bc71eaa95737b618b4ca5d3ab7b42d046c2c3315195285b9de5e0e30cb30728a218178581d32d9b3a8fd6869b8f9f78d235e3e7a64512e0cdb640182b822f32cdd9368ba3f7f4181a74bf55ef87ff55c496958053cca57d6c9eb72a814afc7e4cdf980d90dcaf7db12c2c98400c39cdd20f3ccc7c73ecce69da5984f7afe51f20f1736413f6c7658da0ef822c4d24778f44553cbf35f04262f705105397ffac6e7c3232900d3f9da99fad135448fedaabe395ba3b5ca926fe041840bff560fc3ac0694cd2268ab086ef523972791400b3feded58446b54e5273a1e04bb2e3351b087f15f2cd0a7926c919550ed0ba7174709a6586b454bc9fa970a864853ceabaa581d08a75006c33cd149511f580f950c8b1556c1c83e0012ca54eaac91a9b926fa95a55b84f8288e448f2fd0ec3ed568a1ccca670d524b749dd09809f0949dd7a3f860e3bc8896bca1d07d4fe1de70466192e9cbb280065ff573cb873b7cde236a3dc3f36091c4cac9f4ad13d22aeecfc66ea4ea599a646af5740c233ba597a40e58d6516979e3d5c147dd3b141611b28fbad8341ba52c373d5260d7f204390887c736c8a5c1e14e5227d253fe001f8a5d0b7d207ea8f254ef278e95211e6409e90e435f257fb2715c1c8e0abc1586dc72e88d4992393d112b881fca2970d583806b0f424dda41b77172556481e8bd0c33542dbd573c9b1deb739fd0453c708265fad492ad03a8ad585b585c4cb3269178f23b67debd01832f7257340c8eeab85b0ef919e44946d05c79842411b3ab8cdf5f351e73475733901ab96e98534ac59f0ac424180b7154d1ef416ca03bf345139e376950e20dfe39dcad70a4eb8af2311aea2181db44d0ad302b7fa43fe8fa667f5726892a6022d8fabfdd865c5c70382e7bd7b41d4361c35f3cf61ac8d8e5e278cd377f764547e743fff03e30e3a52b39ea47859d5c783c9c5ae0dd4e5d92608d0401207c9bdcc0fa4c821bd2ce091b3619481859cbc51e733842320e4f67c6b0d5721c1c0d58199b877c5cbe24ae02b427f9cfeb133c194e4ce21192652ad74c5e5e5673f9c21876bbd56f58d0802f6c6501b731d685ef20c81fcdfffab9de19b0af251cf3fa31545aae6c105f3d364614a412d72bf6b6c699e87407bed895a353547ec97080ee6124b2577374338e2e7c15b605a3f8d8f0f7b515bfaa446bf766197fd206086f6837a52b4bd65b622c359760242edf479aec057039f8160787dcb26f91ee1f2597eccd295d56e3800bdadc2ea1a8b4b1f8cb9c1c6bc50e4cf295893a0f91e1326b692d8ab8908cee436c79b00632f7285483e1cebe87554815059cd79bed51fbf813865dab71b7d034807492f53755c16e0e2ebcfa929467c01062e28cb4b1392aa663f7c9b24db0ad024efc0ff1ce9fe6d69b926e70b458eaf833aeec22409e8a263ee64aaaecf21e15042037b25bf9facaa9d57ee33d9b9c9ce3aab986b5bd6db5f93e21f9d3c82178d61ee78e4006bf6f16c3e2ecd225c38fa6dd4ff8578ec690b359598b4f4394f5a13ec080e20343d5b69b147fb797abebd34251139f6c68d14cf19632004f408a031", 0x2, 0x0, 0x6d4}, 0x50)
ioctl$KVM_SET_CPUID2(r7, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYBLOB="070000000000000007000000ff"])

kernel console output (not intermixed with test programs):

 Call Trace:
[  233.863982][T12620]  <TASK>
[  233.863987][T12620]  dump_stack_lvl+0x16c/0x1f0
[  233.864012][T12620]  should_fail_ex+0x512/0x640
[  233.864027][T12620]  ? fs_reclaim_acquire+0xae/0x150
[  233.864040][T12620]  should_failslab+0xc2/0x120
[  233.864056][T12620]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  233.864071][T12620]  ? security_inode_alloc+0x3b/0x2b0
[  233.864087][T12620]  security_inode_alloc+0x3b/0x2b0
[  233.864101][T12620]  inode_init_always_gfp+0xce4/0x1030
[  233.864118][T12620]  alloc_inode+0x86/0x240
[  233.864129][T12620]  sock_alloc+0x40/0x280
[  233.864140][T12620]  do_accept+0xf7/0x530
[  233.864153][T12620]  ? do_raw_spin_lock+0x12c/0x2b0
[  233.864166][T12620]  ? __pfx_do_accept+0x10/0x10
[  233.864187][T12620]  __sys_accept4+0x100/0x1c0
[  233.864200][T12620]  ? __pfx___sys_accept4+0x10/0x10
[  233.864214][T12620]  ? __pfx_ksys_write+0x10/0x10
[  233.864230][T12620]  __x64_sys_accept4+0x96/0x100
[  233.864243][T12620]  ? lockdep_hardirqs_on+0x7c/0x110
[  233.864259][T12620]  do_syscall_64+0xcd/0x4c0
[  233.864276][T12620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.864288][T12620] RIP: 0033:0x7fd14e78e929
[  233.864297][T12620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.864308][T12620] RSP: 002b:00007fd14f65e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  233.864318][T12620] RAX: ffffffffffffffda RBX: 00007fd14e9b5fa0 RCX: 00007fd14e78e929
[  233.864328][T12620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  233.864335][T12620] RBP: 00007fd14f65e090 R08: 0000000000000000 R09: 0000000000000000
[  233.864341][T12620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.864347][T12620] R13: 0000000000000000 R14: 00007fd14e9b5fa0 R15: 00007fff6ac40058
[  233.864360][T12620]  </TASK>
[  233.984376][T12622] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.039920][T12622] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.095046][T12622] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.123206][T12630] FAULT_INJECTION: forcing a failure.
[  234.123206][T12630] name failslab, interval 1, probability 0, space 0, times 0
[  234.128806][T12630] CPU: 3 UID: 0 PID: 12630 Comm: syz.2.2432 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  234.128822][T12630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.128829][T12630] Call Trace:
[  234.128833][T12630]  <TASK>
[  234.128837][T12630]  dump_stack_lvl+0x16c/0x1f0
[  234.128857][T12630]  should_fail_ex+0x512/0x640
[  234.128871][T12630]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  234.128888][T12630]  should_failslab+0xc2/0x120
[  234.128904][T12630]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  234.128918][T12630]  ? __alloc_skb+0x2b2/0x380
[  234.128936][T12630]  __alloc_skb+0x2b2/0x380
[  234.128950][T12630]  ? __pfx___alloc_skb+0x10/0x10
[  234.128964][T12630]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  234.128978][T12630]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  234.128996][T12630]  netlink_alloc_large_skb+0x69/0x130
[  234.129009][T12630]  netlink_sendmsg+0x6a1/0xdd0
[  234.129022][T12630]  ? __pfx_netlink_sendmsg+0x10/0x10
[  234.129039][T12630]  ____sys_sendmsg+0xa95/0xc70
[  234.129051][T12630]  ? copy_msghdr_from_user+0x10a/0x160
[  234.129066][T12630]  ? __pfx_____sys_sendmsg+0x10/0x10
[  234.129084][T12630]  ___sys_sendmsg+0x134/0x1d0
[  234.129100][T12630]  ? __pfx____sys_sendmsg+0x10/0x10
[  234.129114][T12630]  ? __lock_acquire+0x622/0x1c90
[  234.129147][T12630]  __sys_sendmsg+0x16d/0x220
[  234.129162][T12630]  ? __pfx___sys_sendmsg+0x10/0x10
[  234.129187][T12630]  do_syscall_64+0xcd/0x4c0
[  234.129212][T12630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.129223][T12630] RIP: 0033:0x7fa11658e929
[  234.129232][T12630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.129243][T12630] RSP: 002b:00007fa11739b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  234.129258][T12630] RAX: ffffffffffffffda RBX: 00007fa1167b5fa0 RCX: 00007fa11658e929
[  234.129268][T12630] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000005
[  234.129276][T12630] RBP: 00007fa11739b090 R08: 0000000000000000 R09: 0000000000000000
[  234.129286][T12630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.129295][T12630] R13: 0000000000000000 R14: 00007fa1167b5fa0 R15: 00007ffcd0707b98
[  234.129316][T12630]  </TASK>
[  234.142889][T12615] chnl_net:caif_netlink_parms(): no params data found
[  234.316719][T12615] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.319785][T12615] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.322889][T12615] bridge_slave_0: entered allmulticast mode
[  234.327137][T12615] bridge_slave_0: entered promiscuous mode
[  234.331849][T12615] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.334910][T12615] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.338352][T12615] bridge_slave_1: entered allmulticast mode
[  234.341049][T12615] bridge_slave_1: entered promiscuous mode
[  234.374723][T12615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  234.390021][T12615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.448207][T12615] team0: Port device team_slave_0 added
[  234.453379][T12615] team0: Port device team_slave_1 added
[  234.492397][T12615] batman_adv: batadv0: Adding interface: batadv_slave_0
[  234.495174][T12615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.505511][T12615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.521521][T12615] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.523936][T12615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.532155][T12615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  234.597541][T12615] hsr_slave_0: entered promiscuous mode
[  234.602360][T12615] hsr_slave_1: entered promiscuous mode
[  234.604712][T12615] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  234.608289][T12615] Cannot create hsr debugfs directory
[  234.802282][T12615] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.908321][T12615] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.931079][T12662] netlink: 'syz.3.2441': attribute type 5 has an invalid length.
[  234.973756][T12615] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.032316][T12615] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.059376][T12669] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.087735][T12673] FAULT_INJECTION: forcing a failure.
[  235.087735][T12673] name failslab, interval 1, probability 0, space 0, times 0
[  235.091758][T12673] CPU: 0 UID: 0 PID: 12673 Comm: syz.3.2446 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  235.091783][T12673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.091792][T12673] Call Trace:
[  235.091806][T12673]  <TASK>
[  235.091812][T12673]  dump_stack_lvl+0x16c/0x1f0
[  235.091832][T12673]  should_fail_ex+0x512/0x640
[  235.091847][T12673]  ? fs_reclaim_acquire+0xae/0x150
[  235.091859][T12673]  ? tomoyo_encode2+0x100/0x3e0
[  235.091874][T12673]  should_failslab+0xc2/0x120
[  235.091891][T12673]  __kmalloc_noprof+0xd2/0x510
[  235.091905][T12673]  ? d_absolute_path+0x136/0x1a0
[  235.091918][T12673]  tomoyo_encode2+0x100/0x3e0
[  235.091934][T12673]  tomoyo_encode+0x29/0x50
[  235.091949][T12673]  tomoyo_realpath_from_path+0x18f/0x6e0
[  235.091968][T12673]  tomoyo_path_number_perm+0x245/0x580
[  235.091981][T12673]  ? tomoyo_path_number_perm+0x237/0x580
[  235.091995][T12673]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  235.092009][T12673]  ? find_held_lock+0x2b/0x80
[  235.092035][T12673]  ? find_held_lock+0x2b/0x80
[  235.092047][T12673]  ? hook_file_ioctl_common+0x145/0x410
[  235.092061][T12673]  ? __fget_files+0x20e/0x3c0
[  235.092078][T12673]  security_file_ioctl+0x9b/0x240
[  235.092094][T12673]  __x64_sys_ioctl+0xb7/0x210
[  235.092107][T12673]  do_syscall_64+0xcd/0x4c0
[  235.092125][T12673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.092136][T12673] RIP: 0033:0x7fd14e78e929
[  235.092145][T12673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.092155][T12673] RSP: 002b:00007fd14f65e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  235.092165][T12673] RAX: ffffffffffffffda RBX: 00007fd14e9b5fa0 RCX: 00007fd14e78e929
[  235.092172][T12673] RDX: 0000200000000280 RSI: 000000004020940d RDI: 0000000000000003
[  235.092179][T12673] RBP: 00007fd14f65e090 R08: 0000000000000000 R09: 0000000000000000
[  235.092185][T12673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.092191][T12673] R13: 0000000000000000 R14: 00007fd14e9b5fa0 R15: 00007fff6ac40058
[  235.092204][T12673]  </TASK>
[  235.092266][T12673] ERROR: Out of memory at tomoyo_realpath_from_path.
[  235.114361][T12669] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.122900][ T6361] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  235.183377][ T6361] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  235.194292][T12669] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.303642][T12677] FAULT_INJECTION: forcing a failure.
[  235.303642][T12677] name failslab, interval 1, probability 0, space 0, times 0
[  235.308780][T12318] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  235.311800][T12615] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  235.315874][T12677] CPU: 3 UID: 0 PID: 12677 Comm: syz.3.2448 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  235.315890][T12677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.315897][T12677] Call Trace:
[  235.315902][T12677]  <TASK>
[  235.315906][T12677]  dump_stack_lvl+0x16c/0x1f0
[  235.315926][T12677]  should_fail_ex+0x512/0x640
[  235.315941][T12677]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  235.315958][T12677]  should_failslab+0xc2/0x120
[  235.315973][T12677]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  235.315988][T12677]  ? __alloc_skb+0x2b2/0x380
[  235.316005][T12677]  __alloc_skb+0x2b2/0x380
[  235.316019][T12677]  ? __pfx___alloc_skb+0x10/0x10
[  235.316035][T12677]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  235.316050][T12677]  netlink_alloc_large_skb+0x69/0x130
[  235.316062][T12677]  netlink_sendmsg+0x6a1/0xdd0
[  235.316076][T12677]  ? __pfx_netlink_sendmsg+0x10/0x10
[  235.316092][T12677]  ____sys_sendmsg+0xa95/0xc70
[  235.316104][T12677]  ? copy_msghdr_from_user+0x10a/0x160
[  235.316120][T12677]  ? __pfx_____sys_sendmsg+0x10/0x10
[  235.316137][T12677]  ___sys_sendmsg+0x134/0x1d0
[  235.316154][T12677]  ? __pfx____sys_sendmsg+0x10/0x10
[  235.316168][T12677]  ? __lock_acquire+0x622/0x1c90
[  235.316201][T12677]  __sys_sendmsg+0x16d/0x220
[  235.316217][T12677]  ? __pfx___sys_sendmsg+0x10/0x10
[  235.316241][T12677]  do_syscall_64+0xcd/0x4c0
[  235.316259][T12677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.316270][T12677] RIP: 0033:0x7fd14e78e929
[  235.316279][T12677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.316289][T12677] RSP: 002b:00007fd14f65e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  235.316300][T12677] RAX: ffffffffffffffda RBX: 00007fd14e9b5fa0 RCX: 00007fd14e78e929
[  235.316307][T12677] RDX: 0000000000000080 RSI: 0000200000000100 RDI: 0000000000000003
[  235.316313][T12677] RBP: 00007fd14f65e090 R08: 0000000000000000 R09: 0000000000000000
[  235.316319][T12677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.316325][T12677] R13: 0000000000000000 R14: 00007fd14e9b5fa0 R15: 00007fff6ac40058
[  235.316338][T12677]  </TASK>
[  235.316600][T12615] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  235.410663][T12615] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  235.414508][T12686] __nla_validate_parse: 9 callbacks suppressed
[  235.414518][T12686] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2451'.
[  235.416840][T12312] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  235.426817][T12615] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  235.495849][ T5943] Bluetooth: hci4: command tx timeout
[  235.506368][ T5946] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  235.522900][T12615] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.535983][T12318] wlan1: authentication with 08:02:11:00:00:00 timed out
[  235.538101][T12615] 8021q: adding VLAN 0 to HW filter on device team0
[  235.557743][T12318] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.560090][T12318] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.565653][T12318] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.567962][T12318] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.600590][   T40] audit: type=1400 audit(1750475164.026:830): avc:  denied  { getopt } for  pid=12694 comm="syz.3.2452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  235.714389][T12615] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.742714][T12615] veth0_vlan: entered promiscuous mode
[  235.751869][T12615] veth1_vlan: entered promiscuous mode
[  235.771488][T12615] veth0_macvtap: entered promiscuous mode
[  235.775255][T12615] veth1_macvtap: entered promiscuous mode
[  235.787760][T12615] batman_adv: batadv0: Interface activated: batadv_slave_0
[  235.796746][T12615] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.802850][T12615] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.806397][T12615] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.809166][T12615] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.812075][T12615] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.857131][T12313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.859973][T12313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.873937][T12313] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.876982][T12313] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.895839][ T5946] Bluetooth: hci2: command tx timeout
[  235.933506][T12709] nfs: Unknown parameter '!c'
[  235.939037][   T40] audit: type=1400 audit(1750475164.366:831): avc:  denied  { ioctl } for  pid=12708 comm="syz.1.2421" path="socket:[36296]" dev="sockfs" ino=36296 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  236.026956][ T6361] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  236.187307][ T6361] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  236.191751][ T6361] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.195406][ T6361] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  236.199615][ T6361] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.207648][ T6361] usb 5-1: config 0 descriptor??
[  236.273037][T12726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.330584][T12729] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.371174][T12733] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2465'.
[  236.378740][T12733] : entered promiscuous mode
[  236.386167][T12726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.423453][T12735] macsec0: entered promiscuous mode
[  236.425218][T12735] macsec0: entered allmulticast mode
[  236.427222][T12735] veth1_macvtap: entered allmulticast mode
[  236.627485][ T6361] savu 0003:1E7D:2D5A.000C: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  236.795096][T12761] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2475'.
[  236.877834][   T40] audit: type=1400 audit(1750475165.306:832): avc:  denied  { read write } for  pid=12762 comm="syz.1.2476" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  236.885682][   T40] audit: type=1400 audit(1750475165.306:833): avc:  denied  { open } for  pid=12762 comm="syz.1.2476" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  236.885772][T12763] xt_hashlimit: size too large, truncated to 1048576
[  236.896202][ T6361] usb 5-1: USB disconnect, device number 11
[  236.947712][T12771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2478'.
[  237.005452][T12777] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2481'.
[  237.143006][T12793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.199215][T12793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.253441][T12793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.270067][T12800] input: syz0 as /devices/virtual/input/input26
[  237.478257][T12812] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2493'.
[  237.481479][   T10] IPVS: starting estimator thread 0...
[  237.483560][T12812] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2493'.
[  237.489397][T12815] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2494'.
[  237.565976][T12813] IPVS: using max 42 ests per chain, 100800 per kthread
[  237.645314][T12820] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (8), value rounded to 0 ms
[  237.935845][ T6872] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  237.965830][   T29] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  237.975972][ T5946] Bluetooth: hci2: command tx timeout
[  238.087048][T12839] FAULT_INJECTION: forcing a failure.
[  238.087048][T12839] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  238.091109][T12839] CPU: 2 UID: 0 PID: 12839 Comm: syz.3.2505 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  238.091125][T12839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  238.091132][T12839] Call Trace:
[  238.091136][T12839]  <TASK>
[  238.091141][T12839]  dump_stack_lvl+0x16c/0x1f0
[  238.091161][T12839]  should_fail_ex+0x512/0x640
[  238.091179][T12839]  _copy_from_user+0x2e/0xd0
[  238.091196][T12839]  memdup_user+0x6b/0xe0
[  238.091211][T12839]  strndup_user+0x78/0xe0
[  238.091226][T12839]  __x64_sys_mount+0x137/0x310
[  238.091243][T12839]  ? __pfx___x64_sys_mount+0x10/0x10
[  238.091261][T12839]  ? fd_install+0x244/0x750
[  238.091278][T12839]  do_syscall_64+0xcd/0x4c0
[  238.091296][T12839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.091307][T12839] RIP: 0033:0x7fd14e78e929
[  238.091316][T12839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.091326][T12839] RSP: 002b:00007fd14f65e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  238.091336][T12839] RAX: ffffffffffffffda RBX: 00007fd14e9b5fa0 RCX: 00007fd14e78e929
[  238.091343][T12839] RDX: 0000200000004500 RSI: 00002000000000c0 RDI: 0000000000000000
[  238.091349][T12839] RBP: 00007fd14f65e090 R08: 00002000000003c0 R09: 0000000000000000
[  238.091356][T12839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.091362][T12839] R13: 0000000000000000 R14: 00007fd14e9b5fa0 R15: 00007fff6ac40058
[  238.091375][T12839]  </TASK>
[  238.127270][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  238.128149][ T6872] usb 5-1: Using ep0 maxpacket: 8
[  238.131011][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  238.133828][ T6872] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  238.134886][   T29] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  238.137478][ T6872] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  238.137493][ T6872] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  238.137505][ T6872] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  238.137517][ T6872] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  238.137541][ T6872] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  238.137553][ T6872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.174340][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.178883][   T29] usb 7-1: config 0 descriptor??
[  238.264597][T12848] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.319685][T12848] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.329369][   T40] audit: type=1400 audit(1750475166.756:834): avc:  denied  { associate } for  pid=12849 comm="syz.1.2507" name="file0" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  238.342063][ T6872] usb 5-1: usb_control_msg returned -32
[  238.343919][ T6872] usbtmc 5-1:16.0: can't read capabilities
[  238.374513][T12848] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.596333][   T29] savu 0003:1E7D:2D5A.000D: hiddev1,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  238.677208][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2513'.
[  238.693977][T12860] FAULT_INJECTION: forcing a failure.
[  238.693977][T12860] name failslab, interval 1, probability 0, space 0, times 0
[  238.698528][T12860] CPU: 2 UID: 0 PID: 12860 Comm: syz.0.2498 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  238.698544][T12860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  238.698551][T12860] Call Trace:
[  238.698554][T12860]  <TASK>
[  238.698559][T12860]  dump_stack_lvl+0x16c/0x1f0
[  238.698579][T12860]  should_fail_ex+0x512/0x640
[  238.698594][T12860]  ? fs_reclaim_acquire+0xae/0x150
[  238.698606][T12860]  ? tomoyo_encode2+0x100/0x3e0
[  238.698620][T12860]  should_failslab+0xc2/0x120
[  238.698636][T12860]  __kmalloc_noprof+0xd2/0x510
[  238.698650][T12860]  ? d_absolute_path+0x136/0x1a0
[  238.698663][T12860]  tomoyo_encode2+0x100/0x3e0
[  238.698680][T12860]  tomoyo_encode+0x29/0x50
[  238.698694][T12860]  tomoyo_realpath_from_path+0x18f/0x6e0
[  238.698713][T12860]  tomoyo_path_number_perm+0x245/0x580
[  238.698726][T12860]  ? tomoyo_path_number_perm+0x237/0x580
[  238.698752][T12860]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  238.698767][T12860]  ? find_held_lock+0x2b/0x80
[  238.698792][T12860]  ? find_held_lock+0x2b/0x80
[  238.698805][T12860]  ? hook_file_ioctl_common+0x145/0x410
[  238.698818][T12860]  ? __fget_files+0x20e/0x3c0
[  238.698836][T12860]  security_file_ioctl+0x9b/0x240
[  238.698852][T12860]  __x64_sys_ioctl+0xb7/0x210
[  238.698865][T12860]  do_syscall_64+0xcd/0x4c0
[  238.698883][T12860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.698894][T12860] RIP: 0033:0x7f08ef18e929
[  238.698903][T12860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.698914][T12860] RSP: 002b:00007f08effa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  238.698924][T12860] RAX: ffffffffffffffda RBX: 00007f08ef3b6080 RCX: 00007f08ef18e929
[  238.698931][T12860] RDX: 0000000000000000 RSI: 0000000000005b04 RDI: 0000000000000003
[  238.698937][T12860] RBP: 00007f08effa4090 R08: 0000000000000000 R09: 0000000000000000
[  238.698943][T12860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.698950][T12860] R13: 0000000000000000 R14: 00007f08ef3b6080 R15: 00007ffd58f88fb8
[  238.698963][T12860]  </TASK>
[  238.698987][T12860] ERROR: Out of memory at tomoyo_realpath_from_path.
[  238.769655][T12860] usbtmc 5-1:16.0: usb_control_msg returned -71
[  238.772863][ T6872] usb 5-1: USB disconnect, device number 12
[  238.787499][   T61] usb 7-1: USB disconnect, device number 8
[  239.392646][T12881] ALSA: mixer_oss: invalid OSS volume ''
[  239.396618][   T40] audit: type=1400 audit(1750475167.826:835): avc:  denied  { ioctl } for  pid=12880 comm="syz.2.2522" path="mnt:[4026532880]" dev="nsfs" ino=4026532880 ioctlcmd=0x940c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  239.542628][T12888] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.555818][   T29] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  239.599273][T12888] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.655507][T12888] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.725806][   T29] usb 5-1: Using ep0 maxpacket: 8
[  239.729209][   T29] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  239.732518][   T29] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  239.736525][   T29] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  239.740339][   T29] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  239.743467][   T29] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  239.747590][   T29] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  239.751222][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.828292][   T40] audit: type=1400 audit(1750475168.256:836): avc:  denied  { getopt } for  pid=12891 comm="syz.1.2526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  239.958862][   T29] usb 5-1: usb_control_msg returned -32
[  239.960954][   T29] usbtmc 5-1:16.0: can't read capabilities
[  240.059121][ T5946] Bluetooth: hci2: command tx timeout
[  240.106014][   T61] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  240.165853][ T6872] usb 6-1: new full-speed USB device number 25 using dummy_hcd
[  240.220621][   T40] audit: type=1400 audit(1750475168.646:837): avc:  denied  { ioctl } for  pid=12899 comm="syz.2.2530" path="socket:[37556]" dev="sockfs" ino=37556 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  240.250962][T12904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2531'.
[  240.255991][   T61] usb 8-1: Using ep0 maxpacket: 8
[  240.259009][   T61] usb 8-1: config 242 has 0 interfaces, different from the descriptor's value: 1
[  240.262262][   T61] usb 8-1: New USB device found, idVendor=0005, idProduct=0000, bcdDevice=61.23
[  240.265313][   T61] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.320539][T12905] usbtmc 5-1:16.0: usb_control_msg returned -71
[  240.321788][ T6361] usb 5-1: USB disconnect, device number 13
[  240.337631][ T6872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  240.341044][ T6872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.344074][ T6872] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  240.347045][ T6872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.352015][ T6872] usb 6-1: config 0 descriptor??
[  240.482990][   T61] usb 8-1: string descriptor 0 read error: -71
[  240.485596][   T61] usb 8-1: USB disconnect, device number 24
[  240.645129][T12920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.699880][T12920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.755372][T12920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.770749][ T6872] savu 0003:1E7D:2D5A.000E: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[  240.939103][T12927] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2540'.
[  241.036314][    T9] usb 6-1: USB disconnect, device number 25
[  241.068402][T12931] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.2541'.
[  241.079981][T12931] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2541'.
[  241.210274][T12939] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2541'.
[  241.296434][T12942] tipc: Started in network mode
[  241.298091][T12942] tipc: Node identity ac14142f, cluster identity 4711
[  241.300635][T12942] tipc: New replicast peer: 0.0.0.0
[  241.302739][T12942] tipc: Enabled bearer <udp:syz2>, priority 10
[  241.358596][T12944] netlink: 'syz.2.2544': attribute type 4 has an invalid length.
[  241.361390][T12944] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2544'.
[  241.774916][T12952] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2547'.
[  241.778262][T12952] openvswitch: : Dropping previously announced user features
[  241.948139][T12963] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2551'.
[  242.067963][   T40] audit: type=1400 audit(1750475170.496:838): avc:  denied  { getopt } for  pid=12971 comm="syz.0.2554" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  242.135913][ T5946] Bluetooth: hci2: command tx timeout
[  242.138870][T12979] delete_channel: no stack
[  242.218957][   T40] audit: type=1400 audit(1750475170.646:839): avc:  denied  { ioctl } for  pid=12991 comm="syz.1.2564" path="/dev/usbmon0" dev="devtmpfs" ino=738 ioctlcmd=0x9201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  242.229610][T12993] xt_CT: You must specify a L4 protocol and not use inversions on it
[  242.244620][T12999] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2567'.
[  242.249438][T12314] bond0: (slave bond_slave_0): interface is now down
[  242.251166][T12993] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8208 sclass=netlink_route_socket pid=12993 comm=syz.1.2564
[  242.253441][T12314] bond0: (slave bond_slave_1): interface is now down
[  242.262655][T12999] Bluetooth: hci0: Frame reassembly failed (-84)
[  242.268685][T12314] bond0: now running without any active interface!
[  242.269451][T12325] Bluetooth: hci0: Frame reassembly failed (-84)
[  242.293970][T13002] xt_hashlimit: size too large, truncated to 1048576
[  242.343962][T13007] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  242.346793][T13007] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  242.352551][T13007] vhci_hcd vhci_hcd.0: Device attached
[  242.357071][T13007] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5)
[  242.359460][T13007] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  242.361886][T13007] vhci_hcd vhci_hcd.0: Device attached
[  242.364843][T13007] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7)
[  242.366899][T13007] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  242.370430][T13007] vhci_hcd vhci_hcd.0: Device attached
[  242.427899][ T6872] tipc: Node number set to 2886997039
[  242.435504][T13017] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2571'.
[  242.440949][T13015] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2570'.
[  242.444777][T13015] netlink: 'syz.1.2570': attribute type 1 has an invalid length.
[  242.449078][T13015] nbd: error processing sock list
[  242.585873][   T53] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  243.171617][T13013] vhci_hcd: connection closed
[  243.171659][T13011] vhci_hcd: connection closed
[  243.171791][T13008] vhci_hcd: connection reset by peer
[  243.174174][T12325] vhci_hcd: stop threads
[  243.178870][T12325] vhci_hcd: release socket
[  243.180328][T12325] vhci_hcd: disconnect device
[  243.184376][T12325] vhci_hcd: stop threads
[  243.186420][T12325] vhci_hcd: release socket
[  243.188537][T12325] vhci_hcd: disconnect device
[  243.192167][T12325] vhci_hcd: stop threads
[  243.193589][T12325] vhci_hcd: release socket
[  243.195038][T12325] vhci_hcd: disconnect device
[  243.275462][T13034] input: syz0 as /devices/virtual/input/input27
[  243.315426][T13039] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  243.315793][   T40] audit: type=1400 audit(1750475171.736:840): avc:  denied  { lock } for  pid=13038 comm="syz.2.2580" path="socket:[38732]" dev="sockfs" ino=38732 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  243.393922][T13039] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.396440][T13039] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.465606][T13039] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.474618][T13039] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.528203][T13039] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.531096][T13039] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.533812][T13039] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.537585][T13039] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.557799][T13039] wlan1: deauthenticating from 08:02:11:00:00:00 by local choice (Reason: 3=DEAUTH_LEAVING)
[  243.624555][T13045] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  243.631203][   T40] audit: type=1400 audit(1750475172.056:841): avc:  denied  { accept } for  pid=13046 comm="syz.3.2583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  243.639688][T13047] openvswitch: netlink: Message has 8 unknown bytes.
[  243.680277][T13045] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  243.703574][   T40] audit: type=1400 audit(1750475172.126:842): avc:  denied  { accept } for  pid=13050 comm="syz.3.2585" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  243.735321][T13045] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  244.065976][  T837] usb 8-1: new full-speed USB device number 25 using dummy_hcd
[  244.228801][  T837] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  244.233338][  T837] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.237634][  T837] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  244.241638][  T837] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.257548][  T837] usb 8-1: config 0 descriptor??
[  244.291199][T13071] FAULT_INJECTION: forcing a failure.
[  244.291199][T13071] name failslab, interval 1, probability 0, space 0, times 0
[  244.296249][T13071] CPU: 3 UID: 0 PID: 13071 Comm: syz.2.2590 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  244.296267][T13071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.296274][T13071] Call Trace:
[  244.296279][T13071]  <TASK>
[  244.296283][T13071]  dump_stack_lvl+0x16c/0x1f0
[  244.296304][T13071]  should_fail_ex+0x512/0x640
[  244.296318][T13071]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  244.296333][T13071]  should_failslab+0xc2/0x120
[  244.296349][T13071]  __kmalloc_cache_noprof+0x6a/0x3e0
[  244.296362][T13071]  ? copy_mount_options+0x55/0x190
[  244.296373][T13071]  ? _copy_from_user+0x59/0xd0
[  244.296389][T13071]  copy_mount_options+0x55/0x190
[  244.296401][T13071]  __x64_sys_mount+0x1ac/0x310
[  244.296419][T13071]  ? __pfx___x64_sys_mount+0x10/0x10
[  244.296436][T13071]  ? fd_install+0x244/0x750
[  244.296453][T13071]  do_syscall_64+0xcd/0x4c0
[  244.296470][T13071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.296482][T13071] RIP: 0033:0x7fa11658e929
[  244.296490][T13071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.296501][T13071] RSP: 002b:00007fa11739b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  244.296511][T13071] RAX: ffffffffffffffda RBX: 00007fa1167b5fa0 RCX: 00007fa11658e929
[  244.296523][T13071] RDX: 0000200000004500 RSI: 00002000000000c0 RDI: 0000000000000000
[  244.296529][T13071] RBP: 00007fa11739b090 R08: 00002000000003c0 R09: 0000000000000000
[  244.296524][ T5946] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  244.296536][T13071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.296542][T13071] R13: 0000000000000000 R14: 00007fa1167b5fa0 R15: 00007ffcd0707b98
[  244.296555][T13071]  </TASK>
[  244.306540][ T5943] Bluetooth: hci0: command 0x1003 tx timeout
[  244.448546][T13073] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  244.557816][   T40] audit: type=1400 audit(1750475172.986:843): avc:  denied  { create } for  pid=13079 comm="syz.0.2594" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  244.651745][T13083] FAULT_INJECTION: forcing a failure.
[  244.651745][T13083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.658152][T13083] CPU: 0 UID: 0 PID: 13083 Comm: syz.0.2595 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  244.658169][T13083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.658176][T13083] Call Trace:
[  244.658191][T13083]  <TASK>
[  244.658207][T13083]  dump_stack_lvl+0x16c/0x1f0
[  244.658228][T13083]  should_fail_ex+0x512/0x640
[  244.658246][T13083]  _copy_from_user+0x2e/0xd0
[  244.658262][T13083]  copy_msghdr_from_user+0x98/0x160
[  244.658279][T13083]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  244.658298][T13083]  ? __pfx__kstrtoull+0x10/0x10
[  244.658312][T13083]  ___sys_sendmsg+0xfe/0x1d0
[  244.658330][T13083]  ? __pfx____sys_sendmsg+0x10/0x10
[  244.658352][T13083]  ? find_held_lock+0x2b/0x80
[  244.658375][T13083]  __sys_sendmmsg+0x200/0x420
[  244.658392][T13083]  ? __pfx___sys_sendmmsg+0x10/0x10
[  244.658412][T13083]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  244.658436][T13083]  ? fput+0x70/0xf0
[  244.658452][T13083]  ? ksys_write+0x1ac/0x250
[  244.658466][T13083]  ? __pfx_ksys_write+0x10/0x10
[  244.658485][T13083]  __x64_sys_sendmmsg+0x9c/0x100
[  244.658501][T13083]  ? lockdep_hardirqs_on+0x7c/0x110
[  244.658516][T13083]  do_syscall_64+0xcd/0x4c0
[  244.658533][T13083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.658545][T13083] RIP: 0033:0x7f08ef18e929
[  244.658554][T13083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.658565][T13083] RSP: 002b:00007f08effc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  244.658580][T13083] RAX: ffffffffffffffda RBX: 00007f08ef3b5fa0 RCX: 00007f08ef18e929
[  244.658586][T13083] RDX: 0000000000000001 RSI: 0000200000002fc0 RDI: 0000000000000003
[  244.658592][T13083] RBP: 00007f08effc5090 R08: 0000000000000000 R09: 0000000000000000
[  244.658598][T13083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.658606][T13083] R13: 0000000000000000 R14: 00007f08ef3b5fa0 R15: 00007ffd58f88fb8
[  244.658626][T13083]  </TASK>
[  244.680849][  T837] savu 0003:1E7D:2D5A.000F: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  244.861944][T13093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  244.873579][  T837] usb 8-1: USB disconnect, device number 25
[  244.919044][T13094] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  244.973586][T13093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.722534][T13101] 9pnet_virtio: no channels available for device syz
[  245.804819][T13122] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.861537][T13122] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.035878][ T6872] usb 6-1: new full-speed USB device number 26 using dummy_hcd
[  246.197806][ T6872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  246.201268][ T6872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.204340][ T6872] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  246.207328][ T6872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.211427][ T6872] usb 6-1: config 0 descriptor??
[  246.584022][T13144] FAULT_INJECTION: forcing a failure.
[  246.584022][T13144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.588533][T13144] CPU: 3 UID: 0 PID: 13144 Comm: syz.2.2615 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  246.588561][T13144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  246.588572][T13144] Call Trace:
[  246.588579][T13144]  <TASK>
[  246.588587][T13144]  dump_stack_lvl+0x16c/0x1f0
[  246.588619][T13144]  should_fail_ex+0x512/0x640
[  246.588647][T13144]  _copy_from_user+0x2e/0xd0
[  246.588674][T13144]  copy_msghdr_from_user+0x98/0x160
[  246.588702][T13144]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  246.588739][T13144]  ___sys_sendmsg+0xfe/0x1d0
[  246.588766][T13144]  ? __pfx____sys_sendmsg+0x10/0x10
[  246.588790][T13144]  ? __lock_acquire+0x622/0x1c90
[  246.588848][T13144]  __sys_sendmsg+0x16d/0x220
[  246.588876][T13144]  ? __pfx___sys_sendmsg+0x10/0x10
[  246.588911][T13144]  ? fput+0x70/0xf0
[  246.588943][T13144]  do_syscall_64+0xcd/0x4c0
[  246.588973][T13144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.588993][T13144] RIP: 0033:0x7fa11658e929
[  246.589008][T13144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.589026][T13144] RSP: 002b:00007fa11739b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  246.589044][T13144] RAX: ffffffffffffffda RBX: 00007fa1167b5fa0 RCX: 00007fa11658e929
[  246.589055][T13144] RDX: 0000000000000850 RSI: 0000200000000240 RDI: 0000000000000003
[  246.589067][T13144] RBP: 00007fa11739b090 R08: 0000000000000000 R09: 0000000000000000
[  246.589078][T13144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.589090][T13144] R13: 0000000000000000 R14: 00007fa1167b5fa0 R15: 00007ffcd0707b98
[  246.589114][T13144]  </TASK>
[  246.629337][ T6872] savu 0003:1E7D:2D5A.0010: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[  246.756787][   T10] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  246.813055][T13156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.819646][    T9] usb 6-1: USB disconnect, device number 26
[  246.875190][T13156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.905826][   T10] usb 5-1: Using ep0 maxpacket: 8
[  246.914736][   T10] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  246.918370][   T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  246.921926][   T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  246.925437][   T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  246.929615][   T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  246.935357][   T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  246.945429][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.159444][   T10] usb 5-1: usb_control_msg returned -32
[  247.161729][   T10] usbtmc 5-1:16.0: can't read capabilities
[  247.437799][T13172] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  247.510868][T13177] FAULT_INJECTION: forcing a failure.
[  247.510868][T13177] name failslab, interval 1, probability 0, space 0, times 0
[  247.516070][T13177] CPU: 3 UID: 0 PID: 13177 Comm: syz.0.2612 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  247.516088][T13177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.516096][T13177] Call Trace:
[  247.516101][T13177]  <TASK>
[  247.516107][T13177]  dump_stack_lvl+0x16c/0x1f0
[  247.516135][T13177]  should_fail_ex+0x512/0x640
[  247.516156][T13177]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  247.516178][T13177]  should_failslab+0xc2/0x120
[  247.516203][T13177]  __kmalloc_cache_noprof+0x6a/0x3e0
[  247.516222][T13177]  ? usbtmc_ioctl_abort_bulk_in_tag+0xd1/0x7b0
[  247.516248][T13177]  usbtmc_ioctl_abort_bulk_in_tag+0xd1/0x7b0
[  247.516275][T13177]  ? __pfx_usbtmc_ioctl_abort_bulk_in_tag+0x10/0x10
[  247.516303][T13177]  ? do_vfs_ioctl+0x523/0x1a60
[  247.516327][T13177]  usbtmc_ioctl+0x1a68/0x2900
[  247.516347][T13177]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  247.516371][T13177]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  247.516396][T13177]  ? __pfx_usbtmc_ioctl+0x10/0x10
[  247.516414][T13177]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  247.516443][T13177]  ? hook_file_ioctl_common+0x145/0x410
[  247.516466][T13177]  ? selinux_file_ioctl+0x180/0x270
[  247.516487][T13177]  ? selinux_file_ioctl+0xb4/0x270
[  247.516511][T13177]  ? __pfx_usbtmc_ioctl+0x10/0x10
[  247.516526][T13177]  __x64_sys_ioctl+0x18b/0x210
[  247.516539][T13177]  do_syscall_64+0xcd/0x4c0
[  247.516558][T13177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.516570][T13177] RIP: 0033:0x7f08ef18e929
[  247.516579][T13177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.516590][T13177] RSP: 002b:00007f08effa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  247.516601][T13177] RAX: ffffffffffffffda RBX: 00007f08ef3b6080 RCX: 00007f08ef18e929
[  247.516607][T13177] RDX: 0000000000000000 RSI: 0000000000005b04 RDI: 0000000000000003
[  247.516613][T13177] RBP: 00007f08effa4090 R08: 0000000000000000 R09: 0000000000000000
[  247.516619][T13177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.516626][T13177] R13: 0000000000000000 R14: 00007f08ef3b6080 R15: 00007ffd58f88fb8
[  247.516639][T13177]  </TASK>
[  247.726045][   T53] vhci_hcd: vhci_device speed not set
[  248.285851][   T24] usb 8-1: new full-speed USB device number 26 using dummy_hcd
[  248.458726][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  248.462412][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  248.466225][   T24] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  248.469082][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.478954][   T24] usb 8-1: config 0 descriptor??
[  248.573736][T13199] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.632090][T13199] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.891993][   T24] savu 0003:1E7D:2D5A.0011: hiddev1,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  249.087860][   T61] usb 8-1: USB disconnect, device number 26
[  249.189769][   T40] audit: type=1400 audit(1750475177.616:844): avc:  denied  { create } for  pid=13203 comm="syz.1.2637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  249.197497][   T40] audit: type=1400 audit(1750475177.616:845): avc:  denied  { getopt } for  pid=13203 comm="syz.1.2637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  249.282047][T13209] delete_channel: no stack
[  249.489653][T13229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.495116][    T9] usb 5-1: USB disconnect, device number 14
[  249.545243][T13229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.548058][   T10] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  249.550652][T13229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.557535][   T10] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  249.666262][T12309] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  249.676895][   T40] audit: type=1400 audit(1750475178.106:846): avc:  denied  { getopt } for  pid=13238 comm="syz.0.2650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  249.780887][T12319] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  249.885890][T12319] wlan1: authentication with 08:02:11:00:00:00 timed out
[  249.896203][  T837] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  250.055844][  T837] usb 8-1: Using ep0 maxpacket: 8
[  250.058996][  T837] usb 8-1: config index 0 descriptor too short (expected 74, got 45)
[  250.061765][  T837] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  250.065436][  T837] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  250.069358][  T837] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  250.073136][  T837] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  250.077553][  T837] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  250.077941][T13264] block nbd0: NBD_DISCONNECT
[  250.080598][  T837] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.083181][T13263] block nbd0: Disconnected due to user request.
[  250.088435][T13263] block nbd0: shutting down sockets
[  250.290489][  T837] usb 8-1: GET_CAPABILITIES returned 0
[  250.292280][  T837] usbtmc 8-1:16.0: can't read capabilities
[  250.325878][ T5945] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[  250.478208][ T5945] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  250.481834][ T5945] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.484961][ T5945] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  250.488428][ T5945] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.492267][ T5945] usb 7-1: config 0 descriptor??
[  250.492657][   T53] usb 8-1: USB disconnect, device number 27
[  250.865343][   T40] audit: type=1400 audit(1750475179.286:847): avc:  denied  { ioctl } for  pid=13290 comm="syz.0.2666" path="/dev/fb1" dev="devtmpfs" ino=640 ioctlcmd=0x4606 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  250.900742][ T5945] usbhid 7-1:0.0: can't add hid device: -71
[  250.902689][ T5945] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  250.909106][ T5945] usb 7-1: USB disconnect, device number 9
[  251.254586][T13322] Invalid source name
[  251.256166][T13322] UBIFS error (pid: 13322): cannot open "ubifs", error -22
[  251.277386][   T40] audit: type=1400 audit(1750475179.706:848): avc:  denied  { read } for  pid=13323 comm="syz.1.2678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  251.301724][T13324] __nla_validate_parse: 4 callbacks suppressed
[  251.301737][T13324] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2678'.
[  251.417236][T13342] input: syz0 as /devices/virtual/input/input29
[  251.462171][   T40] audit: type=1400 audit(1750475179.886:849): avc:  denied  { shutdown } for  pid=13346 comm="syz.2.2685" lport=36618 faddr=fc01:: scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  251.485904][   T40] audit: type=1400 audit(1750475179.906:850): avc:  denied  { map } for  pid=13350 comm="syz.0.2687" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  251.493780][   T40] audit: type=1400 audit(1750475179.906:851): avc:  denied  { execute } for  pid=13350 comm="syz.0.2687" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  251.657891][T13369] FAULT_INJECTION: forcing a failure.
[  251.657891][T13369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.661928][T13369] CPU: 3 UID: 0 PID: 13369 Comm: syz.3.2696 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  251.661945][T13369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.661952][T13369] Call Trace:
[  251.661957][T13369]  <TASK>
[  251.661961][T13369]  dump_stack_lvl+0x16c/0x1f0
[  251.661999][T13369]  should_fail_ex+0x512/0x640
[  251.662016][T13369]  _copy_from_user+0x2e/0xd0
[  251.662033][T13369]  copy_mount_options+0x76/0x190
[  251.662046][T13369]  __x64_sys_mount+0x1ac/0x310
[  251.662063][T13369]  ? __pfx___x64_sys_mount+0x10/0x10
[  251.662084][T13369]  do_syscall_64+0xcd/0x4c0
[  251.662102][T13369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.662113][T13369] RIP: 0033:0x7fd14e78e929
[  251.662122][T13369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.662133][T13369] RSP: 002b:00007fd14f65e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  251.662144][T13369] RAX: ffffffffffffffda RBX: 00007fd14e9b5fa0 RCX: 00007fd14e78e929
[  251.662151][T13369] RDX: 0000200000004500 RSI: 00002000000000c0 RDI: 0000000000000000
[  251.662157][T13369] RBP: 00007fd14f65e090 R08: 00002000000003c0 R09: 0000000000000000
[  251.662163][T13369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.662169][T13369] R13: 0000000000000000 R14: 00007fd14e9b5fa0 R15: 00007fff6ac40058
[  251.662183][T13369]  </TASK>
[  251.795834][    T9] usb 6-1: new full-speed USB device number 27 using dummy_hcd
[  251.795845][   T29] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  251.947110][   T29] usb 7-1: Using ep0 maxpacket: 8
[  251.950249][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  251.953633][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  251.957404][   T29] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  251.960342][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.966934][   T29] usb 7-1: config 0 descriptor??
[  251.972875][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  251.977519][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.980876][    T9] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  251.984101][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.000432][    T9] usb 6-1: config 0 descriptor??
[  252.175488][   T29] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  252.372562][T13360] iowarrior 7-1:0.0: Error -90 while submitting URB
[  252.377034][ T5946] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  252.379761][ T5946] Bluetooth: hci2: Injecting HCI hardware error event
[  252.380349][   T10] usb 7-1: USB disconnect, device number 10
[  252.386156][ T5943] Bluetooth: hci2: hardware error 0x00
[  252.419767][    T9] usbhid 6-1:0.0: can't add hid device: -71
[  252.427340][    T9] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  252.439818][    T9] usb 6-1: USB disconnect, device number 27
[  252.886008][T13394] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  252.995819][T13394] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.375628][T13415] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2712'.
[  253.649882][   T40] audit: type=1400 audit(1750475182.076:852): avc:  denied  { ioctl } for  pid=13440 comm="syz.0.2721" path="socket:[40531]" dev="sockfs" ino=40531 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  253.660401][   T40] audit: type=1400 audit(1750475182.076:853): avc:  denied  { ioctl } for  pid=13440 comm="syz.0.2721" path="socket:[40537]" dev="sockfs" ino=40537 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  253.743310][T13450] netlink: 'syz.2.2726': attribute type 21 has an invalid length.
[  253.746671][T13450] IPv6: NLM_F_CREATE should be specified when creating new route
[  253.752756][T13450] netlink: 'syz.2.2726': attribute type 10 has an invalid length.
[  253.758685][T13450] team0: Device hsr_slave_0 failed to register rx_handler
[  253.945918][T13456] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  254.050862][T13456] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  254.465888][ T5943] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  254.706249][    T9] usb 8-1: new full-speed USB device number 28 using dummy_hcd
[  254.839907][T13484] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2739'.
[  254.869107][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  254.886430][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.893217][    T9] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  254.897975][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.933792][    T9] usb 8-1: config 0 descriptor??
[  254.981653][T13487] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2740'.
[  254.985255][T13487] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  255.265432][T13497] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2743'.
[  255.270230][T13497] openvswitch: : Dropping previously announced user features
[  255.349032][    T9] usbhid 8-1:0.0: can't add hid device: -71
[  255.362694][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  255.391030][    T9] usb 8-1: USB disconnect, device number 28
[  255.429308][ T1427] ieee802154 phy1 wpan1: encryption failed: -22
[  255.525127][T13512] overlayfs: failed to resolve './file0': -2
[  255.695687][T13520] syzkaller1: entered promiscuous mode
[  255.698068][T13520] syzkaller1: entered allmulticast mode
[  255.740431][T13524] syzkaller1: entered promiscuous mode
[  255.742329][T13524] syzkaller1: entered allmulticast mode
[  255.904745][T13532] netlink: 'syz.0.2757': attribute type 4 has an invalid length.
[  255.987960][T13547] FAULT_INJECTION: forcing a failure.
[  255.987960][T13547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.992505][T13547] CPU: 1 UID: 0 PID: 13547 Comm: syz.0.2764 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  255.992521][T13547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.992528][T13547] Call Trace:
[  255.992532][T13547]  <TASK>
[  255.992536][T13547]  dump_stack_lvl+0x16c/0x1f0
[  255.992557][T13547]  should_fail_ex+0x512/0x640
[  255.992574][T13547]  _copy_from_user+0x2e/0xd0
[  255.992590][T13547]  copy_msghdr_from_user+0x98/0x160
[  255.992607][T13547]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  255.992625][T13547]  ? __pfx__kstrtoull+0x10/0x10
[  255.992639][T13547]  ___sys_sendmsg+0xfe/0x1d0
[  255.992655][T13547]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.992677][T13547]  ? find_held_lock+0x2b/0x80
[  255.992699][T13547]  __sys_sendmmsg+0x200/0x420
[  255.992716][T13547]  ? __pfx___sys_sendmmsg+0x10/0x10
[  255.992736][T13547]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  255.992759][T13547]  ? fput+0x70/0xf0
[  255.992776][T13547]  ? ksys_write+0x1ac/0x250
[  255.992789][T13547]  ? __pfx_ksys_write+0x10/0x10
[  255.992805][T13547]  __x64_sys_sendmmsg+0x9c/0x100
[  255.992820][T13547]  ? lockdep_hardirqs_on+0x7c/0x110
[  255.992835][T13547]  do_syscall_64+0xcd/0x4c0
[  255.992853][T13547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.992865][T13547] RIP: 0033:0x7f08ef18e929
[  255.992874][T13547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.992884][T13547] RSP: 002b:00007f08effc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  255.992895][T13547] RAX: ffffffffffffffda RBX: 00007f08ef3b5fa0 RCX: 00007f08ef18e929
[  255.992901][T13547] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  255.992910][T13547] RBP: 00007f08effc5090 R08: 0000000000000000 R09: 0000000000000000
[  255.992917][T13547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.992923][T13547] R13: 0000000000000000 R14: 00007f08ef3b5fa0 R15: 00007ffd58f88fb8
[  255.992936][T13547]  </TASK>
[  256.315815][   T24] usb 6-1: new full-speed USB device number 28 using dummy_hcd
[  256.331317][T13563] syzkaller1: entered promiscuous mode
[  256.333076][T13563] syzkaller1: entered allmulticast mode
[  256.467432][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  256.471074][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.474144][   T24] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  256.477422][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.481764][   T24] usb 6-1: config 0 descriptor??
[  256.499934][T13583] netlink: 116 bytes leftover after parsing attributes in process `syz.0.2780'.
[  256.533370][T13591] xt_hashlimit: size too large, truncated to 1048576
[  256.627389][T13601] cgroup: Unknown subsys name 'cpuset'
[  256.639381][T13603] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  256.643320][T13603] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  256.697515][T13603] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  256.890085][   T24] usbhid 6-1:0.0: can't add hid device: -71
[  256.892064][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  256.897504][   T24] usb 6-1: USB disconnect, device number 28
[  257.422652][T13612] input: syz0 as /devices/virtual/input/input30
[  257.437847][T13613] syzkaller1: entered promiscuous mode
[  257.439673][T13613] syzkaller1: entered allmulticast mode
[  257.560529][T13625] FAULT_INJECTION: forcing a failure.
[  257.560529][T13625] name failslab, interval 1, probability 0, space 0, times 0
[  257.564459][T13625] CPU: 0 UID: 0 PID: 13625 Comm: syz.3.2797 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  257.564475][T13625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  257.564482][T13625] Call Trace:
[  257.564487][T13625]  <TASK>
[  257.564491][T13625]  dump_stack_lvl+0x16c/0x1f0
[  257.564510][T13625]  should_fail_ex+0x512/0x640
[  257.564525][T13625]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  257.564541][T13625]  should_failslab+0xc2/0x120
[  257.564558][T13625]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  257.564572][T13625]  ? getname_flags.part.0+0x4c/0x550
[  257.564586][T13625]  getname_flags.part.0+0x4c/0x550
[  257.564598][T13625]  getname_flags+0x93/0xf0
[  257.564612][T13625]  user_path_at+0x24/0x60
[  257.564626][T13625]  __x64_sys_mount+0x1fc/0x310
[  257.564644][T13625]  ? __pfx___x64_sys_mount+0x10/0x10
[  257.564664][T13625]  do_syscall_64+0xcd/0x4c0
[  257.564682][T13625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.564694][T13625] RIP: 0033:0x7fd14e78e929
[  257.564703][T13625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.564713][T13625] RSP: 002b:00007fd14f65e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  257.564723][T13625] RAX: ffffffffffffffda RBX: 00007fd14e9b5fa0 RCX: 00007fd14e78e929
[  257.564731][T13625] RDX: 0000200000004500 RSI: 00002000000000c0 RDI: 0000000000000000
[  257.564737][T13625] RBP: 00007fd14f65e090 R08: 00002000000003c0 R09: 0000000000000000
[  257.564743][T13625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.564749][T13625] R13: 0000000000000000 R14: 00007fd14e9b5fa0 R15: 00007fff6ac40058
[  257.564763][T13625]  </TASK>
[  257.685843][    T9] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  257.826139][  T837] usb 6-1: new full-speed USB device number 29 using dummy_hcd
[  257.836468][    T9] usb 7-1: Using ep0 maxpacket: 16
[  257.840908][    T9] usb 7-1: config 3 has an invalid interface number: 195 but max is 2
[  257.844147][    T9] usb 7-1: config 3 has an invalid interface number: 3 but max is 2
[  257.847861][    T9] usb 7-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  257.851838][    T9] usb 7-1: config 3 has 2 interfaces, different from the descriptor's value: 3
[  257.855375][    T9] usb 7-1: config 3 has no interface number 0
[  257.858258][    T9] usb 7-1: config 3 has no interface number 1
[  257.860694][    T9] usb 7-1: too many endpoints for config 3 interface 3 altsetting 7: 113, using maximum allowed: 30
[  257.864949][    T9] usb 7-1: config 3 interface 3 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 113
[  257.870781][    T9] usb 7-1: config 3 interface 195 has no altsetting 0
[  257.873484][    T9] usb 7-1: config 3 interface 3 has no altsetting 0
[  257.878457][    T9] usb 7-1: New USB device found, idVendor=2100, idProduct=9e68, bcdDevice=74.d2
[  257.882043][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.885211][    T9] usb 7-1: Product: syz
[  257.887088][    T9] usb 7-1: Manufacturer: syz
[  257.888979][    T9] usb 7-1: SerialNumber: syz
[  258.000487][  T837] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  258.003638][  T837] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.006929][  T837] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  258.011072][  T837] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.015289][  T837] usb 6-1: config 0 descriptor??
[  258.099934][    T9] ftdi_sio 7-1:3.195: FTDI USB Serial Device converter detected
[  258.102839][    T9] ftdi_sio ttyUSB0: unknown device type: 0x74d2
[  258.106664][    T9] ftdi_sio 7-1:3.3: FTDI USB Serial Device converter detected
[  258.109521][    T9] ftdi_sio ttyUSB1: unknown device type: 0x74d2
[  258.112772][    T9] usb 7-1: USB disconnect, device number 11
[  258.115233][    T9] ftdi_sio 7-1:3.195: device disconnected
[  258.118162][    T9] ftdi_sio 7-1:3.3: device disconnected
[  258.423880][  T837] usbhid 6-1:0.0: can't add hid device: -71
[  258.425698][  T837] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  258.432620][  T837] usb 6-1: USB disconnect, device number 29
[  258.458515][T13648] binder: 13647:13648 ioctl c0306201 200000000080 returned -14
[  258.639305][T13650] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  258.642111][T13650] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  258.669737][T13650] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  259.546161][T13676] openvswitch: : Dropping previously announced user features
[  259.675503][   T40] audit: type=1400 audit(1750475188.096:854): avc:  denied  { read } for  pid=13692 comm="syz.3.2825" name="file0" dev="tmpfs" ino=2995 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  259.838569][T13703] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.900364][T13703] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.902010][T13705] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.959220][T13706] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.992807][T13708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2832'.
[  260.002749][T13703] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.076033][T13703] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.158813][T13703] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.167144][T13703] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.177743][T13703] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.184387][T13703] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  260.231441][T13714] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2841'.
[  260.239065][T13717] openvswitch: : Dropping previously announced user features
[  260.502768][T13737] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.579649][T13737] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.614684][T13743] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  260.615857][ T5943] Bluetooth: hci4: command 0x0c1a tx timeout
[  260.672389][T13743] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  260.674154][T13737] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.744835][T13737] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.818175][T13737] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.825393][T13737] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.833684][T13737] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.842778][T13737] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  261.099338][T13752] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2852'.
[  261.516106][T13780] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  261.571845][T13785] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  262.311791][T13753] Set syz1 is full, maxelem 65536 reached
[  262.697829][ T5943] Bluetooth: hci4: command 0x0c1a tx timeout
[  262.799221][T13862] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2894'.
[  262.802986][T13862] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2894'.
[  262.810293][T13862] : entered promiscuous mode
[  263.471403][T13915] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2913'.
[  263.516862][T13910] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2911'.
[  263.571441][T13923] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  263.596541][T13927] batadv_slave_1: entered promiscuous mode
[  263.606123][T13926] batadv_slave_1: left promiscuous mode
[  263.625593][T13923] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  263.662934][T13937] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2923'.
[  263.681476][T13923] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  263.696794][T13943] fuse: Bad value for 'fd'
[  263.902521][   T40] audit: type=1400 audit(1750475192.326:855): avc:  denied  { getopt } for  pid=13958 comm="syz.0.2929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  263.909157][   T40] audit: type=1400 audit(1750475192.336:856): avc:  denied  { append } for  pid=13958 comm="syz.0.2929" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  263.915679][T13959] raw_sendmsg: syz.0.2929 forgot to set AF_INET. Fix it!
[  264.052798][T13976] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2937'.
[  264.192580][T13987] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2941'.
[  264.197148][   T40] audit: type=1400 audit(1750475192.626:857): avc:  denied  { setattr } for  pid=13986 comm="syz.2.2941" name="/" dev="9p" ino=35913820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  264.335295][T14008] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2951'.
[  264.359617][T14010] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.414323][T14010] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.473816][T14010] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.773878][T14039] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2963'.
[  264.775889][ T5943] Bluetooth: hci4: command 0x0c1a tx timeout
[  264.936811][   T10] usb 6-1: new full-speed USB device number 30 using dummy_hcd
[  265.060065][T14050] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  265.066526][   T10] usb 6-1: device descriptor read/64, error -71
[  265.082019][   T40] audit: type=1400 audit(1750475193.506:858): avc:  denied  { remount } for  pid=14049 comm="syz.3.2969" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  265.267521][T14056] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2972'.
[  265.315988][   T10] usb 6-1: new full-speed USB device number 31 using dummy_hcd
[  265.456172][   T10] usb 6-1: device descriptor read/64, error -71
[  265.566666][   T10] usb usb6-port1: attempt power cycle
[  265.722466][   T40] audit: type=1400 audit(1750475194.146:859): avc:  denied  { write } for  pid=14102 comm="syz.2.2992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  265.754639][   T40] audit: type=1400 audit(1750475194.176:860): avc:  denied  { append } for  pid=14110 comm="syz.0.2995" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  265.780742][   T40] audit: type=1400 audit(1750475194.206:861): avc:  denied  { read } for  pid=14102 comm="syz.2.2992" path="socket:[43624]" dev="sockfs" ino=43624 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  265.780849][T14114] PKCS7: Unknown OID: [4] 5.25.43204.122
[  265.798072][T14114] PKCS7: Only support pkcs7_signedData type
[  265.810054][T14117] 9pnet_fd: Insufficient options for proto=fd
[  265.871079][   T40] audit: type=1400 audit(1750475194.296:862): avc:  denied  { getopt } for  pid=14116 comm="syz.3.2998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  265.916201][   T10] usb 6-1: new full-speed USB device number 32 using dummy_hcd
[  265.927698][T14118] delete_channel: no stack
[  265.936402][   T10] usb 6-1: device descriptor read/8, error -71
[  266.185877][   T10] usb 6-1: new full-speed USB device number 33 using dummy_hcd
[  266.217968][   T10] usb 6-1: device descriptor read/8, error -71
[  266.326418][   T10] usb usb6-port1: unable to enumerate USB device
[  266.329939][T14143] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  266.384337][T14143] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  266.439324][T14143] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  266.547480][T14145] fuse: Bad value for 'user_id'
[  266.549067][T14145] fuse: Bad value for 'user_id'
[  267.105900][   T24] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  267.149676][T14164] xt_hashlimit: size too large, truncated to 1048576
[  267.275841][   T24] usb 7-1: Using ep0 maxpacket: 16
[  267.279079][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  267.283242][   T24] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  267.286294][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.290067][   T24] usb 7-1: config 0 descriptor??
[  267.297980][   T24] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input31
[  267.493975][T14154] program syz.2.3014 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  267.551737][   T40] audit: type=1400 audit(1750475195.976:863): avc:  denied  { read } for  pid=14153 comm="syz.2.3014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  267.674499][T14186] batadv_slave_1: entered promiscuous mode
[  267.681622][T14186] input: syz0 as /devices/virtual/input/input32
[  268.505562][T14185] batadv_slave_1: left promiscuous mode
[  268.559446][T14206] __nla_validate_parse: 7 callbacks suppressed
[  268.559457][T14206] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3033'.
[  268.564981][T14206] tipc: Invalid UDP bearer configuration
[  268.565007][T14206] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  268.570468][T14206] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3033'.
[  268.575042][T14206] openvswitch: : Dropping previously announced user features
[  268.606222][   T40] audit: type=1326 audit(1750475197.036:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14210 comm="syz.1.3035" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fec7198e929 code=0x0
[  268.658270][   T40] audit: type=1400 audit(1750475197.086:865): avc:  denied  { mounton } for  pid=14210 comm="syz.1.3035" path="/proc/333/task/334/net/netfilter" dev="proc" ino=4026534144 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  269.470686][T14236] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3044'.
[  269.679733][T14253] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  269.797283][T14271] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3059'.
[  269.802465][T14271] trusted_key: encrypted_key: insufficient parameters specified
[  269.913611][ T5337] bcm5974 7-1:0.0: could not read from device
[  269.917706][ T5337] bcm5974 7-1:0.0: could not read from device
[  269.928444][   T24] usb 7-1: USB disconnect, device number 12
[  269.950694][ T5946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  269.954688][ T5946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  269.957793][ T5946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  269.960715][ T5946] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  269.967085][ T5946] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  270.224676][T14296] syzkaller1: entered promiscuous mode
[  270.226462][T14296] syzkaller1: entered allmulticast mode
[  270.226880][T14298] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3068'.
[  270.279269][T14302] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  270.335997][T14312] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  270.368899][T14280] chnl_net:caif_netlink_parms(): no params data found
[  270.393769][T14302] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  270.484996][T14280] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.488383][T14280] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.491319][T14280] bridge_slave_0: entered allmulticast mode
[  270.494353][T14280] bridge_slave_0: entered promiscuous mode
[  270.498601][T14280] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.502562][T14280] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.505572][T14280] bridge_slave_1: entered allmulticast mode
[  270.509969][T14280] bridge_slave_1: entered promiscuous mode
[  270.527646][T14323] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3077'.
[  270.548351][T14280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  270.553688][T14280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  270.593796][T14280] team0: Port device team_slave_0 added
[  270.597555][T14280] team0: Port device team_slave_1 added
[  270.645395][T14280] batman_adv: batadv0: Adding interface: batadv_slave_0
[  270.647741][T14280] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  270.653151][   T40] audit: type=1400 audit(1750475199.076:866): avc:  denied  { create } for  pid=14330 comm="syz.2.3081" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  270.656394][T14280] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  270.667725][   T40] audit: type=1400 audit(1750475199.076:867): avc:  denied  { ioctl } for  pid=14330 comm="syz.2.3081" path="socket:[46534]" dev="sockfs" ino=46534 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  270.678423][T14280] batman_adv: batadv0: Adding interface: batadv_slave_1
[  270.681369][T14280] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  270.692414][T14280] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  270.755363][T14280] hsr_slave_0: entered promiscuous mode
[  270.758082][T14280] hsr_slave_1: entered promiscuous mode
[  270.760162][T14280] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  270.762552][T14280] Cannot create hsr debugfs directory
[  270.801713][T14348] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3087'.
[  270.809018][T14348] trusted_key: encrypted_key: insufficient parameters specified
[  271.227916][T14280] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  271.233341][T14280] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  271.239177][T14280] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  271.243950][T14280] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  271.301267][T14280] 8021q: adding VLAN 0 to HW filter on device bond0
[  271.316736][T14280] 8021q: adding VLAN 0 to HW filter on device team0
[  271.322420][T12314] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.325070][T12314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.333445][T12313] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.335783][T12313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.465672][T14280] 8021q: adding VLAN 0 to HW filter on device batadv0
[  271.487423][T14280] veth0_vlan: entered promiscuous mode
[  271.492246][T14280] veth1_vlan: entered promiscuous mode
[  271.507271][T14280] veth0_macvtap: entered promiscuous mode
[  271.511082][T14280] veth1_macvtap: entered promiscuous mode
[  271.521579][T14280] batman_adv: batadv0: Interface activated: batadv_slave_0
[  271.528948][T14280] batman_adv: batadv0: Interface activated: batadv_slave_1
[  271.533749][T14280] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  271.536898][T14280] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  271.539559][T14280] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  271.542218][T14280] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  271.581786][T12313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.584476][T12313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.610004][T12319] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.612594][T12319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.730851][T14381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3095'.
[  271.851405][T14391] netlink: 144 bytes leftover after parsing attributes in process `syz.1.3099'.
[  271.861576][ T5945] hid (null): invalid report_size -8101668
[  271.864063][ T5945] hid (null): unknown global tag 0xe
[  271.867522][ T5945] hid (null): report_id 2236183624 is invalid
[  271.869478][ T5945] hid (null): invalid report_size 1274868634
[  271.871727][ T5945] hid (null): invalid report_count -1877570341
[  271.873652][ T5945] hid (null): unknown global tag 0xd
[  271.875349][ T5945] hid (null): unknown global tag 0xe
[  271.880685][ T5945] hid-generic 0100:0005:0009.0012: unknown main item tag 0x3
[  271.883190][ T5945] hid-generic 0100:0005:0009.0012: ignoring exceeding usage max
[  271.888410][ T5945] hid-generic 0100:0005:0009.0012: unknown main item tag 0x2
[  271.891141][ T5945] hid-generic 0100:0005:0009.0012: invalid report_size -8101668
[  271.893619][ T5945] hid-generic 0100:0005:0009.0012: item 0 4 1 7 parsing failed
[  271.900690][ T5945] hid-generic 0100:0005:0009.0012: probe with driver hid-generic failed with error -22
[  271.909878][T14395] FAULT_INJECTION: forcing a failure.
[  271.909878][T14395] name failslab, interval 1, probability 0, space 0, times 0
[  271.913935][T14395] CPU: 0 UID: 0 PID: 14395 Comm: syz.0.3101 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  271.913951][T14395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  271.913959][T14395] Call Trace:
[  271.913963][T14395]  <TASK>
[  271.913967][T14395]  dump_stack_lvl+0x16c/0x1f0
[  271.914000][T14395]  should_fail_ex+0x512/0x640
[  271.914020][T14395]  ? fs_reclaim_acquire+0xae/0x150
[  271.914032][T14395]  ? tomoyo_encode2+0x100/0x3e0
[  271.914048][T14395]  should_failslab+0xc2/0x120
[  271.914064][T14395]  __kmalloc_noprof+0xd2/0x510
[  271.914081][T14395]  tomoyo_encode2+0x100/0x3e0
[  271.914098][T14395]  tomoyo_encode+0x29/0x50
[  271.914113][T14395]  tomoyo_realpath_from_path+0x18f/0x6e0
[  271.914130][T14395]  ? tomoyo_profile+0x47/0x60
[  271.914148][T14395]  tomoyo_path_perm+0x274/0x460
[  271.914160][T14395]  ? tomoyo_path_perm+0x260/0x460
[  271.914174][T14395]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  271.914193][T14395]  ? get_pid_task+0xfc/0x250
[  271.914218][T14395]  ? __fget_files+0x20e/0x3c0
[  271.914231][T14395]  ? __pfx_find_held_lock+0x10/0x10
[  271.914247][T14395]  security_inode_getattr+0x116/0x290
[  271.914263][T14395]  vfs_fstat+0x4b/0xe0
[  271.914274][T14395]  __do_sys_newfstat+0x87/0x100
[  271.914284][T14395]  ? __pfx___do_sys_newfstat+0x10/0x10
[  271.914301][T14395]  ? __pfx_ksys_write+0x10/0x10
[  271.914317][T14395]  ? rcu_is_watching+0x12/0xc0
[  271.914332][T14395]  do_syscall_64+0xcd/0x4c0
[  271.914349][T14395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.914360][T14395] RIP: 0033:0x7f08ef18e929
[  271.914369][T14395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.914380][T14395] RSP: 002b:00007f08effc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000005
[  271.914390][T14395] RAX: ffffffffffffffda RBX: 00007f08ef3b5fa0 RCX: 00007f08ef18e929
[  271.914397][T14395] RDX: 0000000000000000 RSI: 0000200000003280 RDI: 0000000000000005
[  271.914403][T14395] RBP: 00007f08effc5090 R08: 0000000000000000 R09: 0000000000000000
[  271.914409][T14395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.914415][T14395] R13: 0000000000000000 R14: 00007f08ef3b5fa0 R15: 00007ffd58f88fb8
[  271.914428][T14395]  </TASK>
[  271.919891][T14395] ERROR: Out of memory at tomoyo_realpath_from_path.
[  271.975979][ T5946] Bluetooth: hci0: command tx timeout
[  272.179188][T14419] FAULT_INJECTION: forcing a failure.
[  272.179188][T14419] name failslab, interval 1, probability 0, space 0, times 0
[  272.185841][T14419] CPU: 2 UID: 0 PID: 14419 Comm: syz.0.3109 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  272.185858][T14419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  272.185865][T14419] Call Trace:
[  272.185869][T14419]  <TASK>
[  272.185873][T14419]  dump_stack_lvl+0x16c/0x1f0
[  272.185894][T14419]  should_fail_ex+0x512/0x640
[  272.185909][T14419]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  272.185925][T14419]  should_failslab+0xc2/0x120
[  272.185941][T14419]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  272.185956][T14419]  ? fcntl_setlk+0xaa/0xe20
[  272.185970][T14419]  fcntl_setlk+0xaa/0xe20
[  272.185988][T14419]  ? __pfx_fcntl_setlk+0x10/0x10
[  272.186001][T14419]  ? find_held_lock+0x2b/0x80
[  272.186017][T14419]  ? __might_fault+0xe3/0x190
[  272.186031][T14419]  ? __might_fault+0xe3/0x190
[  272.186043][T14419]  ? __might_fault+0x13b/0x190
[  272.186061][T14419]  do_fcntl+0xbce/0x15a0
[  272.186072][T14419]  ? __pfx_do_fcntl+0x10/0x10
[  272.186084][T14419]  ? selinux_file_fcntl+0x93/0x170
[  272.186098][T14419]  __x64_sys_fcntl+0x163/0x200
[  272.186110][T14419]  do_syscall_64+0xcd/0x4c0
[  272.186127][T14419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.186138][T14419] RIP: 0033:0x7f08ef18e929
[  272.186147][T14419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.186157][T14419] RSP: 002b:00007f08effc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  272.186168][T14419] RAX: ffffffffffffffda RBX: 00007f08ef3b5fa0 RCX: 00007f08ef18e929
[  272.186175][T14419] RDX: 0000200000000080 RSI: 0000000000000026 RDI: 0000000000000006
[  272.186181][T14419] RBP: 00007f08effc5090 R08: 0000000000000000 R09: 0000000000000000
[  272.186187][T14419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.186194][T14419] R13: 0000000000000000 R14: 00007f08ef3b5fa0 R15: 00007ffd58f88fb8
[  272.186206][T14419]  </TASK>
[  272.205680][T14424] input: syz0 as /devices/virtual/input/input33
[  272.211786][T14425] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3110'.
[  272.374372][T14436] syzkaller1: entered promiscuous mode
[  272.376512][T14436] syzkaller1: entered allmulticast mode
[  272.424933][T12309] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0x1c
[  272.476220][T14439] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  272.479675][T14439] openvswitch: : Dropping previously announced user features
[  272.775132][T14456] netlink: 'syz.2.3122': attribute type 1 has an invalid length.
[  272.810198][T14456] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  272.815089][T14456] 8021q: adding VLAN 0 to HW filter on device bond1
[  272.816643][T12318] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  272.920914][T14460] macvlan2: entered promiscuous mode
[  272.923139][T14460] macvlan2: entered allmulticast mode
[  272.936510][T12325] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  273.270104][T14472] 9pnet_fd: Insufficient options for proto=fd
[  274.065915][ T5946] Bluetooth: hci0: command tx timeout
[  274.076957][   T40] audit: type=1400 audit(1750475202.506:868): avc:  denied  { name_bind } for  pid=14478 comm="syz.3.3129" src=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  274.305700][T14496] Invalid source name
[  274.307343][T14496] UBIFS error (pid: 14496): cannot open "/dev/sg0", error -22
[  274.345827][T14500] __nla_validate_parse: 2 callbacks suppressed
[  274.345839][T14500] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3138'.
[  274.353294][T14500] openvswitch: : Dropping previously announced user features
[  274.361753][T14501] Invalid source name
[  274.363087][T14501] UBIFS error (pid: 14501): cannot open "/dev/sg0", error -22
[  274.617378][   T40] audit: type=1400 audit(1750475203.046:869): avc:  denied  { bind } for  pid=14524 comm="syz.3.3147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  274.915862][  T837] usb 8-1: new low-speed USB device number 29 using dummy_hcd
[  275.129473][  T837] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  275.133872][  T837] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  275.141022][  T837] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 28528, setting to 8
[  275.144572][  T837] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  275.147790][  T837] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.152175][T14527] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  275.157645][  T837] hub 8-1:1.0: bad descriptor, ignoring hub
[  275.159641][  T837] hub 8-1:1.0: probe with driver hub failed with error -5
[  275.162246][  T837] cdc_wdm 8-1:1.0: skipping garbage
[  275.163952][  T837] cdc_wdm 8-1:1.0: skipping garbage
[  275.168551][  T837] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  275.176955][  T837] cdc_wdm 8-1:1.0: Unknown control protocol
[  275.480305][T14548] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14548 comm=syz.2.3158
[  275.529447][T14550] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3159'.
[  275.632190][T14559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3163'.
[  275.948250][T14527] cdc_wdm 8-1:1.0: Error autopm - -16
[  275.948421][   T10] usb 8-1: USB disconnect, device number 29
[  275.999611][T14570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3168'.
[  276.065131][   T40] audit: type=1400 audit(1750475204.486:870): avc:  denied  { write } for  pid=14571 comm="syz.0.3169" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  276.095880][   T10] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  276.136109][ T5946] Bluetooth: hci0: command tx timeout
[  276.153042][T14579] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14579 comm=syz.0.3171
[  276.197152][T14581] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3172'.
[  276.256341][   T10] usb 8-1: Using ep0 maxpacket: 8
[  276.260644][   T10] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  276.263734][   T10] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  276.266768][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 119, changing to 10
[  276.270340][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26480, setting to 1024
[  276.273827][   T10] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  276.277404][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.284409][T14543] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  276.291395][   T10] hub 8-1:1.0: bad descriptor, ignoring hub
[  276.294253][   T10] hub 8-1:1.0: probe with driver hub failed with error -5
[  276.297409][   T10] cdc_wdm 8-1:1.0: skipping garbage
[  276.299046][   T10] cdc_wdm 8-1:1.0: skipping garbage
[  276.302148][   T10] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  276.304017][   T10] cdc_wdm 8-1:1.0: Unknown control protocol
[  276.479448][T14591] syzkaller1: entered promiscuous mode
[  276.481806][T14591] syzkaller1: entered allmulticast mode
[  276.500446][T14593] loop6: detected capacity change from 0 to 524287999
[  276.584968][T14601] xt_hashlimit: size too large, truncated to 1048576
[  276.599013][   T24] usb 8-1: USB disconnect, device number 30
[  276.707537][T14607] FAULT_INJECTION: forcing a failure.
[  276.707537][T14607] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.711767][T14607] CPU: 3 UID: 0 PID: 14607 Comm: syz.0.3180 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  276.711782][T14607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.711789][T14607] Call Trace:
[  276.711793][T14607]  <TASK>
[  276.711798][T14607]  dump_stack_lvl+0x16c/0x1f0
[  276.711834][T14607]  should_fail_ex+0x512/0x640
[  276.711855][T14607]  _copy_to_user+0x32/0xd0
[  276.711872][T14607]  cp_new_stat+0x468/0x5a0
[  276.711890][T14607]  ? __pfx_cp_new_stat+0x10/0x10
[  276.711912][T14607]  ? vfs_getattr_nosec+0x318/0x430
[  276.711929][T14607]  ? fput+0x70/0xf0
[  276.711948][T14607]  __do_sys_newfstat+0xa7/0x100
[  276.711958][T14607]  ? __pfx___do_sys_newfstat+0x10/0x10
[  276.711975][T14607]  ? __pfx_ksys_write+0x10/0x10
[  276.711990][T14607]  ? rcu_is_watching+0x12/0xc0
[  276.712012][T14607]  do_syscall_64+0xcd/0x4c0
[  276.712030][T14607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.712041][T14607] RIP: 0033:0x7f08ef18e929
[  276.712050][T14607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.712060][T14607] RSP: 002b:00007f08effc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000005
[  276.712070][T14607] RAX: ffffffffffffffda RBX: 00007f08ef3b5fa0 RCX: 00007f08ef18e929
[  276.712077][T14607] RDX: 0000000000000000 RSI: 0000200000003280 RDI: 0000000000000005
[  276.712083][T14607] RBP: 00007f08effc5090 R08: 0000000000000000 R09: 0000000000000000
[  276.712089][T14607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.712095][T14607] R13: 0000000000000000 R14: 00007f08ef3b5fa0 R15: 00007ffd58f88fb8
[  276.712109][T14607]  </TASK>
[  276.718829][T14609] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3181'.
[  276.854091][T14612] FAULT_INJECTION: forcing a failure.
[  276.854091][T14612] name failslab, interval 1, probability 0, space 0, times 0
[  276.858651][T14612] CPU: 3 UID: 0 PID: 14612 Comm: syz.0.3182 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  276.858676][T14612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.858686][T14612] Call Trace:
[  276.858692][T14612]  <TASK>
[  276.858698][T14612]  dump_stack_lvl+0x16c/0x1f0
[  276.858727][T14612]  should_fail_ex+0x512/0x640
[  276.858749][T14612]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  276.858774][T14612]  should_failslab+0xc2/0x120
[  276.858801][T14612]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  276.858825][T14612]  ? posix_lock_inode+0x1b7/0x2290
[  276.858850][T14612]  posix_lock_inode+0x1b7/0x2290
[  276.858870][T14612]  ? __pfx_mapping_try_invalidate+0x10/0x10
[  276.858898][T14612]  ? __pfx_posix_lock_inode+0x10/0x10
[  276.858910][T14612]  ? __pfx___might_resched+0x10/0x10
[  276.858927][T14612]  locks_lock_inode_wait+0x2fe/0x490
[  276.858940][T14612]  ? __pfx_locks_lock_inode_wait+0x10/0x10
[  276.858961][T14612]  v9fs_file_do_lock+0x171/0x820
[  276.858981][T14612]  ? __pfx_v9fs_file_do_lock+0x10/0x10
[  276.859000][T14612]  ? filemap_check_errors+0xa9/0x160
[  276.859013][T14612]  v9fs_file_lock_dotl+0x298/0x6a0
[  276.859030][T14612]  ? __pfx_v9fs_file_lock_dotl+0x10/0x10
[  276.859047][T14612]  ? __pfx_file_has_perm+0x10/0x10
[  276.859061][T14612]  ? lockdep_init_map_type+0x5c/0x280
[  276.859078][T14612]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  276.859092][T14612]  ? __pfx_v9fs_file_lock_dotl+0x10/0x10
[  276.859108][T14612]  vfs_lock_file+0xb6/0x150
[  276.859120][T14612]  fcntl_setlk+0x3ff/0xe20
[  276.859134][T14612]  ? __pfx_fcntl_setlk+0x10/0x10
[  276.859148][T14612]  ? __might_fault+0xe3/0x190
[  276.859162][T14612]  ? __might_fault+0xe3/0x190
[  276.859174][T14612]  ? __might_fault+0x13b/0x190
[  276.859192][T14612]  do_fcntl+0xbce/0x15a0
[  276.859208][T14612]  ? __pfx_do_fcntl+0x10/0x10
[  276.859221][T14612]  ? selinux_file_fcntl+0x93/0x170
[  276.859235][T14612]  __x64_sys_fcntl+0x163/0x200
[  276.859246][T14612]  do_syscall_64+0xcd/0x4c0
[  276.859264][T14612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.859276][T14612] RIP: 0033:0x7f08ef18e929
[  276.859285][T14612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.859296][T14612] RSP: 002b:00007f08effc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  276.859307][T14612] RAX: ffffffffffffffda RBX: 00007f08ef3b5fa0 RCX: 00007f08ef18e929
[  276.859314][T14612] RDX: 0000200000000080 RSI: 0000000000000026 RDI: 0000000000000006
[  276.859320][T14612] RBP: 00007f08effc5090 R08: 0000000000000000 R09: 0000000000000000
[  276.859326][T14612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.859332][T14612] R13: 0000000000000000 R14: 00007f08ef3b5fa0 R15: 00007ffd58f88fb8
[  276.859345][T14612]  </TASK>
[  277.196627][T14625] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3188'.
[  277.201012][T14625] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3188'.
[  277.602533][T14654] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  277.608279][T14654] 9pnet_virtio: no channels available for device syz
[  277.758914][T14657] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3202'.
[  277.796259][   T61] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  277.957811][   T61] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  277.960739][   T61] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  277.964080][   T61] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  277.969606][   T61] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  277.981108][   T61] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  277.986447][   T61] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  277.989632][   T61] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  277.992380][   T61] usb 6-1: Product: syz
[  277.993802][   T61] usb 6-1: Manufacturer: syz
[  277.999338][   T61] cdc_wdm 6-1:1.0: skipping garbage
[  278.003484][   T61] cdc_wdm 6-1:1.0: skipping garbage
[  278.008378][   T61] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  278.010286][   T61] cdc_wdm 6-1:1.0: Unknown control protocol
[  278.053484][T14666] rtc_cmos 00:05: Alarms can be up to one day in the future
[  278.123353][T14668] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3207'.
[  278.127248][T14668] openvswitch: : Dropping previously announced user features
[  278.217977][ T5946] Bluetooth: hci0: command tx timeout
[  278.327834][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  278.328540][   T61] usb 6-1: USB disconnect, device number 34
[  278.330534][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  278.334840][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  278.880030][T14703] 9pnet: Could not find request transport: vr
[  279.258096][T14721] FAULT_INJECTION: forcing a failure.
[  279.258096][T14721] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.263593][T14721] CPU: 3 UID: 0 PID: 14721 Comm: syz.0.3226 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  279.263617][T14721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  279.263627][T14721] Call Trace:
[  279.263633][T14721]  <TASK>
[  279.263640][T14721]  dump_stack_lvl+0x16c/0x1f0
[  279.263670][T14721]  should_fail_ex+0x512/0x640
[  279.263699][T14721]  _copy_from_user+0x2e/0xd0
[  279.263725][T14721]  __sys_bpf+0x21d/0x4d80
[  279.263753][T14721]  ? __pfx___sys_bpf+0x10/0x10
[  279.263777][T14721]  ? ksys_write+0x190/0x250
[  279.263804][T14721]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  279.263850][T14721]  ? fput+0x70/0xf0
[  279.263879][T14721]  ? ksys_write+0x1ac/0x250
[  279.263899][T14721]  ? __pfx_ksys_write+0x10/0x10
[  279.263923][T14721]  __x64_sys_bpf+0x78/0xc0
[  279.263947][T14721]  ? lockdep_hardirqs_on+0x7c/0x110
[  279.263971][T14721]  do_syscall_64+0xcd/0x4c0
[  279.263997][T14721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.264015][T14721] RIP: 0033:0x7f08ef18e929
[  279.264030][T14721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.264046][T14721] RSP: 002b:00007f08effa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  279.264064][T14721] RAX: ffffffffffffffda RBX: 00007f08ef3b6080 RCX: 00007f08ef18e929
[  279.264075][T14721] RDX: 0000000000000010 RSI: 0000200000000740 RDI: 000000000000000f
[  279.264085][T14721] RBP: 00007f08effa4090 R08: 0000000000000000 R09: 0000000000000000
[  279.264095][T14721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.264106][T14721] R13: 0000000000000000 R14: 00007f08ef3b6080 R15: 00007ffd58f88fb8
[  279.264129][T14721]  </TASK>
[  279.380161][T14728] __nla_validate_parse: 2 callbacks suppressed
[  279.380173][T14728] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3228'.
[  279.654698][T14743] Bluetooth: MGMT ver 1.23
[  279.671267][T14745] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3233'.
[  279.675634][T14745] openvswitch: : Dropping previously announced user features
[  279.770443][   T40] audit: type=1400 audit(1750475208.196:871): avc:  denied  { lock } for  pid=14746 comm="syz.0.3235" path="socket:[48690]" dev="sockfs" ino=48690 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  279.785819][   T40] audit: type=1400 audit(1750475208.196:872): avc:  denied  { lock } for  pid=14746 comm="syz.0.3235" path="/dev/vbi2" dev="devtmpfs" ino=991 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  279.793099][   T40] audit: type=1400 audit(1750475208.196:873): avc:  denied  { getopt } for  pid=14746 comm="syz.0.3235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  279.983150][   T40] audit: type=1400 audit(1750475208.406:874): avc:  denied  { write } for  pid=14760 comm="syz.0.3238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  280.331588][T14777] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3244'.
[  280.334535][T14777] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3244'.
[  280.537964][T14783] input: syz0 as /devices/virtual/input/input34
[  281.168046][   T40] audit: type=1400 audit(1750475209.596:875): avc:  denied  { write } for  pid=14801 comm="syz.3.3255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  281.207721][T14806] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3257'.
[  281.280639][T14814] netlink: 'syz.0.3262': attribute type 4 has an invalid length.
[  281.481137][   T40] audit: type=1400 audit(1750475209.906:876): avc:  denied  { lock } for  pid=14831 comm="syz.0.3267" path="socket:[49554]" dev="sockfs" ino=49554 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  281.619885][T14842] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=104 sclass=netlink_tcpdiag_socket pid=14842 comm=syz.1.3271
[  282.479048][T14862] syzkaller1: entered promiscuous mode
[  282.480997][T14862] syzkaller1: entered allmulticast mode
[  282.551809][T14868] xt_bpf: check failed: parse error
[  282.661124][T14878] mkiss: ax0: crc mode is auto.
[  282.665207][T14878] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3287'.
[  282.675456][T14878] : entered promiscuous mode
[  282.835796][   T40] audit: type=1400 audit(1750475211.256:877): avc:  denied  { bind } for  pid=14890 comm="syz.1.3292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  282.870877][T14893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.903974][T14896] syzkaller1: entered promiscuous mode
[  282.906173][T14896] syzkaller1: entered allmulticast mode
[  282.910994][T14900] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3294'.
[  282.926752][T14893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.930573][T14900] openvswitch: : Dropping previously announced user features
[  282.984182][T14893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  283.016160][T14910] FAULT_INJECTION: forcing a failure.
[  283.016160][T14910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.020826][T14910] CPU: 0 UID: 0 PID: 14910 Comm: syz.0.3300 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  283.020842][T14910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  283.020848][T14910] Call Trace:
[  283.020853][T14910]  <TASK>
[  283.020857][T14910]  dump_stack_lvl+0x16c/0x1f0
[  283.020878][T14910]  should_fail_ex+0x512/0x640
[  283.020895][T14910]  _copy_from_user+0x2e/0xd0
[  283.020916][T14910]  move_addr_to_kernel+0x65/0x170
[  283.020930][T14910]  __sys_sendto+0x1be/0x520
[  283.020945][T14910]  ? __pfx___sys_sendto+0x10/0x10
[  283.020970][T14910]  ? ksys_write+0x1ac/0x250
[  283.020984][T14910]  ? __pfx_ksys_write+0x10/0x10
[  283.020999][T14910]  __x64_sys_sendto+0xe0/0x1c0
[  283.021013][T14910]  ? do_syscall_64+0x91/0x4c0
[  283.021029][T14910]  ? lockdep_hardirqs_on+0x7c/0x110
[  283.021045][T14910]  do_syscall_64+0xcd/0x4c0
[  283.021062][T14910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.021073][T14910] RIP: 0033:0x7f08ef18e929
[  283.021082][T14910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.021093][T14910] RSP: 002b:00007f08effc5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  283.021103][T14910] RAX: ffffffffffffffda RBX: 00007f08ef3b5fa0 RCX: 00007f08ef18e929
[  283.021110][T14910] RDX: 000000000000002a RSI: 0000200000000100 RDI: 0000000000000004
[  283.021116][T14910] RBP: 00007f08effc5090 R08: 0000200000000200 R09: 0000000000000014
[  283.021122][T14910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.021128][T14910] R13: 0000000000000000 R14: 00007f08ef3b5fa0 R15: 00007ffd58f88fb8
[  283.021141][T14910]  </TASK>
[  283.089866][   T40] audit: type=1400 audit(1750475211.516:878): avc:  denied  { create } for  pid=14913 comm="syz.1.3302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  283.244412][T14931] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3308'.
[  283.337929][   T40] audit: type=1400 audit(1750475211.766:879): avc:  denied  { unmount } for  pid=12615 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  283.393173][T14943] input: syz0 as /devices/virtual/input/input36
[  283.412713][T14947] xt_hashlimit: size too large, truncated to 1048576
[  284.175799][   T61] usb 6-1: new full-speed USB device number 35 using dummy_hcd
[  284.347863][   T61] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  284.367559][   T61] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  284.371458][   T61] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  284.374427][   T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.385910][ T5946] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  284.390202][ T5946] Bluetooth: hci0: Injecting HCI hardware error event
[  284.392836][ T5946] Bluetooth: hci0: hardware error 0x00
[  284.396536][   T61] usb 6-1: config 0 descriptor??
[  284.490266][ T5943] Bluetooth: hci4: unexpected event for opcode 0x080f
[  284.790848][   T40] audit: type=1400 audit(1750475213.216:880): avc:  denied  { read } for  pid=15037 comm="syz.3.3331" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  284.798960][   T40] audit: type=1400 audit(1750475213.216:881): avc:  denied  { open } for  pid=15037 comm="syz.3.3331" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  284.808173][   T40] audit: type=1400 audit(1750475213.216:882): avc:  denied  { ioctl } for  pid=15037 comm="syz.3.3331" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  284.832765][T15038] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.898450][T15041] syzkaller1: entered promiscuous mode
[  284.900602][T15041] syzkaller1: entered allmulticast mode
[  285.239059][T15049] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.254651][T15051] hfs: unable to load iocharset "io#harset"
[  285.280418][T15058] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3337'.
[  285.286884][T15058] netlink: 'syz.2.3337': attribute type 1 has an invalid length.
[  285.296944][T15060] xt_hashlimit: size too large, truncated to 1048576
[  285.371919][T15068] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3340'.
[  285.397226][T15049] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.410787][T15060] netlink: 'syz.0.3338': attribute type 4 has an invalid length.
[  285.493140][T15049] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.514167][T15072] syzkaller1: entered promiscuous mode
[  285.516952][T15072] syzkaller1: entered allmulticast mode
[  285.583554][T15049] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.720292][T15049] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  285.739724][T15049] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.757578][T15049] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.762239][T15089] FAULT_INJECTION: forcing a failure.
[  285.762239][T15089] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.767809][T15089] CPU: 3 UID: 0 PID: 15089 Comm: syz.0.3346 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  285.767832][T15089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.767842][T15089] Call Trace:
[  285.767848][T15089]  <TASK>
[  285.767855][T15089]  dump_stack_lvl+0x16c/0x1f0
[  285.767883][T15089]  should_fail_ex+0x512/0x640
[  285.767915][T15089]  _copy_to_user+0x32/0xd0
[  285.767940][T15089]  bpf_prog_get_info_by_fd+0x17fc/0x2dd0
[  285.767963][T15089]  ? find_held_lock+0x2b/0x80
[  285.767992][T15089]  ? __pfx_bpf_prog_get_info_by_fd+0x10/0x10
[  285.768034][T15089]  ? __fget_files+0x20e/0x3c0
[  285.768063][T15089]  bpf_obj_get_info_by_fd+0x53d/0xcc0
[  285.768084][T15089]  ? __pfx_bpf_obj_get_info_by_fd+0x10/0x10
[  285.768111][T15089]  ? find_held_lock+0x2b/0x80
[  285.768128][T15089]  ? __might_fault+0xe3/0x190
[  285.768148][T15089]  ? __might_fault+0xe3/0x190
[  285.768166][T15089]  ? __might_fault+0x13b/0x190
[  285.768185][T15089]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.768206][T15089]  ? selinux_bpf+0xee/0x130
[  285.768224][T15089]  __sys_bpf+0x18ae/0x4d80
[  285.768249][T15089]  ? __pfx___sys_bpf+0x10/0x10
[  285.768271][T15089]  ? ksys_write+0x190/0x250
[  285.768293][T15089]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.768331][T15089]  ? fput+0x70/0xf0
[  285.768354][T15089]  ? ksys_write+0x1ac/0x250
[  285.768373][T15089]  ? __pfx_ksys_write+0x10/0x10
[  285.768396][T15089]  __x64_sys_bpf+0x78/0xc0
[  285.768418][T15089]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.768440][T15089]  do_syscall_64+0xcd/0x4c0
[  285.768465][T15089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.768481][T15089] RIP: 0033:0x7f08ef18e929
[  285.768494][T15089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.768510][T15089] RSP: 002b:00007f08effa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  285.768526][T15089] RAX: ffffffffffffffda RBX: 00007f08ef3b6080 RCX: 00007f08ef18e929
[  285.768536][T15089] RDX: 0000000000000010 RSI: 0000200000000740 RDI: 000000000000000f
[  285.768545][T15089] RBP: 00007f08effa4090 R08: 0000000000000000 R09: 0000000000000000
[  285.768555][T15089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.768565][T15089] R13: 0000000000000000 R14: 00007f08ef3b6080 R15: 00007ffd58f88fb8
[  285.768587][T15089]  </TASK>
[  285.771879][T15049] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  286.244369][T15108] syzkaller1: entered promiscuous mode
[  286.250066][T15108] syzkaller1: entered allmulticast mode
[  286.455974][ T5946] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  286.479086][T15124] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3360'.
[  286.568367][T15132] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3363'.
[  286.571504][T15133] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3363'.
[  286.577979][   T40] audit: type=1400 audit(1750475215.006:883): avc:  denied  { watch watch_reads } for  pid=15131 comm="syz.0.3363" path="/syzcgroup/cpu/syz0/syz0" dev="cgroup" ino=525 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  286.617183][T15135] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3364'.
[  286.688977][T15139] xt_hashlimit: size too large, truncated to 1048576
[  286.834184][T15144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  286.890146][T15144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  286.945893][T15144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  286.946465][T15151] FAULT_INJECTION: forcing a failure.
[  286.946465][T15151] name failslab, interval 1, probability 0, space 0, times 0
[  286.948548][  T837] usb 6-1: USB disconnect, device number 35
[  286.966032][T15151] CPU: 0 UID: 0 PID: 15151 Comm: syz.3.3371 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  286.966050][T15151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.966057][T15151] Call Trace:
[  286.966060][T15151]  <TASK>
[  286.966065][T15151]  dump_stack_lvl+0x16c/0x1f0
[  286.966086][T15151]  should_fail_ex+0x512/0x640
[  286.966101][T15151]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  286.966115][T15151]  should_failslab+0xc2/0x120
[  286.966131][T15151]  __kmalloc_cache_noprof+0x6a/0x3e0
[  286.966148][T15151]  ? alloc_fs_context+0x57/0x9c0
[  286.966166][T15151]  alloc_fs_context+0x57/0x9c0
[  286.966184][T15151]  path_mount+0xaf8/0x2020
[  286.966202][T15151]  ? kmem_cache_free+0x2d1/0x4d0
[  286.966215][T15151]  ? __pfx_path_mount+0x10/0x10
[  286.966233][T15151]  ? putname+0x154/0x1a0
[  286.966251][T15151]  __x64_sys_mount+0x28d/0x310
[  286.966268][T15151]  ? __pfx___x64_sys_mount+0x10/0x10
[  286.966289][T15151]  do_syscall_64+0xcd/0x4c0
[  286.966306][T15151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.966318][T15151] RIP: 0033:0x7fb0a198e929
[  286.966327][T15151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.966337][T15151] RSP: 002b:00007fb0a2738038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  286.966348][T15151] RAX: ffffffffffffffda RBX: 00007fb0a1bb5fa0 RCX: 00007fb0a198e929
[  286.966355][T15151] RDX: 0000200000004500 RSI: 00002000000000c0 RDI: 0000000000000000
[  286.966361][T15151] RBP: 00007fb0a2738090 R08: 00002000000003c0 R09: 0000000000000000
[  286.966367][T15151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  286.966373][T15151] R13: 0000000000000000 R14: 00007fb0a1bb5fa0 R15: 00007ffcd5101778
[  286.966386][T15151]  </TASK>
[  287.012587][T15157] syzkaller1: entered promiscuous mode
[  287.045141][T15157] syzkaller1: entered allmulticast mode
[  287.103774][T15169] FAULT_INJECTION: forcing a failure.
[  287.103774][T15169] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.108579][T15169] CPU: 1 UID: 0 PID: 15169 Comm: syz.3.3378 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  287.108595][T15169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  287.108602][T15169] Call Trace:
[  287.108606][T15169]  <TASK>
[  287.108610][T15169]  dump_stack_lvl+0x16c/0x1f0
[  287.108631][T15169]  should_fail_ex+0x512/0x640
[  287.108648][T15169]  _copy_to_user+0x32/0xd0
[  287.108665][T15169]  simple_read_from_buffer+0xcb/0x170
[  287.108681][T15169]  proc_fail_nth_read+0x197/0x270
[  287.108695][T15169]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  287.108709][T15169]  ? rw_verify_area+0xcf/0x680
[  287.108721][T15169]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  287.108734][T15169]  vfs_read+0x1e1/0xc60
[  287.108749][T15169]  ? __pfx___mutex_lock+0x10/0x10
[  287.108766][T15169]  ? __pfx_vfs_read+0x10/0x10
[  287.108783][T15169]  ? __fget_files+0x20e/0x3c0
[  287.108801][T15169]  ksys_read+0x12a/0x250
[  287.108814][T15169]  ? __pfx_ksys_read+0x10/0x10
[  287.108832][T15169]  do_syscall_64+0xcd/0x4c0
[  287.108849][T15169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.108860][T15169] RIP: 0033:0x7fb0a198d33c
[  287.108870][T15169] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  287.108880][T15169] RSP: 002b:00007fb0a2738030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  287.108891][T15169] RAX: ffffffffffffffda RBX: 00007fb0a1bb5fa0 RCX: 00007fb0a198d33c
[  287.108898][T15169] RDX: 000000000000000f RSI: 00007fb0a27380a0 RDI: 0000000000000004
[  287.108904][T15169] RBP: 00007fb0a2738090 R08: 0000000000000000 R09: 0000000000000000
[  287.108910][T15169] R10: 0000000000048094 R11: 0000000000000246 R12: 0000000000000001
[  287.108916][T15169] R13: 0000000000000000 R14: 00007fb0a1bb5fa0 R15: 00007ffcd5101778
[  287.108929][T15169]  </TASK>
[  287.186048][    C1] vkms_vblank_simulate: vblank timer overrun
[  287.498126][ T1024] usb 8-1: new full-speed USB device number 31 using dummy_hcd
[  287.658414][ T1024] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  287.662424][ T1024] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  287.666066][ T1024] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  287.669941][ T1024] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.678586][ T1024] usb 8-1: config 0 descriptor??
[  287.740139][T15196] 9pnet_fd: Insufficient options for proto=fd
[  288.023215][T15205] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  288.077932][T15205] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  288.132060][T15205] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  288.225051][T15209] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3395'.
[  288.282962][   T40] audit: type=1400 audit(1750475216.706:884): avc:  denied  { bind } for  pid=15211 comm="syz.1.3396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  288.536952][ T5946] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  288.539742][ T5946] Bluetooth: hci4: Injecting HCI hardware error event
[  288.542444][ T5946] Bluetooth: hci4: hardware error 0x00
[  288.665970][ T1024] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  288.692570][T15221] overlayfs: missing 'lowerdir'
[  288.714165][    C0] 
[  288.715254][    C0] =============================
[  288.717311][    C0] [ BUG: Invalid wait context ]
[  288.719380][    C0] 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 Not tainted
[  288.722956][    C0] -----------------------------
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  288.725658][    C0] kworker/0:1/10 is trying to lock:
[  288.727917][    C0] ffffc90004a2a410 (&gpc->lock){....}-{3:3}, at: kvm_xen_set_evtchn_fast+0x254/0xeb0
[  288.731887][    C0] other info that might help us debug this:
[  288.734318][    C0] context-{2:2}
[  288.735838][    C0] 4 locks held by kworker/0:1/10:
[  288.737957][    C0]  #0: ffff88801b886d48 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  288.742254][    C0]  #1: ffffc900000d7d10 ((work_completion)(&(&ssp->srcu_sup->work)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  288.747319][    C0]  #2: ffffffff8e789f38 (&ssp->srcu_sup->srcu_gp_mutex){+.+.}-{4:4}, at: process_srcu+0x73/0x1920
[  288.751692][    C0]  #3: ffffc90004a2a960 (&kvm->srcu){.?.+}-{0:0}, at: kvm_xen_set_evtchn_fast+0x23a/0xeb0
[  288.755725][    C0] stack backtrace:
[  288.757282][    C0] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.16.0-rc2-syzkaller-00269-g11313e2f7812 #0 PREEMPT(full) 
[  288.757303][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  288.757315][    C0] Workqueue: rcu_gp process_srcu
[  288.757334][    C0] Call Trace:
[  288.757340][    C0]  <IRQ>
[  288.757348][    C0]  dump_stack_lvl+0x116/0x1f0
[  288.757372][    C0]  __lock_acquire+0xa12/0x1c90
[  288.757395][    C0]  ? __lock_acquire+0xb8a/0x1c90
[  288.757420][    C0]  lock_acquire+0x179/0x350
[  288.757441][    C0]  ? kvm_xen_set_evtchn_fast+0x254/0xeb0
[  288.757466][    C0]  _raw_read_lock_irqsave+0x46/0x90
[  288.757487][    C0]  ? kvm_xen_set_evtchn_fast+0x254/0xeb0
[  288.757507][    C0]  kvm_xen_set_evtchn_fast+0x254/0xeb0
[  288.757526][    C0]  ? kvm_xen_set_evtchn_fast+0x23a/0xeb0
[  288.757548][    C0]  ? __pfx_kvm_xen_set_evtchn_fast+0x10/0x10
[  288.757569][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  288.757585][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  288.757605][    C0]  ? debug_object_deactivate+0x1ec/0x3a0
[  288.757632][    C0]  ? __pfx_xen_timer_callback+0x10/0x10
[  288.757671][    C0]  xen_timer_callback+0x1db/0x2a0
[  288.757690][    C0]  ? __pfx_xen_timer_callback+0x10/0x10
[  288.757711][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  288.757728][    C0]  __hrtimer_run_queues+0x5ea/0xad0
[  288.757748][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  288.757765][    C0]  ? read_tsc+0x9/0x20
[  288.757785][    C0]  hrtimer_interrupt+0x397/0x8e0
[  288.757807][    C0]  __sysvec_apic_timer_interrupt+0x108/0x3f0
[  288.757832][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  288.757854][    C0]  </IRQ>
[  288.757859][    C0]  <TASK>
[  288.757864][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  288.757882][    C0] RIP: 0010:delay_tsc+0x32/0xc0
[  288.757905][    C0] Code: fd bf 01 00 00 00 41 54 55 53 e8 49 6c 0a f6 e8 14 2e 01 00 41 89 c4 0f 01 f9 66 90 48 c1 e2 20 48 09 c2 48 89 d5 eb 16 f3 90 <bf> 01 00 00 00 e8 24 6c 0a f6 e8 ef 2d 01 00 44 39 e0 75 36 0f 01
[  288.757920][    C0] RSP: 0018:ffffc900000d7ad8 EFLAGS: 00000286
[  288.757934][    C0] RAX: 0000000080000000 RBX: 000000affdb48e28 RCX: 0000000000000000
[  288.757945][    C0] RDX: 0000000000000001 RSI: ffffffff8c1578e0 RDI: 0000000000000001
[  288.757954][    C0] RBP: 000000affdb48b26 R08: 0000000000000001 R09: 00000000000002ff
[  288.757964][    C0] R10: ffff88816dd34717 R11: 0000000000000010 R12: 0000000000000000
[  288.757974][    C0] R13: 00000000000032c9 R14: 0000000000000000 R15: 000000008e789d01
[  288.757989][    C0]  ? delay_tsc+0x6a/0xc0
[  288.758007][    C0]  try_check_zero+0x3e9/0x6b0
[  288.758034][    C0]  process_srcu+0x612/0x1920
[  288.758054][    C0]  ? rcu_is_watching+0x12/0xc0
[  288.758074][    C0]  process_one_work+0x9cc/0x1b70
[  288.758094][    C0]  ? __pfx_process_srcu+0x10/0x10
[  288.758110][    C0]  ? __pfx_process_one_work+0x10/0x10
[  288.758129][    C0]  ? assign_work+0x1a0/0x250
[  288.758153][    C0]  worker_thread+0x6c8/0xf10
[  288.758173][    C0]  ? __pfx_worker_thread+0x10/0x10
[  288.758189][    C0]  kthread+0x3c2/0x780
[  288.758204][    C0]  ? __pfx_kthread+0x10/0x10
[  288.758219][    C0]  ? rcu_is_watching+0x12/0xc0
[  288.758237][    C0]  ? __pfx_kthread+0x10/0x10
[  288.758251][    C0]  ret_from_fork+0x5d4/0x6f0
[  288.758272][    C0]  ? __pfx_kthread+0x10/0x10
[  288.758286][    C0]  ret_from_fork_asm+0x1a/0x30
[  288.758307][    C0]  </TASK>
[  289.125898][ T1024] usb 7-1: device not accepting address 13, error -71
[  289.438718][T12325] bridge_slave_1: left allmulticast mode
[  289.441270][T12325] bridge_slave_1: left promiscuous mode
[  289.443965][T12325] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.448225][T12325] bridge_slave_0: left allmulticast mode
[  289.450753][T12325] bridge_slave_0: left promiscuous mode
[  289.453090][T12325] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.479408][T12325] bond1 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  289.483299][T12325] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  289.561549][T12325] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  289.804705][T12325] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.808296][T12325] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  289.811341][T12325] bond0 (unregistering): Released all slaves
[  289.817370][T12325] bond1 (unregistering): Released all slaves
[  289.864737][T12325] : left promiscuous mode
[  289.896954][   T29] usb 8-1: USB disconnect, device number 31
[  289.940813][T12325] tipc: Disabling bearer <udp:syz2>
[  289.942949][T12325] tipc: Left network mode
[  290.101403][T12325] hsr_slave_0: left promiscuous mode
[  290.105234][T12325] hsr_slave_1: left promiscuous mode
[  290.111998][T12325] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.115435][T12325] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.626147][ T5946] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  290.636398][T12325] team0 (unregistering): Port device team_slave_1 removed
[  290.699795][T12325] team0 (unregistering): Port device team_slave_0 removed
[  291.650722][T12325] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.720476][T12325] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.807133][T12325] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.879651][T12325] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.967796][T12325] bridge_slave_1: left allmulticast mode
[  291.970035][T12325] bridge_slave_1: left promiscuous mode
[  291.972464][T12325] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.976850][T12325] bridge_slave_0: left allmulticast mode
[  291.978722][T12325] bridge_slave_0: left promiscuous mode
[  291.980478][T12325] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.069481][T12325] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  292.073046][T12325] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  292.077011][T12325] bond0 (unregistering): Released all slaves
[  292.131366][T12325] : left promiscuous mode
[  292.358362][T12325] hsr_slave_0: left promiscuous mode
[  292.360356][T12325] hsr_slave_1: left promiscuous mode
[  292.362312][T12325] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  292.364651][T12325] batman_adv: batadv0: Removing interface: batadv_slave_0
[  292.368341][T12325] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  292.370690][T12325] batman_adv: batadv0: Removing interface: batadv_slave_1
[  292.375020][T12325] veth1_macvtap: left promiscuous mode
[  292.376877][T12325] veth0_macvtap: left promiscuous mode
[  292.378654][T12325] veth1_vlan: left promiscuous mode
[  292.380667][T12325] veth0_vlan: left promiscuous mode
[  292.586404][T12325] team0 (unregistering): Port device team_slave_1 removed
[  292.625348][T12325] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
03:03:08  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000004e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855b8b95 RDI=ffffffff9b087320 RBP=ffffffff9b0872e0 RSP=ffffc900000076a0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e36312e36
R12=0000000000000000 R13=000000000000004e R14=ffffffff9b0872e0 R15=ffffffff855b8b30
RIP=ffffffff855b8bbf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6753000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fa1168e0300 CR3=000000003ba4c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71b84488 00007fec71b84480 00007fec71b84478 00007fec71b84450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec726ed100 00007fec71b84440 00007fec71b80004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71b84498 00007fec71b84490 00007fec71b84488 00007fec71b84480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000100 1100000014030000 0000000000400300 0c0000004c000100
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 058002000c010000 0040010008800200 1800000065746169 64656d6d69000100
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0e8001002c800400 3000000000307a79 7300010009000000 00400b0008000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000000000000 0004010a06000000 6400000000307a79 7300010009020000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff9adc4040 RDX=dffffc0000000000
RSI=ffffffff822e963f RDI=0000000000000001 RBP=ffff88807ffd6560 RSP=ffffc9000313f728
R8 =0000000000000006 R9 =0000000000000000 R10=0000000000001000 R11=0000000000007c78
R12=ffff88807ffd6400 R13=ffff88817ffef400 R14=dffffc0000000000 R15=0000000000000001
RIP=ffffffff818962df RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6853000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f6c516e7d60 CR3=00000000398dc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6c50b846a3 00007f6c50b846a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffe5282a70 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556231f33d 000055556231e5e0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555562312934 0000555562312930
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555562308490
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555562308678
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555562319728
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0806060103f60180 0400100002100006 10579a0ffffbfff8 0800080300020006
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100001080001 0000100806060103 f601800400100002 10000610579a0fff
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fbfff80800080300 0200060300020004 030c040000030004 0190030204000180
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0320100000040100 000e080606010490 02d402000e032802 000c032802000a03
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02d80200080302b8 c404840004030404 000003048c080002 1000041000060e6f
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000002ab88c RBX=0000000000000002 RCX=ffffffff8b801c19 RDX=ffffed100d4c6646
RSI=ffffffff8c1578e0 RDI=ffffffff8191fc31 RBP=ffffed1003bd2910 RSP=ffffc90000187df8
R8 =0000000000000000 R9 =ffffed100d4c6645 R10=ffff88806a63322b R11=0000000000000000
R12=0000000000000002 R13=ffff88801de94880 R14=ffffffff90a81950 R15=0000000000000000
RIP=ffffffff8b80077f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6953000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055557cc09808 CR3=000000003ba4c000 CR4=00352ef0
DR0=0000000000000040 DR1=0000000000000004 DR2=0000000000000003 DR3=00000000000010e3 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71a11c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71b84488 00007fec71b84480 00007fec71b84478 00007fec71b84450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec726ed100 00007fec71b84440 00007fec71b80004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec71b84498 00007fec71b84490 00007fec71b84488 00007fec71b84480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000100 1100000014030000 0000000000400300 0c0000004c000100
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 058002000c010000 0040010008800200 1800000065746169 64656d6d69000100
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0e8001002c800400 3000000000307a79 7300010009000000 00400b0008000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000000000000 0004010a06000000 6400000000307a79 7300010009020000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000002fc96c RBX=0000000000000003 RCX=ffffffff8b801c19 RDX=ffffed100d4e6646
RSI=ffffffff8c1578e0 RDI=ffffffff8191fc31 RBP=ffffed1003c55000 RSP=ffffc90000197df8
R8 =0000000000000000 R9 =ffffed100d4e6645 R10=ffff88806a73322b R11=0000000000000000
R12=0000000000000003 R13=ffff88801e2a8000 R14=ffffffff90a81950 R15=0000000000000000
RIP=ffffffff8b80077f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6a53000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000001000 CR3=000000003abdd000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08ef211b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08ef211b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08ef211b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08ef211b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08ef211bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08ef211c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000