last executing test programs:

5.098050041s ago: executing program 0 (id=1678):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000540)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x9)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x48, 0x140d, 0x8, 0x70bd25, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8}]}, 0x48}, 0x1, 0x0, 0x0, 0x4040080}, 0x800)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x271d, 0x0, &(0x7f0000000040))
getsockopt$inet_sctp_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x10)
syz_emit_ethernet(0x26, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x89, 0x0, @empty, @broadcast}, "90e2a72a"}}}}, 0x0)

5.097006674s ago: executing program 0 (id=1679):
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x80000000000000a, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)={0x10, 0x1403, 0x1, 0x0, 0x25dfdbfe}, 0x10}}, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x3}, {0x0, 0x4}, {0x9, 0x13}}}, 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x20048800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$inet6(0xa, 0xa, 0xaaf3249a)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000000, 0x810, r0, 0x5cbb8000)
munmap(&(0x7f0000000000/0x1000)=nil, 0x1000)

4.974924908s ago: executing program 0 (id=1682):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="340000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b80080002000400000008001b"], 0x34}}, 0x4040004)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000100)={'syz0\x00', {0x0, 0x1000, 0x80, 0xfffc}, 0x7, [0x0, 0x80000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x3], [0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3d, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x1, 0x200, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x401, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}, 0x45c)
ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0)
readv(r1, &(0x7f0000000080)=[{&(0x7f0000001340)=""/104, 0x68}], 0x1)
write$input_event(r1, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r3)
sendmsg$TIPC_NL_MEDIA_SET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="711d27bd7000fbdbdf250c00000018000580070001"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_buf(r5, 0x1, 0xc, &(0x7f00000004c0)=""/118, &(0x7f0000000280)=0x76)
sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0xa4, r4, 0x4, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x18, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xae}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x6}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffc00}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x599c}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x55e9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x100000000}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000800)

4.844858611s ago: executing program 0 (id=1683):
r0 = io_uring_setup(0x7884, &(0x7f0000000a40)={0x0, 0x0, 0x2, 0xfffffffe, 0x3bd}) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000) (async)
socket$nl_generic(0x10, 0x3, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000100)={0x2}) (async)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) (async, rerun: 64)
r2 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) (rerun: 64)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040)=0x5)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) (async)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010021bd700600000025090002e273797a3200000000080041007278750014003300626f6e645f736c6176655f3100000000"], 0x38}, 0x1, 0x0, 0x0, 0x24044070}, 0x810)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000340)={{{@in, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@local}, 0x0, @in6=@mcast2}}, &(0x7f0000000480)=0xbf)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000540)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@multicast1, 0x4e21, 0x9, 0x4e22, 0x0, 0x2, 0xa0, 0xa0, 0x3b, 0x0, r5}, {0x7, 0x9, 0x9, 0x9, 0x6, 0x80000000, 0x4, 0x101}, {0x0, 0x8000000000000001, 0x2, 0x9}, 0xb5, 0x6e6bb8, 0x1, 0x1, 0x3}, {{@in=@local, 0x4d3, 0xcc}, 0xa, @in6=@private1, 0x3501, 0x0, 0x1, 0xc, 0x0, 0x3, 0x5}}, 0xe8)
syz_usb_connect(0x5, 0x24, 0x0, 0x0) (async)
r6 = io_uring_setup(0x253d, 0x0)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ffdbdf250900020073797a3100000000080041006f7865001400330073797a5f00"/56], 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeea, 0x8031, 0xffffffffffffffff, 0x99884000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (rerun: 64)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f, 0x5}}, 0x20)
close_range(r6, 0xffffffffffffffff, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0, 0x13f, 0xa}}, 0xfe2f) (async, rerun: 64)
r9 = socket(0x10, 0x3, 0x0) (rerun: 64)
sendto$inet6(r9, &(0x7f0000000100)="c10e000018001f06b9409b0dffff110d0207be040205060506100a04430012000a000000fac8388827a685a168d9a44604094565360c648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902fc3a10004a320c0400160012000a00000000000000000000080756ede4ccbe5880", 0xec1, 0x0, 0x0, 0x9e5e111c47e3504f) (async)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f00000001c0)=@ethtool_modinfo={0x42, 0x7, 0x312}}) (async)
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)

642.668694ms ago: executing program 1 (id=1732):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_emit_vhci(&(0x7f0000000900)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x1, 0x411}}}, 0x7)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, 0xfffffffffffffffc)

505.264481ms ago: executing program 3 (id=1736):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SET_PDEATHSIG(0x35, 0x2)
getsockopt$inet6_tcp_int(r0, 0x6, 0x1, 0x0, &(0x7f0000000040))

504.99331ms ago: executing program 1 (id=1737):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x40) (async)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='gfs2\x00', 0x11, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) (async)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x10b200, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, <r4=>0xffffffffffffffff}, './file0\x00'}) (async)
dup3(r0, r0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r6, 0x4004ae8b, &(0x7f0000000280)=ANY=[]) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) (async)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000140)=@ccm_128={{0x304}, "5ffbd3ab02082f54", "fd849ea268dace2d13c8d735cb4ca0d9", "89eacb3f", "5a76d3abe064ef87"}, 0x28) (async)
sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000440)="15", 0x1}], 0x1}, 0x0) (async)
getsockopt$inet_sctp6_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000080)={<r7=>0x0, 0x3, 0x2, 0x4}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x73, &(0x7f0000000300)={r7, 0x6, 0x20, 0x3, 0x46}, &(0x7f0000000340)=0x18)

504.801207ms ago: executing program 3 (id=1738):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCSETS(r1, 0x89f1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000000)={'team0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="040101000000000014000300766c616e30000000000000000000000008000a00", @ANYRES32=r6, @ANYBLOB="15d8ecdc22"], 0x3c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r7, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r2], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r8 = syz_open_dev$vim2m(&(0x7f0000000400), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r8, 0x40045612, &(0x7f0000000040)=0x1)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000500)='pstore\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x1000420, 0x0)

434.433537ms ago: executing program 1 (id=1740):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=@newtaction={0x48, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x34, 0x1, [@m_ctinfo={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}, 0x48}}, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000020000010000000900010073797a30000000002c000000030a05000000000000000000010000000900030073797a31000000000900010073797a300000000084000000060a010400000000000000000100000008000b40000000000900010073797a30000000005c00048040000180080001006e6174003400028008000540eb0000090800014000000001080002"], 0xf8}, 0x1, 0x0, 0x0, 0x814}, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3e, &(0x7f00000000c0)=0x8, 0x4)
sendmmsg$inet(r1, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)

262.492547ms ago: executing program 1 (id=1741):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001a1401002abd700001dcdf250800010000000000090002"], 0x24}, 0x1, 0x0, 0x0, 0x4000801}, 0x40800)
socket(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff}, 0x10)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x300000d, 0x6031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x300000d, 0x6031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mmap$snddsp_status(&(0x7f0000d2e000/0x1000)=nil, 0x1000, 0xc, 0x40010, 0xffffffffffffffff, 0x82000000)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000804000/0x1000)=nil)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r2, &(0x7f0000000200)='cgroup.clone_children\x00', 0x2, 0x0) (async)
r3 = openat$cgroup_int(r2, &(0x7f0000000200)='cgroup.clone_children\x00', 0x2, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000300)='memory.numa_stat\x00', 0x0, 0x0) (async)
r4 = openat$cgroup_ro(r2, &(0x7f0000000300)='memory.numa_stat\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x38)
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000000)={&(0x7f000052f000/0x1000)=nil, &(0x7f0000496000/0x4000)=nil, 0x1000})
socket$inet6(0xa, 0x2, 0x5)
sendmsg$kcm(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="670000004a008102e00f80ecdb4cb9020a", 0x4a}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0)

256.861851ms ago: executing program 3 (id=1744):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000002c0)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r1, 0x7}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="0404000000000000050204000718"], 0x30)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x60, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x18059}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x28, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TTL={0x5, 0x4, 0x83}, @IFLA_IPTUN_FLOWINFO={0x8, 0x7, 0x80}, @IFLA_IPTUN_ENCAP_LIMIT={0x5, 0x6, 0x7}, @IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e21}, @IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_LINK={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)

124.972781ms ago: executing program 2 (id=1745):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_TMR_START(r0, 0x5402)

124.216272ms ago: executing program 0 (id=1746):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
syz_emit_ethernet(0x66, &(0x7f0000000000)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x30, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @dev, [{0x2, 0x1, "703b744dc5c6"}]}}}}}}, 0x0)
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)

123.898281ms ago: executing program 3 (id=1747):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000200)=0xb, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond_slave_0\x00'})
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
write$FUSE_INIT(r0, &(0x7f00000002c0)={0x50, 0x0, r4, {0x7, 0x2b, 0xe0000, 0x109104a2, 0x101, 0x5, 0x9, 0x3, 0x0, 0x0, 0x1, 0x1ff}}, 0x50)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x3}}, 0x0)
setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x4, &(0x7f00000001c0)=0x7, 0x4)
splice(r0, 0x0, r2, 0x0, 0x8000000010d00, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000000)={0x2001}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a001000000002800000121f", 0x2e}, {&(0x7f0000000640)="b059ff996b19a633b7c45d70873cf17da92374c3f8d71b2d246ebf702b1a44fbe6406a903c878691ed4587ef75fbdca746bf36b8c14a46526f62bf4234029a86efa4f226ee3bf5793e34e6b22b4c856e159cee5c6dee9ec73bac372ebda13e9df2595b09cd3369fb866e0c014d9b8acabccc1631510ba072f1dac2feb2415251ffd289950d659f004739cd242c197a36019c5fb635ce21c3a839606d90fbd269932a53533e5d0bd2f1e62b6fbe4788d3540f6d12d718d8a1aac3a0245075b23a89aa1546bcc8ad32bb807d7044a871e34e9f5e24340f5f01d711e2ee8db1bd7dca831c2faef54112020f52d3f641a8b100246d72bc041937316c5e4cf4fa801f85b7aa739179f0dbfecb6edab4a7c3eb0125ab3ce655a81d9eeab38a86a7891c90aea5905396c312ec7aa35908c5876137d211789e5f668b300c3fc60974b877d1e14193759a7d7daa6ada130caf1a7d4af71b5e930a4fc067cf5586922ecee997b7c2a49e7558ba794a904edc95cec81b162ac537a8b99a871434a1ae85a01363ffd028400664a952ef4dd8bf0db356c2a827fe0da4f99d2991531e5f96412e6ecba5bb2d64a4e5eec5b7e42d94fb821a07fecf00ed923fdac6de016b0677c15489eac13d5a3dff0782247628e0b98f9f9a585535381942c2b778e587e9fb9c9c8fc7d5feca7055772d402f982920e557ff146175b7dc32cb0aa5bcea477ee7a80b15c804b9354f0888f3e88f3c3b384c77d185a5e6bfc137e7c8162ebc4fef2c7f8ffc199dbaf1f69617f3b199677ee95eab102e66920124f1fb46486b4d6f7f918593275cb0645176c8a355788fadbfdca0b5b0dd04899fd4802d2b6f50cad64a9186783a3d0684c53fddc384ab780c0b7aba7bbaa37d2938babb692090b50986a6674dbe39a7df0e04aa9c8a2de7d299b891728658d30c113281da5a93a2fbb4ce163a021d38d10f437e6be50456cb5c2712aacc2ce09226f374856c32eddc7611cb0369e918aee7c82b9cf6d1348e6bba3bcddecc2fdac981d7b87b31b962283066bad439607c90dba5ff0120fc38fb45fda4208d188ed89bd02a6a93b310ab5352bf818ace18f6796303721ad2f7161eede1dd5bdf12a9ad445d4276c5e262be8e4d53187b42b5580dbfa09f9e8e8aa4c40c799f9202d885a5a56f163102058d5a057078951176c5f188f11d4e94ed0441984194e1d0b0c3bc9dd69814656950312ea0b802540eaf35d4ee5a51f0818777db2058dbf13850c5844ca13c26b29ccd513ecd8ff7cc92c380f082c8871aff45c6b34969b31ed50e1f5502fec9132d2d2cef03023ee6253e30f4d7de9a1613622089c385072796d6ad3acf9b0e8d00c6880287a52a2274cf0a54344d04073b4873bd03702de38876b13c0934345f93fb4131871f1e27a141e46bd1f36189263d0ab47262f1cfaf3b3b402f8ec7ddb7736249057bdd45bdc86526edaeba0e7b534051c16494f7f7e56a7b346f5be1d75b471edd6362371fd62417d216603bb8f3c66696da32bb9adff7ba3c3c2d5660a28e7cce17bf43081dcec5546e3116670312e2a2439fb632b03906d9c65aa9b508fbcd909c6ac49853f9d90ee58c36eef618ee62efe91d24def124de87d0807ea11596124e71092b015febcb8a9ad2c2cb33e440f281f213db2ece5f025a0cad27a177189be07cc12b86ae03c1db69c9dd0a3078a3d7be1350ae80bfad292b9c8b9d5d90484b4605595b58b2dba788487c812b7fb0dee5dddef09b0a3dd4aa6e8906ad64e37f318e2501df24dcceecf106819905943150a97c9b780ecca8309f604028ec4372354e1a214097faebeef0613f8e2998a2d1ba43349714ca24cbda7ebd296a6f4c5d2393db3bafc3db151ca53a144db82ce30ed85155d1343e91a273c8ffc6126b0e6099e017b77437735404c31b955cef5b1333886179641a846926849cb0ba39191a362353d8d0dc799797e656ada3451808f695709ef1474ac43b493169a5a4422be47e91c26c1175448a1ab5281527f7aed171761dcd90282cc83bac79526946e49ccc4c1cf3ef5f4e46683659e94ba3395f021ec3682a2c9bf87ec332cdb187f3e83e08d2b02fb0a378abf53981809b0c89a5fc94d98e445699bb4ebb777d71a95ece72649157d4f0353c50171801543fad7b04deedf0fb1a1df5859c437a568fd9717356a8e3bb92c0ea04aef46b080cfb55f0dca588ecb57864c63454bb17a0c59769e518d160144e3cc19a9752d4d3d5d0e570e3226e105dd6c2346ce0ce25f344234933be65ceac273a62b8e11a4a9cda10a57e52eee6b64dc99772a2ac2378597510347295d8aa78460145b231fe84b257c333b1b4d5dfb5c3ba0fda65ee2d0e6886ff2dff3e8ba1df0b9c603f22229fbaceefc37117d206e9cce8582f147c97c5e54fe4f72c3eaaddef18089cf71da2a512779da4684914f9d2c3ade4f632381003509f1822b3e6e0b31cebd665e50c1d90a330ad51b90fbd43ab8aac9d6b7570872fab500f8a7dfc403c69914cd82c2d75be9e05fb92ad55ebf794c37fc65c7ec5b957b9d8254e6e2974028ea63e5a302080d380462f1e7a4cf93a7061685307cc842ed06936a3e376133999f59061a1a7bac340e91bfba0a419c9e0fad5b4f4c13ed0147592f7dc5665bd894bc06c52f0f2635ec60fd5147ed4ee2f356bdd710a906d43502545776139445def58106e4034ff4d1495d4e2b54da2d5c5dac0611b9e49cd590ff3037be7f3e93d4083e09cc590cf72068b68f176abc1d90239562e05621776daee9b46bb436b629cde1029ffd44e1eb1db5b98293122d31a717b76eef0353b4ea0c19c18dbb6db8ca3d7024b9a64546be45086585e16bbe377cf89a11874386b6e38d36aa2387d0ee2933d1758d8194a36f74ea9834d2d19244921641eed4c64c8063e379acd2282e420e7f0e5f2b156e8803cdafbf577e5472ce1503077f9f22457fbcd9546fa0665e8e15ac8846a24845e5af384e3f7c303c533ff8eb376266b12b9a56d088e75d993e2b139ea316a17931fd1bb4d63bc34c3fad3adf61eb0148309eaddfb2a8a5cb917927d22bbb4eb7acb1c51e42387c2f5871194149b51566e79082276aa95bf30453e0d5a2b30d128705bb518dd8163cd135b2a5f7c9a41ed21d390f55db412ded581f448cdc3a4850ee86767e4bc12ee449c95acf896f7dca04a5a30a7857234af27a2c514f1115ad1777dcae4e9f429d62f4ad9eff64bf0ede69780395a9d45be4d132f473e553a202b9ab6b515d3c7e2210e8416c328260f57457a6bd0bf36c0bf098636605d9ac9ec1b91005a93e870860908a698379b9c27b160db8302d7cf11fd813008b06803867932b27077ec188cabd80ee721c59bc484d1bb23f17884d1058946237b56094d69edceeaf49f4c396a120f7fd841072160618bbded5543ce53f4263c2a607d435a3e637e91283e4563e6585f98628d05b5467584286ab04a527d2f96f2fb8842e91c4b5f8a806f155282ec230c278d2de400d949d454bf77b9f06e51afc0c21002c5603b251d6f42c4446e133a05bf524657c0f42b522344e9aa42cd78ac29421f200a67e78dd2f8f5fbd408f58c41c560bb0a67c991ee66febde07b5f3c6798a7718372b1cc4b2164890a35da9bf56497fc539425fdc6b6702d35f21ec04f41791994dc4b3524b0f445d4d721fab2a5a2f61da33295330beb5e738be8bdf3fb3e6c4353538c79e78635ed9e4083d2a5bff7409403b5037064c42345de706f1e12b2eadf6c13dda2be51ee0e29b98ea41a8b6fb30adc90322c1c68f700141b0317d746d2eacea573454ce64a94262e128a5545c867738207c9cd0addbef35512e8ad0a784a5c693efec8a39aa8aba1f54b779224f26c31a9ff83ec04b62cf8487b47bd0e0cce276c6dd7a083d5b8aa9f0b2d50bcf53db0ec6480f9598d0622113669de82eab264b75885fb993bf2b54cb8c9b5c9982dcbdf52212ca53065e8f7de3d3d6e34ddec19c57a5721698010f88d05259651864d3f6a324daebbe8845dcb7bb965836a9a5c6368c32ccebf0aaa72219e0611fb5cc7760936e631f372306f86e011cd08c57ee4da54be7cd5a48b7c77c7e09911d98c17cd7442d961ae6d5c750c145be6d712f47b884b6beec7b5987d82a9152dd3e628f5b14ba9f3a6a9351be6029b7b63993ad2b4a0939d3ccd63f35b48a9b9dfa2f5765596b397ada7453dc5bdb47fff2edfd8b52ca359b7dae3a3d1fbf1ce2d6ec844ec1ef1b2f80ae31a6187c43ea69bbb0f03c545be4e58a90705aa634f9d7b619314cbe453fb05de6fabe2e5338213d2bde091bb1a0bd857acee07ec9afdb634881bed94c3359e680429404907421d623f4438cdbd93cdf8b88711c2f454a50934cc06e22b9112beee414bb4c0c81284d84688b47a3bcab58c70e4b7a6af8406a5353cd9f8022aca7c888593e3f352c34b112c7373b8d3eb7aeeaaa2bc6ec43bc556b3fbe46e4cfc00ea78ade4333e1622024edecfc64569b00a3212229d47402a6da70bbb3041ce2d5acedf3adec82bfdccd3465c9848a052be1898cf874ef8ae5e9c5e86997b39a746aed422a166d8e3159519863d6c9f86d1c872b8ef64f2021d949c1278c98dcd823e0fce71ecc0b65315d87f56139653cd6c635471d2b8240604da61c2652ff0d9ef7808c3e3c747dea8f21266865a23371255683a4ce0dd9a9e84112df4856225386356d9fb7fd822c49935b98115fb281bac7ab142a14f43fb65c6050f14b5c693e0ea61c27daab7a2bf8dcb9d3f0fab368864ad2d937d32d38ed68b7234930e5b961b5e0709023e712f8e44bbf4804620b25fc34673eff141915b6a961128e823878fd5333f93e7bf340bddfc5221963bfefa249e7164d1bd37622d91c123158e9cac7f00b003573b661665a3626d336bc93c0154d161e3fec6b88c08cf81648b205e4d6c284c6dda72021215f30088dfc0aeafb9334d26eef7c8f39ae2ac9a2dae49cbe4df7a4d898363c811471077986be2b49ae27102fc087e298c2e7c5669e8c6eeaba46cc59aa1172f25598b3883a958abb85a1dde92409fbaabc31fe0ec9254961a25960a3df83bec1097565d160791c5a1406cf7147791409d9b7782ed5a52166c52a51489b9b31eaf161a5f29e37d65c25691769bf5bb92a90cebf191690b7780ea730fedee9aafe31e229afbf593d2939025f0d335652cadbf1dc08f28f57d2586b728befe2528634e983aaa17dc34df680b99c9ebc51e9bea936c4afcc60da876b7ec8538722de21e3107cd354b3186a6e64031346840301feaf2c74fbd8ec59fe28e56717e8b7882be2b07478f2288317f0069bfe04f0e16dd7935c4f3ecc6db369b04bebd0d5d4becdeac504b910b0f4d215944b4a4973ea2de56d249aae097af454859a1c7cadfed95ef396f14e65a030923213a9268cd9f390da64abe839c6fb3f8187e0c593195e852a581b8881c432aa650700579de1a946de5797d85589481d094cda5d6f169e3e641cb24cf9159a9efeb7c194e9ff009d831a6602d0a343a68ad5b41eccd44fe46f9a457585e841193ff1b8e3445435bfd52cf8f526bb3e98909efe642a8e8386d0ada381e74cab28e8404353d18142b1a94789eb28a1fae5956b6625eab96c9f4afa9f4a126a88a7b5cc4e461752c8c9ee993533b88e5576fc0782435b0660ba527130402b4902320b2dc159ca16ae1b3961cc3611b183e35749cdca130ad197730e8915d2aadf3d266eb4fce80607a7a59d04c410f67898770aa570704720da892d49e7b", 0x1000}], 0x2}, 0x0)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x30, r7, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x0, 0x8}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x9004)

123.649408ms ago: executing program 2 (id=1748):
r0 = accept$phonet_pipe(0xffffffffffffffff, 0x0, &(0x7f0000000000))
ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000700)=@mangle={'mangle\x00', 0x64, 0x6, 0x648, 0x1a0, 0xd0, 0x3d0, 0xd0, 0x300, 0x578, 0x578, 0x578, 0x578, 0x578, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x3a010000}}, @HL={0x28}}, {{@ipv6={@private1, @loopback, [], [], 'tunl0\x00', 'bridge_slave_1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x3d0}}, {{@ipv6={@private0, @remote, [], [0x0, 0x0, 0xff000000], 'veth0_to_team\x00', 'tunl0\x00', {}, {}, 0x11, 0x0, 0x3}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x2, @dev, @private1, @mcast2}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@loopback, @private2, [], [], 'syzkaller1\x00', 'veth0_to_batadv\x00'}, 0x0, 0x160, 0x1a8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @private0={0xfc, 0x0, '\x00', 0xfc}, @local}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@remote, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6a8)

74.896754ms ago: executing program 2 (id=1749):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r3, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
mincore(&(0x7f0000ebe000/0x4000)=nil, 0x4000, &(0x7f0000000140)=""/209)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@newqdisc={0x60, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x9, 0x3, 0x0, 0x6, 0xfffffffa, 0x25}, [@TCA_NETEM_RATE={0x14, 0x6, {0xe1, 0x79d, 0x0, 0x3}}]}}}]}, 0x60}}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x10080, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000040)={'wg0\x00'})

74.224971ms ago: executing program 0 (id=1750):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100), 0x20000, 0x0)
readv(r3, &(0x7f00000006c0)=[{0x0}], 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000140)={0x100, 0x640, &(0x7f0000000240), 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000080)=<r5=>0x0)
sched_setscheduler(r5, 0x5, &(0x7f0000000180)=0x401)
r6 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r6, 0x4610, &(0x7f00000000c0)={0x1})

73.472297ms ago: executing program 3 (id=1751):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r1 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x1002, 0x8243}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gre={{0x8}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async, rerun: 32)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)) (async)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (async)
r6 = syz_open_procfs(0x0, &(0x7f0000000680)='net\x00')
getdents64(r6, &(0x7f0000002f40)=""/4098, 0x1002) (async)
writev(r4, &(0x7f00000001c0)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec96558", 0xe}, {&(0x7f0000000140)="25e5d4e536986062ac07903d88a8", 0x140}], 0x2) (async)
r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0)
ioctl$SNDCTL_TMR_CONTINUE(r7, 0x5404) (async)
ioctl$SNDCTL_SEQ_OUTOFBAND(r7, 0x40085112, &(0x7f0000000140)=@t={0x81, 0x5, 0x4}) (async, rerun: 32)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000ec0)=@newlink={0x74, 0x10, 0x409, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x54, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x3c, 0x5, 0x0, 0x1, [@IFLA_BRPORT_UNICAST_FLOOD={0x5}, @IFLA_BRPORT_VLAN_TUNNEL={0x5, 0x1d, 0x1}, @IFLA_BRPORT_MULTICAST_ROUTER={0x5, 0x19, 0x2}, @IFLA_BRPORT_PRIORITY={0x6, 0x2, 0x5}, @IFLA_BRPORT_VLAN_TUNNEL={0x5}, @IFLA_BRPORT_LEARNING={0x5}, @IFLA_BRPORT_NEIGH_SUPPRESS={0x5, 0x20, 0x1}]}}}]}, 0x74}}, 0x0) (rerun: 32)

70.648504ms ago: executing program 2 (id=1752):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', <r1=>0x0})
socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x29, 0x6, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1500000010"], 0x48)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCDELRT(r5, 0x890c, &(0x7f00000001c0)={0x1, @null, @netrom={'nr', 0x0}, 0x2, 'syz1\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x560, 0x1, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1200000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000010000aadc14ddcc551192000000f288ad387a60e080083868adcb7932df941b62e08a00ddabfa2e47059b0983b2f759063d65bcea6b0671c13f3f4d266451a99bc16b9e98b9600edc409c"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYRES32=r9, @ANYRES32=r8, @ANYBLOB='&'], 0x10) (async)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYRES32=r9, @ANYRES32=r8, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r9, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r7}, 0x20) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r9, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r7}, 0x20)
recvmmsg(r7, &(0x7f00000073c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000003d80)=[{&(0x7f0000002ac0)=""/4101, 0x1005}], 0x1}}], 0x2, 0xf2, 0x0) (async)
recvmmsg(r7, &(0x7f00000073c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000003d80)=[{&(0x7f0000002ac0)=""/4101, 0x1005}], 0x1}}], 0x2, 0xf2, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010400f7ffffffffffffff000000", @ANYRES32=0x0, @ANYRESHEX=r4, @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r6, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x44800)

4.909863ms ago: executing program 1 (id=1753):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0) (async)
r1 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) (async, rerun: 64)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080), 0x400040, 0x0) (rerun: 64)
ppoll(&(0x7f00000000c0)=[{r0, 0x1}, {r1, 0x201}, {r2, 0x8048}], 0x3, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000140)={[0x401]}, 0x8) (async, rerun: 32)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x7, &(0x7f0000000180)=[{0x0, 0x8, 0x5, 0x3}, {0x80, 0xfb, 0x0, 0x39}, {0x200, 0x6, 0x5, 0x7}, {0xff, 0x9, 0xf, 0x2}, {0x101, 0xb, 0xfe, 0x64ad3294}, {0x18, 0x8, 0x20, 0x7}, {0x1, 0x9, 0x7, 0xc1}]}) (rerun: 32)
ioctl$BTRFS_IOC_QUOTA_CTL(r3, 0xc0109428, &(0x7f0000000200)={0x3, 0x7fffffff}) (async)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000240)={0x0, 0x2, 0x100000000, 0xfffffffffffffffa}) (async)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000280)=[r0], 0x1) (async)
r5 = syz_open_dev$radio(&(0x7f00000002c0), 0x3, 0x2) (async, rerun: 32)
r6 = fcntl$getown(r2, 0x9) (rerun: 32)
tkill(r6, 0x25) (async, rerun: 32)
r7 = userfaultfd(0x80800) (rerun: 32)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}})
connect$bt_rfcomm(r1, &(0x7f0000000340)={0x1f, @any, 0x2}, 0xa)
ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000380)={0x1, 0xc0000000, 0x5, 0x84800, <r8=>0xffffffffffffffff})
read(r8, &(0x7f00000003c0)=""/225, 0xe1)
close$binfmt(r2)
r9 = signalfd(0xffffffffffffffff, &(0x7f00000004c0)={[0x10]}, 0x8)
ioctl$SIOCX25SENDCALLACCPT(r9, 0x89e9) (async)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000500)={'ip6_vti0\x00', 0x7}) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x9, 0x10010, r0, 0x0) (async, rerun: 64)
r10 = socket$igmp(0x2, 0x3, 0x2) (rerun: 64)
getsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000540), 0x4) (async)
read(r8, &(0x7f0000000580)=""/80, 0x50) (async)
fstatfs(0xffffffffffffffff, &(0x7f0000000600)) (async)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r9, 0xc08c5334, &(0x7f0000000640)={0xfffffffc, 0x10001, 0x0, 'queue0\x00', 0x9213}) (async, rerun: 32)
poll(&(0x7f0000000700)=[{r4, 0x400}, {r9, 0x8}, {0xffffffffffffffff, 0x116}, {r0, 0x2}, {r3}, {r5, 0x8}, {r10, 0x2000}], 0x7, 0x2ecc) (async, rerun: 32)
tkill(r6, 0x23) (async, rerun: 64)
mbind(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x4000, &(0x7f0000000740)=0x10, 0x1, 0x6) (rerun: 64)

4.142325ms ago: executing program 2 (id=1754):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000a0000000060a010400000000000000000100000808000b400000000078000480340001800b000100657874686472000024000280080001400000000c080003400000000208000440000000220500020007000000400001800c000100626974776973650030"], 0x114}, 0x1, 0x0, 0x0, 0x4020040}, 0x4000)
mount$binder(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1026864, &(0x7f00000001c0)=ANY=[@ANYBLOB='max=']) (async)
mount$binder(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1026864, &(0x7f00000001c0)=ANY=[@ANYBLOB='max='])
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0) (async)
lseek(r0, 0x10001, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x24, 0x2c, 0x1, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x9, 0x2}, {}, {0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x200cc814)
socket(0x15, 0x1, 0xedfcb53) (async)
socket(0x15, 0x1, 0xedfcb53)

3.129225ms ago: executing program 3 (id=1755):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000100), &(0x7f0000000140)='%pi6   \x00'}, 0x20) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000001c0)={r0}, 0x4) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) (async)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="03c900271e37"], 0x12b) (async)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x64}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8}]}]}, 0x4c}}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x10, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000cb7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.987344ms ago: executing program 1 (id=1756):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000080)={0x800041}, 0x10)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
write(r2, &(0x7f0000001280)='\f', 0x1)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x41, 0x4, 0x3}, 0x10)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c000000020601080000000000000000000000001400078008000840000000000800174000000004050005000a000000050001000700000005000400000000000900020073513d31000000000d0003006c6973743a736574"], 0x5c}}, 0x0)

0s ago: executing program 2 (id=1757):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0x6}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x655c, 0x2, 0x1ffffffe, 0x9, 0x800}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x8, 0x7}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001340)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x127b, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffffffffffff}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0x0)
shutdown(r5, 0x0)
accept(r5, 0x0, 0x0)

kernel console output (not intermixed with test programs):

7 has an invalid length.
[  129.681231][ T9872] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1153'.
[  129.751275][ T9877] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=9877 comm=syz.1.1155
[  129.758546][ T9878] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=9878 comm=syz.1.1155
[  129.852256][ T9889] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1159'.
[  129.854283][ T9891] FAULT_INJECTION: forcing a failure.
[  129.854283][ T9891] name failslab, interval 1, probability 0, space 0, times 0
[  129.861076][ T9891] CPU: 3 UID: 0 PID: 9891 Comm: syz.2.1160 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  129.861100][ T9891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.861111][ T9891] Call Trace:
[  129.861117][ T9891]  <TASK>
[  129.861125][ T9891]  dump_stack_lvl+0x16c/0x1f0
[  129.861152][ T9891]  should_fail_ex+0x512/0x640
[  129.861173][ T9891]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  129.861201][ T9891]  should_failslab+0xc2/0x120
[  129.861219][ T9891]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  129.861244][ T9891]  ? __kernfs_new_node+0xd2/0x8a0
[  129.861286][ T9891]  __kernfs_new_node+0xd2/0x8a0
[  129.861303][ T9891]  ? kernfs_add_one+0x14e/0x840
[  129.861321][ T9891]  ? __pfx___kernfs_new_node+0x10/0x10
[  129.861341][ T9891]  ? find_held_lock+0x2b/0x80
[  129.861362][ T9891]  ? kernfs_root+0xee/0x2a0
[  129.861382][ T9891]  kernfs_new_node+0x13c/0x1e0
[  129.861405][ T9891]  kernfs_create_link+0xcc/0x240
[  129.861429][ T9891]  sysfs_do_create_link_sd+0x90/0x140
[  129.861446][ T9891]  sysfs_create_link+0x61/0xc0
[  129.861461][ T9891]  device_add+0x50a/0x1a70
[  129.861483][ T9891]  ? lockdep_init_map_type+0x5c/0x280
[  129.861508][ T9891]  ? __pfx_device_add+0x10/0x10
[  129.861529][ T9891]  ? lockdep_init_map_type+0x5c/0x280
[  129.861552][ T9891]  ? __init_waitqueue_head+0xca/0x150
[  129.861575][ T9891]  tty_register_device_attr+0x38e/0x7c0
[  129.861603][ T9891]  ? __pfx_tty_register_device_attr+0x10/0x10
[  129.861631][ T9891]  rfcomm_dev_ioctl+0x16be/0x1ca0
[  129.861645][ T9891]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[  129.861658][ T9891]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  129.861677][ T9891]  rfcomm_sock_ioctl+0xaa/0xd0
[  129.861693][ T9891]  sock_do_ioctl+0x115/0x280
[  129.861707][ T9891]  ? __pfx_sock_do_ioctl+0x10/0x10
[  129.861722][ T9891]  ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450
[  129.861738][ T9891]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  129.861754][ T9891]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  129.861773][ T9891]  sock_ioctl+0x227/0x6b0
[  129.861787][ T9891]  ? __pfx_sock_ioctl+0x10/0x10
[  129.861799][ T9891]  ? hook_file_ioctl_common+0x145/0x410
[  129.861812][ T9891]  ? selinux_file_ioctl+0x180/0x270
[  129.861826][ T9891]  ? selinux_file_ioctl+0xb4/0x270
[  129.861841][ T9891]  ? __pfx_sock_ioctl+0x10/0x10
[  129.861854][ T9891]  __x64_sys_ioctl+0x190/0x200
[  129.861868][ T9891]  do_syscall_64+0xcd/0x260
[  129.861883][ T9891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.861893][ T9891] RIP: 0033:0x7fc92ab8e969
[  129.861902][ T9891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.861912][ T9891] RSP: 002b:00007fc92badc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  129.861921][ T9891] RAX: ffffffffffffffda RBX: 00007fc92adb5fa0 RCX: 00007fc92ab8e969
[  129.861927][ T9891] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[  129.861933][ T9891] RBP: 00007fc92badc090 R08: 0000000000000000 R09: 0000000000000000
[  129.861938][ T9891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  129.861944][ T9891] R13: 0000000000000000 R14: 00007fc92adb5fa0 R15: 00007ffea21af8c8
[  129.861956][ T9891]  </TASK>
[  130.062736][ T9907] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  130.196663][ T9931] FAULT_INJECTION: forcing a failure.
[  130.196663][ T9931] name failslab, interval 1, probability 0, space 0, times 0
[  130.200865][ T9931] CPU: 0 UID: 0 PID: 9931 Comm: syz.1.1171 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  130.200879][ T9931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  130.200885][ T9931] Call Trace:
[  130.200894][ T9931]  <TASK>
[  130.200899][ T9931]  dump_stack_lvl+0x16c/0x1f0
[  130.200935][ T9931]  should_fail_ex+0x512/0x640
[  130.200956][ T9931]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  130.200980][ T9931]  should_failslab+0xc2/0x120
[  130.200991][ T9931]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  130.201006][ T9931]  ? __asan_memcpy+0x3c/0x60
[  130.201019][ T9931]  ? __kernfs_new_node+0xd2/0x8a0
[  130.201032][ T9931]  __kernfs_new_node+0xd2/0x8a0
[  130.201055][ T9931]  ? __pfx___kernfs_new_node+0x10/0x10
[  130.201069][ T9931]  ? find_held_lock+0x2b/0x80
[  130.201082][ T9931]  ? kernfs_root+0xee/0x2a0
[  130.201094][ T9931]  kernfs_new_node+0x13c/0x1e0
[  130.201108][ T9931]  kernfs_create_link+0xcc/0x240
[  130.201123][ T9931]  sysfs_do_create_link_sd+0x90/0x140
[  130.201133][ T9931]  sysfs_create_link+0x61/0xc0
[  130.201142][ T9931]  device_add+0x62c/0x1a70
[  130.201155][ T9931]  ? lockdep_init_map_type+0x5c/0x280
[  130.201170][ T9931]  ? __pfx_device_add+0x10/0x10
[  130.201181][ T9931]  ? lockdep_init_map_type+0x5c/0x280
[  130.201196][ T9931]  ? __init_waitqueue_head+0xca/0x150
[  130.201211][ T9931]  tty_register_device_attr+0x38e/0x7c0
[  130.201229][ T9931]  ? __pfx_tty_register_device_attr+0x10/0x10
[  130.201274][ T9931]  rfcomm_dev_ioctl+0x16be/0x1ca0
[  130.201290][ T9931]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[  130.201303][ T9931]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  130.201322][ T9931]  rfcomm_sock_ioctl+0xaa/0xd0
[  130.201338][ T9931]  sock_do_ioctl+0x115/0x280
[  130.201352][ T9931]  ? __pfx_sock_do_ioctl+0x10/0x10
[  130.201367][ T9931]  ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450
[  130.201383][ T9931]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  130.201399][ T9931]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  130.201416][ T9931]  sock_ioctl+0x227/0x6b0
[  130.201430][ T9931]  ? __pfx_sock_ioctl+0x10/0x10
[  130.201442][ T9931]  ? hook_file_ioctl_common+0x145/0x410
[  130.201455][ T9931]  ? selinux_file_ioctl+0x180/0x270
[  130.201469][ T9931]  ? selinux_file_ioctl+0xb4/0x270
[  130.201484][ T9931]  ? __pfx_sock_ioctl+0x10/0x10
[  130.201497][ T9931]  __x64_sys_ioctl+0x190/0x200
[  130.201512][ T9931]  do_syscall_64+0xcd/0x260
[  130.201526][ T9931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.201536][ T9931] RIP: 0033:0x7f451158e969
[  130.201545][ T9931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.201555][ T9931] RSP: 002b:00007f4512415038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  130.201565][ T9931] RAX: ffffffffffffffda RBX: 00007f45117b5fa0 RCX: 00007f451158e969
[  130.201571][ T9931] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[  130.201577][ T9931] RBP: 00007f4512415090 R08: 0000000000000000 R09: 0000000000000000
[  130.201582][ T9931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  130.201588][ T9931] R13: 0000000000000000 R14: 00007f45117b5fa0 R15: 00007ffd3f1e55c8
[  130.201600][ T9931]  </TASK>
[  130.327649][ T9936] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  130.501587][ T9947] program syz.2.1177 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  130.513203][ T9949] 9pnet_fd: Insufficient options for proto=fd
[  130.540980][   T40] kauditd_printk_skb: 32600 callbacks suppressed
[  130.540991][   T40] audit: type=1400 audit(1746848987.508:42716): avc:  denied  { read } for  pid=9950 comm="syz.0.1178" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  130.592115][ T9954] loop6: detected capacity change from 0 to 7
[  130.599091][ T9954] Dev loop6: unable to read RDB block 7
[  130.601534][ T9954]  loop6: unable to read partition table
[  130.604308][ T9954] loop6: partition table beyond EOD, truncated
[  130.606322][ T9954] loop_reread_partitions: partition scan of loop6 (�被x������ ) failed (rc=-5)
[  130.632905][ T9958] FAULT_INJECTION: forcing a failure.
[  130.632905][ T9958] name failslab, interval 1, probability 0, space 0, times 0
[  130.638645][ T9958] CPU: 0 UID: 0 PID: 9958 Comm: syz.3.1180 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  130.638669][ T9958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  130.638678][ T9958] Call Trace:
[  130.638684][ T9958]  <TASK>
[  130.638690][ T9958]  dump_stack_lvl+0x16c/0x1f0
[  130.638716][ T9958]  should_fail_ex+0x512/0x640
[  130.638737][ T9958]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  130.638766][ T9958]  should_failslab+0xc2/0x120
[  130.638789][ T9958]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  130.638813][ T9958]  ? __asan_memcpy+0x3c/0x60
[  130.638836][ T9958]  ? __kernfs_new_node+0xd2/0x8a0
[  130.638856][ T9958]  __kernfs_new_node+0xd2/0x8a0
[  130.638873][ T9958]  ? __pfx___kernfs_new_node+0x10/0x10
[  130.638895][ T9958]  ? find_held_lock+0x2b/0x80
[  130.638916][ T9958]  ? kernfs_root+0xee/0x2a0
[  130.638936][ T9958]  kernfs_new_node+0x13c/0x1e0
[  130.638959][ T9958]  kernfs_create_link+0xcc/0x240
[  130.638983][ T9958]  sysfs_do_create_link_sd+0x90/0x140
[  130.639001][ T9958]  sysfs_create_link+0x61/0xc0
[  130.639016][ T9958]  device_add+0x62c/0x1a70
[  130.639037][ T9958]  ? lockdep_init_map_type+0x5c/0x280
[  130.639061][ T9958]  ? __pfx_device_add+0x10/0x10
[  130.639079][ T9958]  ? lockdep_init_map_type+0x5c/0x280
[  130.639104][ T9958]  ? __init_waitqueue_head+0xca/0x150
[  130.639130][ T9958]  tty_register_device_attr+0x38e/0x7c0
[  130.639159][ T9958]  ? __pfx_tty_register_device_attr+0x10/0x10
[  130.639197][ T9958]  rfcomm_dev_ioctl+0x16be/0x1ca0
[  130.639220][ T9958]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[  130.639239][ T9958]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  130.639264][ T9958]  rfcomm_sock_ioctl+0xaa/0xd0
[  130.639284][ T9958]  sock_do_ioctl+0x115/0x280
[  130.639306][ T9958]  ? __pfx_sock_do_ioctl+0x10/0x10
[  130.639331][ T9958]  ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450
[  130.639356][ T9958]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  130.639380][ T9958]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  130.639406][ T9958]  sock_ioctl+0x227/0x6b0
[  130.639429][ T9958]  ? __pfx_sock_ioctl+0x10/0x10
[  130.639448][ T9958]  ? hook_file_ioctl_common+0x145/0x410
[  130.639471][ T9958]  ? selinux_file_ioctl+0x180/0x270
[  130.639492][ T9958]  ? selinux_file_ioctl+0xb4/0x270
[  130.639516][ T9958]  ? __pfx_sock_ioctl+0x10/0x10
[  130.639538][ T9958]  __x64_sys_ioctl+0x190/0x200
[  130.639560][ T9958]  do_syscall_64+0xcd/0x260
[  130.639584][ T9958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.639601][ T9958] RIP: 0033:0x7fc7ccf8e969
[  130.639615][ T9958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.639630][ T9958] RSP: 002b:00007fc7cddd2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  130.639663][ T9958] RAX: ffffffffffffffda RBX: 00007fc7cd1b5fa0 RCX: 00007fc7ccf8e969
[  130.639674][ T9958] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[  130.639684][ T9958] RBP: 00007fc7cddd2090 R08: 0000000000000000 R09: 0000000000000000
[  130.639693][ T9958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  130.639702][ T9958] R13: 0000000000000000 R14: 00007fc7cd1b5fa0 R15: 00007ffc990d22b8
[  130.639727][ T9958]  </TASK>
[  130.812569][   T40] audit: type=1400 audit(1746848987.778:42717): avc:  denied  { accept } for  pid=9964 comm="syz.2.1183" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  130.813191][ T9966] cgroup: Unknown subsys name 'cpuset'
[  131.373113][ T9951] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  131.376463][ T9951] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  131.385910][ T9951] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  131.396126][ T9951] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  131.398798][ T9951] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  131.404858][ T9951] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  131.410093][ T9951] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  131.412519][ T9951] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  131.419598][ T9951] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  131.527155][ T9985] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  131.529930][ T9985] overlayfs: missing 'lowerdir'
[  131.566633][ T9989] atomic_op ffff88804f69f198 conn xmit_atomic 0000000000000000
[  131.569993][ T9989] syz.1.1192: attempt to access beyond end of device
[  131.569993][ T9989] nbd1: rw=6144, sector=128, nr_sectors = 8 limit=0
[  131.574263][ T9989] gfs2: error -5 reading superblock
[  131.638764][   T40] audit: type=1400 audit(1746848988.608:42718): avc:  denied  { unlink } for  pid=9995 comm="syz.1.1194" name="file0" dev="9p" ino=35913971 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  131.645861][   T40] audit: type=1400 audit(1746848988.608:42719): avc:  denied  { watch watch_reads } for  pid=9995 comm="syz.1.1194" path="/291/file0" dev="9p" ino=35913856 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  131.652977][   T40] audit: type=1400 audit(1746848988.618:42720): avc:  denied  { create } for  pid=9995 comm="syz.1.1194" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  131.773839][   T34] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  131.903882][   T34] usb 5-1: device descriptor read/64, error -71
[  131.921797][T10004] sctp: [Deprecated]: syz.1.1197 (pid 10004) Use of struct sctp_assoc_value in delayed_ack socket option.
[  131.921797][T10004] Use struct sctp_sack_info instead
[  132.021942][T10015] __nla_validate_parse: 4 callbacks suppressed
[  132.021954][T10015] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1200'.
[  132.143386][T10029] CUSE: info not properly terminated
[  132.174888][   T34] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  132.303960][   T34] usb 5-1: device descriptor read/64, error -71
[  132.349373][T10035] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1206'.
[  132.382246][   T40] audit: type=1400 audit(1746848989.348:42721): avc:  denied  { execmod } for  pid=10036 comm="syz.1.1207" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=35366 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  132.392460][   T40] audit: type=1400 audit(1746848989.348:42722): avc:  denied  { execute } for  pid=10036 comm="syz.1.1207" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=35366 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  132.413896][   T34] usb usb5-port1: attempt power cycle
[  132.467981][ T9971] 9pnet: Unknown protocol version 9p2000.u�X�ޗ��+i�(/�ϴ"Oi�-�9�	Ww�q����9�q�>������K^�\J�
[  132.481282][   T40] audit: type=1400 audit(1746848989.448:42723): avc:  denied  { create } for  pid=9969 comm="syz.2.1185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  132.488049][   T40] audit: type=1400 audit(1746848989.448:42724): avc:  denied  { setopt } for  pid=9969 comm="syz.2.1185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  132.569412][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  132.694945][T10047] sp0: Synchronizing with TNC
[  132.713863][ T5283] Bluetooth: hci1: command 0x0c1a tx timeout
[  132.733849][ T2217] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  132.853931][   T34] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  132.877653][T10052] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1212'.
[  132.880468][T10052] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1212'.
[  132.884923][   T34] usb 5-1: device descriptor read/8, error -71
[  132.897358][ T2217] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  132.900853][ T2217] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.904248][ T2217] usb 6-1: Product: syz
[  132.905854][ T2217] usb 6-1: Manufacturer: syz
[  132.907619][ T2217] usb 6-1: SerialNumber: syz
[  132.922319][ T2217] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  132.943664][   T40] audit: type=1400 audit(1746848989.908:42725): avc:  denied  { firmware_load } for  pid=6057 comm="kworker/3:3" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  132.955147][ T6057] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  132.957842][T10061] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1214'.
[  133.011462][T10067] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1216'.
[  133.143817][   T34] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  133.160089][ T5972] usb 6-1: USB disconnect, device number 13
[  133.164298][   T34] usb 5-1: device descriptor read/8, error -71
[  133.273943][   T34] usb usb5-port1: unable to enumerate USB device
[  133.293870][ T5941] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  133.443873][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout
[  133.447353][ T5283] Bluetooth: hci0: command 0x0c1a tx timeout
[  133.463816][ T5941] usb 7-1: Using ep0 maxpacket: 8
[  133.467567][ T5941] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  133.471270][ T5941] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  133.475157][ T5941] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  133.478797][ T5941] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  133.483627][ T5941] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  133.487248][ T5941] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.696242][ T5941] usb 7-1: GET_CAPABILITIES returned 0
[  133.698087][ T5941] usbtmc 7-1:16.0: can't read capabilities
[  133.716354][T10071] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1218'.
[  133.910346][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  133.979194][ T5975] usb 7-1: USB disconnect, device number 14
[  134.004076][ T6057] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  134.010029][ T6057] ath9k_htc: Failed to initialize the device
[  134.018783][ T5972] usb 6-1: ath9k_htc: USB layer deinitialized
[  134.549101][T10106] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  134.794376][ T5283] Bluetooth: hci1: command 0x0c1a tx timeout
[  134.805872][T10130] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1240'.
[  134.806316][T10131] netlink: 'syz.3.1240': attribute type 1 has an invalid length.
[  134.811551][T10131] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1240'.
[  134.815542][T10131] netlink: 'syz.3.1240': attribute type 1 has an invalid length.
[  134.818760][T10131] netlink: 'syz.3.1240': attribute type 2 has an invalid length.
[  134.884939][T10130] team0: Port device team_slave_0 removed
[  134.963846][  T836] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  134.988587][T10134] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=8216 (16432 ns) > initial count (48 ns). Using initial count to start timer.
[  134.993611][T10134] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=8216 (16432 ns) > initial count (48 ns). Using initial count to start timer.
[  135.000811][T10134] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=8216 (16432 ns) > initial count (48 ns). Using initial count to start timer.
[  135.106535][T10139] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1243'.
[  135.118584][  T836] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.122329][  T836] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  135.126324][  T836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.139497][  T836] usb 5-1: config 0 descriptor??
[  135.204122][T10149] mac80211_hwsim hwsim3 `���: renamed from wlan1 (while UP)
[  135.209287][T10149] trusted_key: encrypted_key: insufficient parameters specified
[  135.212969][T10149] trusted_key: encrypted_key: insufficient parameters specified
[  135.347246][  T836] usbhid 5-1:0.0: can't add hid device: -71
[  135.349887][  T836] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  135.360435][  T836] usb 5-1: USB disconnect, device number 26
[  135.508366][T10184] IPVS: set_ctl: invalid protocol: 3 172.20.20.45:20000
[  135.513835][ T5283] Bluetooth: hci2: command 0x0c1a tx timeout
[  135.554131][T10108] netlink: 'syz.0.1234': attribute type 21 has an invalid length.
[  135.558996][T10196] overlayfs: failed to resolve './file1': -2
[  135.698273][T10220] fuse: Bad value for 'user_id'
[  135.699878][T10220] fuse: Bad value for 'user_id'
[  135.834482][ T6057] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  135.993835][ T6057] usb 5-1: Using ep0 maxpacket: 32
[  135.996339][ T6057] usb 5-1: too many configurations: 20, using maximum allowed: 8
[  136.000742][ T6057] usb 5-1: unable to read config index 0 descriptor/start: -61
[  136.003882][ T6057] usb 5-1: can't read configurations, error -61
[  136.124769][T10243] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  136.133875][ T6057] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  136.293825][ T6057] usb 5-1: Using ep0 maxpacket: 32
[  136.296612][ T6057] usb 5-1: too many configurations: 20, using maximum allowed: 8
[  136.304430][ T6057] usb 5-1: unable to read config index 0 descriptor/start: -61
[  136.307281][ T6057] usb 5-1: can't read configurations, error -61
[  136.309923][ T6057] usb usb5-port1: attempt power cycle
[  136.425320][T10254] 9p: Unknown Cache mode or invalid value fscache�f��� �5
[  136.542281][T10260] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  136.546300][T10260] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  136.551061][T10260] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  136.653804][ T6057] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  136.685697][ T6057] usb 5-1: Using ep0 maxpacket: 32
[  136.688672][ T6057] usb 5-1: too many configurations: 20, using maximum allowed: 8
[  136.693555][ T6057] usb 5-1: unable to read config index 0 descriptor/start: -61
[  136.697048][ T6057] usb 5-1: can't read configurations, error -61
[  136.823791][ T6057] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  136.829311][T10270] FAULT_INJECTION: forcing a failure.
[  136.829311][T10270] name failslab, interval 1, probability 0, space 0, times 0
[  136.833525][T10270] CPU: 3 UID: 0 PID: 10270 Comm: syz.2.1284 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  136.833541][T10270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.833547][T10270] Call Trace:
[  136.833551][T10270]  <TASK>
[  136.833555][T10270]  dump_stack_lvl+0x16c/0x1f0
[  136.833589][T10270]  should_fail_ex+0x512/0x640
[  136.833605][T10270]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  136.833618][T10270]  should_failslab+0xc2/0x120
[  136.833629][T10270]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  136.833639][T10270]  ? kstrdup_const+0x63/0x80
[  136.833651][T10270]  kstrdup+0x53/0x100
[  136.833662][T10270]  kstrdup_const+0x63/0x80
[  136.833672][T10270]  __kernfs_new_node+0x9b/0x8a0
[  136.833683][T10270]  ? __pfx___kernfs_new_node+0x10/0x10
[  136.833696][T10270]  ? find_held_lock+0x2b/0x80
[  136.833721][T10270]  ? kernfs_root+0xee/0x2a0
[  136.833733][T10270]  kernfs_new_node+0x13c/0x1e0
[  136.833747][T10270]  kernfs_create_link+0xcc/0x240
[  136.833762][T10270]  sysfs_do_create_link_sd+0x90/0x140
[  136.833772][T10270]  sysfs_create_link+0x61/0xc0
[  136.833781][T10270]  device_add+0xb14/0x1a70
[  136.833795][T10270]  ? __pfx_device_add+0x10/0x10
[  136.833806][T10270]  ? lockdep_init_map_type+0x5c/0x280
[  136.833826][T10270]  tty_register_device_attr+0x38e/0x7c0
[  136.833845][T10270]  ? __pfx_tty_register_device_attr+0x10/0x10
[  136.833867][T10270]  rfcomm_dev_ioctl+0x16be/0x1ca0
[  136.833882][T10270]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[  136.833895][T10270]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  136.833914][T10270]  rfcomm_sock_ioctl+0xaa/0xd0
[  136.833930][T10270]  sock_do_ioctl+0x115/0x280
[  136.833945][T10270]  ? __pfx_sock_do_ioctl+0x10/0x10
[  136.833960][T10270]  ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450
[  136.833976][T10270]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  136.833992][T10270]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  136.834010][T10270]  sock_ioctl+0x227/0x6b0
[  136.834023][T10270]  ? __pfx_sock_ioctl+0x10/0x10
[  136.834035][T10270]  ? hook_file_ioctl_common+0x145/0x410
[  136.834049][T10270]  ? selinux_file_ioctl+0x180/0x270
[  136.834062][T10270]  ? selinux_file_ioctl+0xb4/0x270
[  136.834078][T10270]  ? __pfx_sock_ioctl+0x10/0x10
[  136.834091][T10270]  __x64_sys_ioctl+0x190/0x200
[  136.834105][T10270]  do_syscall_64+0xcd/0x260
[  136.834120][T10270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.834130][T10270] RIP: 0033:0x7fc92ab8e969
[  136.834139][T10270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.834148][T10270] RSP: 002b:00007fc92badc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  136.834157][T10270] RAX: ffffffffffffffda RBX: 00007fc92adb5fa0 RCX: 00007fc92ab8e969
[  136.834163][T10270] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[  136.834169][T10270] RBP: 00007fc92badc090 R08: 0000000000000000 R09: 0000000000000000
[  136.834175][T10270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  136.834180][T10270] R13: 0000000000000000 R14: 00007fc92adb5fa0 R15: 00007ffea21af8c8
[  136.834193][T10270]  </TASK>
[  136.873871][ T5283] Bluetooth: hci1: command 0x0c1a tx timeout
[  136.879365][ T6057] usb 5-1: Using ep0 maxpacket: 32
[  136.936881][ T6057] usb 5-1: too many configurations: 20, using maximum allowed: 8
[  136.940461][ T6057] usb 5-1: unable to read config index 0 descriptor/start: -61
[  136.942835][ T6057] usb 5-1: can't read configurations, error -61
[  136.945886][ T6057] usb usb5-port1: unable to enumerate USB device
[  136.963319][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  136.963335][   T40] audit: type=1326 audit(1746848993.928:42740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10275 comm="syz.1.1287" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f451158e969 code=0x0
[  137.016509][T10282] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10282 comm=syz.1.1287
[  137.600363][   T40] audit: type=1400 audit(1746848994.568:42741): avc:  denied  { setattr } for  pid=10286 comm="syz.0.1290" name="nvme-fabrics" dev="devtmpfs" ino=714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  137.603829][ T5283] Bluetooth: hci2: command 0x0c1a tx timeout
[  149.426205][T10306] netlink: 'syz.0.1294': attribute type 10 has an invalid length.
[  149.433251][   T40] audit: type=1400 audit(1746849006.398:42742): avc:  denied  { connect } for  pid=10307 comm="syz.3.1297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  149.443461][   T40] audit: type=1400 audit(1746849006.398:42743): avc:  denied  { read } for  pid=10307 comm="syz.3.1297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  149.474841][T10311] __nla_validate_parse: 4 callbacks suppressed
[  149.474858][T10311] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1296'.
[  149.516139][T10321] team0: No ports can be present during mode change
[  149.620073][T10312] 9pnet: Could not find request transport: I��f�ifd
[  149.764244][   T29] usb 5-1: new low-speed USB device number 31 using dummy_hcd
[  149.839262][T10336] lo speed is unknown, defaulting to 1000
[  149.926664][   T29] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  149.929706][   T29] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  149.943937][   T29] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  149.948722][   T29] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  149.953301][   T29] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  149.963835][   T29] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  149.967001][   T29] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  149.971324][   T29] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  149.983794][   T29] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  149.988292][   T29] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  149.994544][   T29] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  149.997515][   T29] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  150.000775][   T29] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  150.004852][   T29] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  150.008328][   T29] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  150.015438][   T29] usb 5-1: string descriptor 0 read error: -22
[  150.017458][   T29] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  150.020407][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.027089][   T29] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  150.088432][   T40] audit: type=1400 audit(1746849007.058:42744): avc:  denied  { read } for  pid=10344 comm="syz.2.1305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  150.136079][T10350] bridge0: entered promiscuous mode
[  150.138004][T10350] macvlan2: entered promiscuous mode
[  150.140520][T10350] bridge0: port 3(macvlan2) entered blocking state
[  150.142733][T10350] bridge0: port 3(macvlan2) entered disabled state
[  150.146468][T10350] macvlan2: entered allmulticast mode
[  150.148110][T10350] bridge0: entered allmulticast mode
[  150.150859][T10350] macvlan2: left allmulticast mode
[  150.152448][T10350] bridge0: left allmulticast mode
[  150.155202][T10350] bridge0: left promiscuous mode
[  150.336992][   T40] audit: type=1800 audit(1746849007.308:42745): pid=10366 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.1311" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  150.650903][T10397] loop2: detected capacity change from 0 to 7
[  150.653656][T10397] Dev loop2: unable to read RDB block 7
[  150.657097][T10397]  loop2: unable to read partition table
[  150.659048][T10397] loop2: partition table beyond EOD, truncated
[  150.661461][T10397] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  150.710240][T10394] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  150.745227][   T40] audit: type=1400 audit(1746849007.718:42746): avc:  denied  { execute } for  pid=10404 comm="syz.3.1324" path="/memory.events" dev="ramfs" ino=39167 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  150.783169][   T40] audit: type=1400 audit(1746849007.748:42747): avc:  denied  { create } for  pid=10409 comm="syz.3.1325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  150.795640][T10414] warn_alloc: 1 callbacks suppressed
[  150.795649][T10414] syz.1.1323: vmalloc error: size 3204284416, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  150.802015][T10414] CPU: 0 UID: 0 PID: 10414 Comm: syz.1.1323 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  150.802030][T10414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.802037][T10414] Call Trace:
[  150.802047][T10414]  <TASK>
[  150.802052][T10414]  dump_stack_lvl+0x16c/0x1f0
[  150.802084][T10414]  warn_alloc+0x248/0x3a0
[  150.802103][T10414]  ? __pfx_warn_alloc+0x10/0x10
[  150.802119][T10414]  ? stack_depot_save_flags+0x3e6/0xa50
[  150.802142][T10414]  ? kasan_save_stack+0x42/0x60
[  150.802157][T10414]  ? kasan_save_stack+0x33/0x60
[  150.802170][T10414]  ? kasan_save_track+0x14/0x30
[  150.802184][T10414]  ? __kasan_kmalloc+0xaa/0xb0
[  150.802198][T10414]  ? vb2_vmalloc_alloc+0xf9/0x3f0
[  150.802214][T10414]  ? vb2_core_create_bufs+0x559/0xab0
[  150.802229][T10414]  ? vb2_create_bufs+0x5e8/0x840
[  150.802242][T10414]  ? vb2_ioctl_create_bufs+0x244/0x3e0
[  150.802258][T10414]  __vmalloc_node_range_noprof+0x10ea/0x1540
[  150.802277][T10414]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  150.802295][T10414]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  150.802312][T10414]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  150.802330][T10414]  vmalloc_user_noprof+0x6b/0x90
[  150.802345][T10414]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  150.802359][T10414]  vb2_vmalloc_alloc+0x135/0x3f0
[  150.802375][T10414]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  150.802390][T10414]  __vb2_queue_alloc+0x8c6/0x1280
[  150.802411][T10414]  vb2_core_create_bufs+0x559/0xab0
[  150.802427][T10414]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  150.802448][T10414]  vb2_create_bufs+0x5e8/0x840
[  150.802464][T10414]  ? __pfx_vb2_create_bufs+0x10/0x10
[  150.802478][T10414]  ? __video_do_ioctl+0x4a4/0xfc0
[  150.802491][T10414]  vb2_ioctl_create_bufs+0x244/0x3e0
[  150.802505][T10414]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  150.802524][T10414]  vidioc_create_bufs+0x7d/0xf0
[  150.802537][T10414]  v4l_create_bufs+0x156/0x270
[  150.802555][T10414]  __video_do_ioctl+0xb3d/0xfc0
[  150.802567][T10414]  ? __might_fault+0xe3/0x190
[  150.802577][T10414]  ? __pfx___video_do_ioctl+0x10/0x10
[  150.802593][T10414]  video_usercopy+0x4cd/0x1720
[  150.802611][T10414]  ? __pfx___video_do_ioctl+0x10/0x10
[  150.802622][T10414]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  150.802639][T10414]  ? __pfx_video_usercopy+0x10/0x10
[  150.802661][T10414]  v4l2_ioctl+0x1ba/0x250
[  150.802673][T10414]  ? __pfx_v4l2_ioctl+0x10/0x10
[  150.802685][T10414]  __x64_sys_ioctl+0x190/0x200
[  150.802700][T10414]  do_syscall_64+0xcd/0x260
[  150.802716][T10414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.802726][T10414] RIP: 0033:0x7f451158e969
[  150.802735][T10414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.802745][T10414] RSP: 002b:00007f45123f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  150.802754][T10414] RAX: ffffffffffffffda RBX: 00007f45117b6080 RCX: 00007f451158e969
[  150.802761][T10414] RDX: 00002000000013c0 RSI: 00000000c100565c RDI: 0000000000000003
[  150.802767][T10414] RBP: 00007f4511610ab1 R08: 0000000000000000 R09: 0000000000000000
[  150.802773][T10414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.802779][T10414] R13: 0000000000000001 R14: 00007f45117b6080 R15: 00007ffd3f1e55c8
[  150.802793][T10414]  </TASK>
[  150.802797][T10414] Mem-Info:
[  150.907855][T10414] active_anon:8884 inactive_anon:0 isolated_anon:0
[  150.907855][T10414]  active_file:3547 inactive_file:53438 isolated_file:0
[  150.907855][T10414]  unevictable:1768 dirty:156 writeback:0
[  150.907855][T10414]  slab_reclaimable:11926 slab_unreclaimable:76777
[  150.907855][T10414]  mapped:24807 shmem:3425 pagetables:1207
[  150.907855][T10414]  sec_pagetables:307 bounce:0
[  150.907855][T10414]  kernel_misc_reclaimable:0
[  150.907855][T10414]  free:456708 free_pcp:3452 free_cma:0
[  150.922103][T10414] Node 0 active_anon:35520kB inactive_anon:0kB active_file:14188kB inactive_file:213516kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:99196kB dirty:608kB writeback:0kB shmem:10164kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12720kB pagetables:4824kB sec_pagetables:1228kB all_unreclaimable? no Balloon:0kB
[  150.933585][T10414] Node 1 active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:236kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:32kB dirty:16kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:4kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  150.936343][   T40] audit: type=1400 audit(1746849007.908:42748): avc:  denied  { append } for  pid=10427 comm="syz.2.1329" name="video7" dev="devtmpfs" ino=974 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  150.943994][T10414] Node 0 DMA free:15116kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:176kB local_pcp:0kB free_cma:0kB
[  150.958983][T10428] dlm: plock device version mismatch: kernel (1.2.0), user (320.8192.12)
[  150.960521][T10414] lowmem_reserve[]: 0 1238 1238 1238 1238
[  150.966549][T10414] Node 0 DMA32 free:232468kB boost:0kB min:27576kB low:34468kB high:41360kB reserved_highatomic:0KB active_anon:35144kB inactive_anon:0kB active_file:14188kB inactive_file:213516kB unevictable:3536kB writepending:608kB present:2080628kB managed:1268568kB mlocked:0kB bounce:0kB free_pcp:2108kB local_pcp:152kB free_cma:0kB
[  150.978323][T10414] lowmem_reserve[]: 0 0 0 0 0
[  150.979845][T10414] Node 1 Normal free:1580708kB boost:0kB min:39660kB low:49572kB high:59484kB reserved_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:236kB unevictable:3536kB writepending:16kB present:2097152kB managed:1781964kB mlocked:0kB bounce:0kB free_pcp:10860kB local_pcp:10444kB free_cma:0kB
[  150.990954][T10414] lowmem_reserve[]: 0 0 0 0 0
[  150.992583][T10414] Node 0 DMA: 11*4kB (UM) 12*8kB (UM) 12*16kB (U) 12*32kB (UM) 13*64kB (UM) 10*128kB (UM) 8*256kB (UM) 6*512kB (UM) 3*1024kB (UM) 2*2048kB (U) 0*4096kB = 15116kB
[  150.998468][T10414] Node 0 DMA32: 121*4kB (UME) 204*8kB (UME) 439*16kB (UME) 233*32kB (UME) 271*64kB (UME) 77*128kB (UME) 35*256kB (UM) 46*512kB (UME) 30*1024kB (UM) 25*2048kB (UM) 18*4096kB (UM) = 231956kB
[  151.004524][T10414] Node 1 Normal: 61*4kB (UME) 46*8kB (UME) 76*16kB (UME) 172*32kB (UME) 74*64kB (UE) 47*128kB (UME) 38*256kB (UE) 29*512kB (UM) 28*1024kB (UM) 9*2048kB (UE) 364*4096kB (UM) = 1580708kB
[  151.010966][T10414] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  151.014149][T10414] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  151.017639][T10414] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  151.020911][T10414] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  151.024002][T10414] 60407 total pagecache pages
[  151.025597][T10414] 0 pages in swap cache
[  151.028064][T10414] Free swap  = 124996kB
[  151.029707][T10414] Total swap = 124996kB
[  151.031458][T10414] 1048443 pages RAM
[  151.033039][T10414] 0 pages HighMem/MovableOnly
[  151.035232][T10414] 281970 pages reserved
[  151.036867][T10414] 0 pages cma reserved
[  151.064464][T10431] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  151.241507][   T40] audit: type=1400 audit(1746849008.208:42749): avc:  denied  { map } for  pid=10440 comm="syz.3.1333" path="socket:[37045]" dev="sockfs" ino=37045 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  151.243753][T10441] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  151.248659][   T40] audit: type=1400 audit(1746849008.208:42750): avc:  denied  { accept } for  pid=10440 comm="syz.3.1333" path="socket:[37045]" dev="sockfs" ino=37045 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  151.258871][T10441] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  151.927614][T10466] netlink: 'syz.1.1341': attribute type 1 has an invalid length.
[  151.930084][T10466] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1341'.
[  151.989399][T10474] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1344'.
[  151.993205][T10474] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=10474 comm=syz.1.1344
[  152.011537][T10476] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1345'.
[  152.052582][T10474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1344'.
[  152.178609][T10499] binder_alloc: binder_alloc_mmap_handler: 10497 200000ffd000-200001000000 already mapped failed -16
[  152.182629][T10498] binder: 10497:10498 ioctl c0306201 2000000003c0 returned -14
[  152.186720][T10496] vti0: entered promiscuous mode
[  152.186894][T10498] binder_alloc: 10497: binder_alloc_buf, no vma
[  152.239796][T10505] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1354'.
[  152.242626][T10509] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1
[  152.247416][T10508] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1354'.
[  152.298848][   T40] audit: type=1400 audit(1746849009.268:42751): avc:  denied  { read } for  pid=10506 comm="syz.3.1355" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  152.359745][T10519] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1358'.
[  152.365140][T10519] bond0: entered promiscuous mode
[  152.367542][T10519] batadv0: entered promiscuous mode
[  152.369838][T10519] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  152.373141][T10519] 8021q: adding VLAN 0 to HW filter on device hsr1
[  152.479424][   T29] usb 5-1: USB disconnect, device number 31
[  152.503188][ T5993] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  152.520060][T10534] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1362'.
[  152.522981][T10534] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1362'.
[  152.526044][T10534] netlink: 'syz.0.1362': attribute type 12 has an invalid length.
[  152.531091][T10534] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  152.664150][ T5993] usb 7-1: Using ep0 maxpacket: 8
[  152.668963][ T5993] usb 7-1: config 6 has an invalid interface number: 188 but max is 3
[  152.672205][ T5993] usb 7-1: config 6 has an invalid descriptor of length 1, skipping remainder of the config
[  152.676916][ T5993] usb 7-1: config 6 has 1 interface, different from the descriptor's value: 4
[  152.680326][ T5993] usb 7-1: config 6 has no interface number 0
[  152.683234][ T5993] usb 7-1: config 6 interface 188 altsetting 0 endpoint 0xB has invalid maxpacket 1023, setting to 64
[  152.688052][ T5993] usb 7-1: config 6 interface 188 altsetting 0 bulk endpoint 0xD has invalid maxpacket 64
[  152.692194][ T5993] usb 7-1: config 6 interface 188 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 12
[  152.698802][ T5993] usb 7-1: New USB device found, idVendor=1608, idProduct=030c, bcdDevice=75.e4
[  152.702716][ T5993] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.706111][ T5993] usb 7-1: Product: syz
[  152.707897][ T5993] usb 7-1: Manufacturer: syz
[  152.709774][ T5993] usb 7-1: SerialNumber: syz
[  152.713170][T10510] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  152.921453][ T5993] io_ti 7-1:6.188: required endpoints missing
[  152.926151][ T5993] usb 7-1: USB disconnect, device number 15
[  152.933975][   T29] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  153.090639][   T29] usb 5-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.01
[  153.093547][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.096194][   T29] usb 5-1: Product: syz
[  153.097530][   T29] usb 5-1: Manufacturer: syz
[  153.098991][   T29] usb 5-1: SerialNumber: syz
[  153.101756][   T29] usb 5-1: config 0 descriptor??
[  153.105022][   T29] go7007 5-1:0.0: Sensoray 2250 found
[  153.106776][   T29] go7007 5-1:0.0: probe with driver go7007 failed with error -12
[  153.203568][T10543] netlink: 'syz.3.1365': attribute type 3 has an invalid length.
[  153.312638][T10539] vlan0: entered promiscuous mode
[  153.315152][T10539] vlan0: entered allmulticast mode
[  153.317380][T10539] hsr_slave_1: entered allmulticast mode
[  153.325341][ T5974] usb 5-1: USB disconnect, device number 32
[  153.405924][T10546] syz.3.1366: attempt to access beyond end of device
[  153.405924][T10546] loop3: rw=0, sector=1, nr_sectors = 1 limit=0
[  153.411366][T10546] qnx4: unable to read the superblock
[  153.456478][T10549] loop6: detected capacity change from 0 to 63
[  153.469329][T10511] Buffer I/O error on dev loop6, logical block 0, async page read
[  153.472915][T10511] Buffer I/O error on dev loop6, logical block 0, async page read
[  153.476453][T10511] Buffer I/O error on dev loop6, logical block 0, async page read
[  153.477014][T10554] binder: BINDER_SET_CONTEXT_MGR already set
[  153.479806][T10511] Buffer I/O error on dev loop6, logical block 0, async page read
[  153.486810][T10511] Buffer I/O error on dev loop6, logical block 0, async page read
[  153.488167][T10554] binder: 10553:10554 ioctl 4018620d 200000003240 returned -16
[  153.489266][T10555] binder: 10553:10555 unknown command 0
[  153.489280][T10555] binder: 10553:10555 ioctl c0306201 200000000080 returned -22
[  153.489604][T10511] Buffer I/O error on dev loop6, logical block 0, async page read
[  153.489894][T10511] Buffer I/O error on dev loop6, logical block 3, async page read
[  153.492467][T10554] binder: BINDER_SET_CONTEXT_MGR already set
[  153.507435][T10554] binder: 10553:10554 ioctl 4018620d 200000003240 returned -16
[  153.646349][T10572] jfs: Unknown parameter 'usrquota('
[  154.268830][T10616] bridge_slave_1: left allmulticast mode
[  154.270864][T10616] bridge_slave_1: left promiscuous mode
[  154.272824][T10616] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.278945][T10616] bridge_slave_0: left allmulticast mode
[  154.280805][T10616] bridge_slave_0: left promiscuous mode
[  154.282771][T10616] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.502696][ T2217] syz1: Port: 1 Link ACTIVE
[  154.507954][T10627] bad cache= option: none

[  154.507954][T10627] 
[  154.510821][T10627] CIFS: VFS: bad cache= option: none

[  154.539718][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  154.539733][   T40] audit: type=1400 audit(1746849011.508:42759): avc:  denied  { mounton } for  pid=10629 comm="syz.3.1388" path="/347/file0" dev="devtmpfs" ino=725 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:removable_device_t tclass=blk_file permissive=1
[  154.568335][T10637] __nla_validate_parse: 67 callbacks suppressed
[  154.568347][T10637] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1391'.
[  154.616772][T10643] ISOFS: Unable to identify CD-ROM format.
[  154.647459][T10648] xt_CT: You must specify a L4 protocol and not use inversions on it
[  154.652362][T10650] ip6t_srh: unknown srh invflags 7D00
[  154.659609][T10652] ufs: You didn't specify the type of your ufs filesystem
[  154.659609][T10652] 
[  154.659609][T10652] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  154.659609][T10652] 
[  154.659609][T10652] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  154.670368][T10652] ufs: ufstype=old is supported read-only
[  154.672936][T10652] syz.0.1395: attempt to access beyond end of device
[  154.672936][T10652] loop0: rw=0, sector=16, nr_sectors = 2 limit=0
[  154.695674][T10654] tmpfs: Unknown parameter 'nr_inodeq'
[  154.698687][   T40] audit: type=1326 audit(1746849011.668:42760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10653 comm="syz.2.1396" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc92ab8e969 code=0x0
[  154.707110][T10656] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1397'.
[  154.710310][T10656] IPVS: Error joining to the multicast group
[  154.746315][   T40] audit: type=1107 audit(1746849011.718:42761): pid=10662 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  154.778113][T10671] 9pnet: Limiting 'msize' to 512000 as this is the maximum supported by transport virtio
[  154.781715][T10669] Driver unsupported XDP return value 0 on prog  (id 300) dev N/A, expect packet loss!
[  154.949235][T10691] fuse: Bad value for 'fd'
[  155.152092][T10711] lo speed is unknown, defaulting to 1000
[  155.250749][T10713] lo speed is unknown, defaulting to 1000
[  155.263811][   T40] audit: type=1400 audit(1746849012.228:42762): avc:  denied  { connect } for  pid=10722 comm="syz.0.1414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  155.276043][T10723] program syz.0.1414 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  155.345165][T10728] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1415'.
[  155.523489][T10736] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1417'.
[  155.756416][T10740] cdrom: dropping to single frame dma
[  155.842165][T10749] ubi31: attaching mtd0
[  155.844783][T10749] ubi31: scanning is finished
[  155.846256][T10749] ubi31: empty MTD device detected
[  155.895039][T10739] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  155.916838][T10749] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  155.919322][T10749] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  155.921660][   T40] audit: type=1400 audit(1746849012.888:42763): avc:  denied  { bind } for  pid=10751 comm="syz.1.1421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  155.924566][T10749] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  155.930517][T10749] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  155.933646][T10749] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  155.937991][T10749] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  155.941351][T10749] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1976022475
[  155.945419][T10749] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  155.951114][T10752] ubi31: background thread "ubi_bgt31d" started, PID 10752
[  156.102334][T10768] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1425'.
[  156.270638][T10783] binder: 10782:10783 ioctl c0306201 200000000480 returned -22
[  156.300648][ T5283] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  156.363883][ T5975] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  156.515218][ T5975] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.518577][ T5975] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.521866][ T5975] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  156.526427][ T5975] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  156.529242][ T5975] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.533500][ T5975] usb 7-1: config 0 descriptor??
[  156.938162][T10764] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=255 sclass=netlink_route_socket pid=10764 comm=syz.2.1424
[  156.942655][ T5975] plantronics 0003:047F:FFFF.000C: reserved main item tag 0xd
[  156.948318][ T5975] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving
[  156.955378][ T5975] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  156.964042][ T5975] usb 7-1: USB disconnect, device number 16
[  157.004746][T10793] fido_id[10793]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb7/report_descriptor': No such file or directory
[  157.194957][T10821] random: crng reseeded on system resumption
[  157.379916][T10837] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1441'.
[  157.415769][T10837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1441'.
[  157.455706][T10844] sysfs: cannot create duplicate filename '/class/ieee80211/���!���'
[  157.458682][T10844] CPU: 1 UID: 0 PID: 10844 Comm: syz.1.1443 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  157.458697][T10844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.458704][T10844] Call Trace:
[  157.458708][T10844]  <TASK>
[  157.458713][T10844]  dump_stack_lvl+0x16c/0x1f0
[  157.458731][T10844]  sysfs_warn_dup+0x7f/0xa0
[  157.458749][T10844]  sysfs_do_create_link_sd+0x124/0x140
[  157.458761][T10844]  sysfs_create_link+0x61/0xc0
[  157.458772][T10844]  device_add+0x62c/0x1a70
[  157.458787][T10844]  ? __pfx_device_add+0x10/0x10
[  157.458799][T10844]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  157.458818][T10844]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  157.458836][T10844]  wiphy_register+0x1c9c/0x2850
[  157.458846][T10844]  ? netdev_run_todo+0x864/0x1320
[  157.458858][T10844]  ? __dev_printk+0x260/0x270
[  157.458875][T10844]  ? __pfx_wiphy_register+0x10/0x10
[  157.458892][T10844]  ieee80211_register_hw+0x2432/0x4020
[  157.458913][T10844]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  157.458931][T10844]  ? find_held_lock+0x2b/0x80
[  157.458944][T10844]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  157.458960][T10844]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  157.458971][T10844]  ? __hrtimer_setup+0x176/0x280
[  157.458982][T10844]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  157.459003][T10844]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  157.459015][T10844]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  157.459029][T10844]  ? __asan_memcpy+0x3c/0x60
[  157.459045][T10844]  hwsim_new_radio_nl+0xb51/0x12c0
[  157.459060][T10844]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  157.459077][T10844]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  157.459092][T10844]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  157.459109][T10844]  genl_family_rcv_msg_doit+0x206/0x2f0
[  157.459124][T10844]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  157.459143][T10844]  ? bpf_lsm_capable+0x9/0x10
[  157.459151][T10844]  ? security_capable+0x7e/0x260
[  157.459164][T10844]  ? ns_capable+0xd7/0x110
[  157.459176][T10844]  genl_rcv_msg+0x55c/0x800
[  157.459191][T10844]  ? __pfx_genl_rcv_msg+0x10/0x10
[  157.459204][T10844]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  157.459219][T10844]  ? __lock_acquire+0xaa4/0x1ba0
[  157.459237][T10844]  netlink_rcv_skb+0x16a/0x440
[  157.459248][T10844]  ? __pfx_genl_rcv_msg+0x10/0x10
[  157.459270][T10844]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  157.459291][T10844]  ? __pfx_down_read+0x10/0x10
[  157.459308][T10844]  ? netlink_deliver_tap+0x1ae/0xd30
[  157.459322][T10844]  genl_rcv+0x28/0x40
[  157.459334][T10844]  netlink_unicast+0x53a/0x7f0
[  157.459349][T10844]  ? __pfx_netlink_unicast+0x10/0x10
[  157.459365][T10844]  netlink_sendmsg+0x8d1/0xdd0
[  157.459380][T10844]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.459397][T10844]  ____sys_sendmsg+0xa95/0xc70
[  157.459411][T10844]  ? copy_msghdr_from_user+0x10a/0x160
[  157.459425][T10844]  ? __pfx_____sys_sendmsg+0x10/0x10
[  157.459440][T10844]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  157.459460][T10844]  ___sys_sendmsg+0x134/0x1d0
[  157.459472][T10844]  ? __pfx____sys_sendmsg+0x10/0x10
[  157.459499][T10844]  __sys_sendmsg+0x16d/0x220
[  157.459510][T10844]  ? __pfx___sys_sendmsg+0x10/0x10
[  157.459519][T10844]  ? __x64_sys_futex+0x1e0/0x4c0
[  157.459536][T10844]  ? rcu_is_watching+0x12/0xc0
[  157.459553][T10844]  do_syscall_64+0xcd/0x260
[  157.459569][T10844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.459580][T10844] RIP: 0033:0x7f451158e969
[  157.459589][T10844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.459599][T10844] RSP: 002b:00007f4512415038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  157.459608][T10844] RAX: ffffffffffffffda RBX: 00007f45117b5fa0 RCX: 00007f451158e969
[  157.459615][T10844] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  157.459620][T10844] RBP: 00007f4511610ab1 R08: 0000000000000000 R09: 0000000000000000
[  157.459626][T10844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  157.459632][T10844] R13: 0000000000000000 R14: 00007f45117b5fa0 R15: 00007ffd3f1e55c8
[  157.459644][T10844]  </TASK>
[  157.639801][   T40] audit: type=1400 audit(1746849014.608:42764): avc:  denied  { ioctl } for  pid=10852 comm="syz.1.1444" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x63a1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  157.652104][T10837] 9pnet_fd: Insufficient options for proto=fd
[  157.663874][  T836] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  157.676954][T10860] fuse: Bad value for 'fd'
[  157.803825][  T836] usb 5-1: device descriptor read/64, error -71
[  157.837600][T10883] block device autoloading is deprecated and will be removed.
[  157.842053][   T40] audit: type=1400 audit(1746849014.808:42765): avc:  denied  { ioctl } for  pid=10872 comm="syz.1.1449" path="/382/file0/file0" dev="fuse" ino=64 ioctlcmd=0x92b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  157.895599][T10875] md2: using deprecated bitmap file support
[  157.897659][T10875] md2: error: bitmap file must be a regular file
[  157.943067][T10891] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1454'.
[  157.949479][T10891] macsec0: entered promiscuous mode
[  157.959139][T10891] block nbd1: NBD_DISCONNECT
[  158.063968][  T836] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  158.159545][T10894] netlink: 'syz.1.1455': attribute type 58 has an invalid length.
[  158.162932][T10894] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1455'.
[  158.194115][  T836] usb 5-1: device descriptor read/64, error -71
[  158.268077][T10895] program syz.1.1455 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  158.304199][  T836] usb usb5-port1: attempt power cycle
[  158.663817][  T836] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  158.684954][  T836] usb 5-1: device descriptor read/8, error -71
[  158.944117][  T836] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  158.947495][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  158.976748][  T836] usb 5-1: device descriptor read/8, error -71
[  158.987570][   T40] audit: type=1400 audit(1746849015.958:42766): avc:  denied  { read } for  pid=10902 comm="syz.1.1459" name="file0" dev="9p" ino=35913971 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  159.000023][   T40] audit: type=1400 audit(1746849015.968:42767): avc:  denied  { unlink } for  pid=10902 comm="syz.1.1459" name="file0" dev="9p" ino=35913971 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  159.015590][   T40] audit: type=1400 audit(1746849015.988:42768): avc:  denied  { create } for  pid=10902 comm="syz.1.1459" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  159.040970][T10908] xt_cluster: you have exceeded the maximum number of cluster nodes (4095 > 32)
[  159.095162][  T836] usb usb5-port1: unable to enumerate USB device
[  159.285995][T10938] sysfs: cannot create duplicate filename '/class/ieee80211/���!�'
[  159.288657][T10938] CPU: 3 UID: 0 PID: 10938 Comm: syz.2.1468 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  159.288672][T10938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.288679][T10938] Call Trace:
[  159.288683][T10938]  <TASK>
[  159.288687][T10938]  dump_stack_lvl+0x16c/0x1f0
[  159.288706][T10938]  sysfs_warn_dup+0x7f/0xa0
[  159.288723][T10938]  sysfs_do_create_link_sd+0x124/0x140
[  159.288735][T10938]  sysfs_create_link+0x61/0xc0
[  159.288745][T10938]  device_add+0x62c/0x1a70
[  159.288760][T10938]  ? __pfx_device_add+0x10/0x10
[  159.288772][T10938]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  159.288792][T10938]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  159.288810][T10938]  wiphy_register+0x1c9c/0x2850
[  159.288820][T10938]  ? netdev_run_todo+0x864/0x1320
[  159.288831][T10938]  ? __dev_printk+0x260/0x270
[  159.288849][T10938]  ? __pfx_wiphy_register+0x10/0x10
[  159.288865][T10938]  ieee80211_register_hw+0x2432/0x4020
[  159.288887][T10938]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  159.288905][T10938]  ? find_held_lock+0x2b/0x80
[  159.288917][T10938]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  159.288934][T10938]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  159.288944][T10938]  ? __hrtimer_setup+0x176/0x280
[  159.288956][T10938]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  159.288977][T10938]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  159.289011][T10938]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  159.289027][T10938]  ? __asan_memcpy+0x3c/0x60
[  159.289045][T10938]  hwsim_new_radio_nl+0xb51/0x12c0
[  159.289061][T10938]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  159.289081][T10938]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  159.289097][T10938]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  159.289115][T10938]  genl_family_rcv_msg_doit+0x206/0x2f0
[  159.289131][T10938]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  159.289150][T10938]  ? bpf_lsm_capable+0x9/0x10
[  159.289163][T10938]  ? security_capable+0x7e/0x260
[  159.289176][T10938]  ? ns_capable+0xd7/0x110
[  159.289191][T10938]  genl_rcv_msg+0x55c/0x800
[  159.289207][T10938]  ? __pfx_genl_rcv_msg+0x10/0x10
[  159.289222][T10938]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  159.289237][T10938]  ? __lock_acquire+0xaa4/0x1ba0
[  159.289256][T10938]  netlink_rcv_skb+0x16a/0x440
[  159.289269][T10938]  ? __pfx_genl_rcv_msg+0x10/0x10
[  159.289284][T10938]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  159.289303][T10938]  ? __pfx_down_read+0x10/0x10
[  159.289319][T10938]  ? netlink_deliver_tap+0x1ae/0xd30
[  159.289332][T10938]  genl_rcv+0x28/0x40
[  159.289343][T10938]  netlink_unicast+0x53a/0x7f0
[  159.289357][T10938]  ? __pfx_netlink_unicast+0x10/0x10
[  159.289372][T10938]  netlink_sendmsg+0x8d1/0xdd0
[  159.289386][T10938]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.289404][T10938]  ____sys_sendmsg+0xa95/0xc70
[  159.289417][T10938]  ? copy_msghdr_from_user+0x10a/0x160
[  159.289427][T10938]  ? __pfx_____sys_sendmsg+0x10/0x10
[  159.289442][T10938]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  159.289458][T10938]  ___sys_sendmsg+0x134/0x1d0
[  159.289469][T10938]  ? __pfx____sys_sendmsg+0x10/0x10
[  159.289495][T10938]  __sys_sendmsg+0x16d/0x220
[  159.289506][T10938]  ? __pfx___sys_sendmsg+0x10/0x10
[  159.289515][T10938]  ? __x64_sys_futex+0x1e0/0x4c0
[  159.289533][T10938]  ? rcu_is_watching+0x12/0xc0
[  159.289548][T10938]  do_syscall_64+0xcd/0x260
[  159.289563][T10938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.289574][T10938] RIP: 0033:0x7fc92ab8e969
[  159.289583][T10938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.289592][T10938] RSP: 002b:00007fc92badc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  159.289602][T10938] RAX: ffffffffffffffda RBX: 00007fc92adb5fa0 RCX: 00007fc92ab8e969
[  159.289608][T10938] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  159.289614][T10938] RBP: 00007fc92ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[  159.289619][T10938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  159.289625][T10938] R13: 0000000000000000 R14: 00007fc92adb5fa0 R15: 00007ffea21af8c8
[  159.289638][T10938]  </TASK>
[  159.785657][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  159.785671][   T40] audit: type=1400 audit(1746849016.758:42770): avc:  denied  { nlmsg_read } for  pid=10962 comm="syz.2.1472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  159.813060][   T40] audit: type=1400 audit(1746849016.778:42771): avc:  denied  { accept } for  pid=10964 comm="syz.3.1473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  159.819824][ T5283] Bluetooth: hci1: unexpected event for opcode 0x2011
[  159.850956][T10970] netlink: 'syz.2.1476': attribute type 4 has an invalid length.
[  159.854500][T10970] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1476'.
[  159.990169][T10978] netlink: 'syz.2.1477': attribute type 32 has an invalid length.
[  160.582446][T11028] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  161.137589][   T40] audit: type=1400 audit(1746849018.108:42772): avc:  denied  { read } for  pid=11071 comm="syz.2.1497" lport=57538 faddr=fe80::aa fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  161.138513][T11077] fuse: Bad value for 'fd'
[  161.200677][T11087] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11087 comm=syz.2.1502
[  161.335635][T11105] netlink: 'syz.2.1505': attribute type 4 has an invalid length.
[  161.397008][T11114] FAULT_INJECTION: forcing a failure.
[  161.397008][T11114] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.401142][T11114] CPU: 1 UID: 0 PID: 11114 Comm: syz.2.1508 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  161.401157][T11114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.401163][T11114] Call Trace:
[  161.401166][T11114]  <TASK>
[  161.401170][T11114]  dump_stack_lvl+0x16c/0x1f0
[  161.401187][T11114]  should_fail_ex+0x512/0x640
[  161.401203][T11114]  _copy_from_user+0x2e/0xd0
[  161.401218][T11114]  copy_from_sockptr_offset.constprop.0+0x153/0x1a0
[  161.401232][T11114]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  161.401245][T11114]  ? __lock_acquire+0xaa4/0x1ba0
[  161.401260][T11114]  ? _parse_integer_limit+0x17f/0x1d0
[  161.401271][T11114]  do_ipv6_getsockopt+0x217/0x2f50
[  161.401285][T11114]  ? __pfx_do_ipv6_getsockopt+0x10/0x10
[  161.401299][T11114]  ? avc_has_perm_noaudit+0x149/0x3b0
[  161.401312][T11114]  ? avc_has_perm+0x11a/0x1c0
[  161.401321][T11114]  ? __pfx_avc_has_perm+0x10/0x10
[  161.401331][T11114]  ? __lock_acquire+0xaa4/0x1ba0
[  161.401348][T11114]  ? sock_has_perm+0x259/0x2f0
[  161.401360][T11114]  ? ipv6_getsockopt+0x126/0x280
[  161.401370][T11114]  ipv6_getsockopt+0x126/0x280
[  161.401382][T11114]  ? __pfx_ipv6_getsockopt+0x10/0x10
[  161.401393][T11114]  ? __might_fault+0xe3/0x190
[  161.401402][T11114]  ? __might_fault+0x13b/0x190
[  161.401414][T11114]  udpv6_getsockopt+0x61/0xb0
[  161.401427][T11114]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  161.401441][T11114]  do_sock_getsockopt+0x3fc/0x800
[  161.401459][T11114]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  161.401470][T11114]  ? __fget_files+0x204/0x3c0
[  161.401492][T11114]  __sys_getsockopt+0x12f/0x260
[  161.401504][T11114]  __x64_sys_getsockopt+0xbd/0x160
[  161.401512][T11114]  ? do_syscall_64+0x91/0x260
[  161.401525][T11114]  ? lockdep_hardirqs_on+0x7c/0x110
[  161.401537][T11114]  do_syscall_64+0xcd/0x260
[  161.401551][T11114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.401561][T11114] RIP: 0033:0x7fc92ab8e969
[  161.401569][T11114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.401579][T11114] RSP: 002b:00007fc92badc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  161.401588][T11114] RAX: ffffffffffffffda RBX: 00007fc92adb5fa0 RCX: 00007fc92ab8e969
[  161.401594][T11114] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000003
[  161.401600][T11114] RBP: 00007fc92badc090 R08: 0000200000000440 R09: 0000000000000000
[  161.401606][T11114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.401611][T11114] R13: 0000000000000000 R14: 00007fc92adb5fa0 R15: 00007ffea21af8c8
[  161.401623][T11114]  </TASK>
[  161.584385][T11131] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  161.613280][T11135] FAULT_INJECTION: forcing a failure.
[  161.613280][T11135] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.613301][T11135] CPU: 3 UID: 0 PID: 11135 Comm: syz.0.1517 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  161.613313][T11135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.613319][T11135] Call Trace:
[  161.613322][T11135]  <TASK>
[  161.613326][T11135]  dump_stack_lvl+0x16c/0x1f0
[  161.613344][T11135]  should_fail_ex+0x512/0x640
[  161.613359][T11135]  _copy_to_user+0x32/0xd0
[  161.613374][T11135]  copy_to_sockptr_offset+0x15c/0x1b0
[  161.613386][T11135]  ? __pfx_copy_to_sockptr_offset+0x10/0x10
[  161.613396][T11135]  ? sockopt_release_sock+0x52/0x60
[  161.613408][T11135]  ? __local_bh_enable_ip+0xa4/0x120
[  161.613421][T11135]  ? lockdep_hardirqs_on+0x7c/0x110
[  161.613435][T11135]  do_ipv6_getsockopt+0xc71/0x2f50
[  161.613449][T11135]  ? __pfx_do_ipv6_getsockopt+0x10/0x10
[  161.613463][T11135]  ? avc_has_perm_noaudit+0x149/0x3b0
[  161.613475][T11135]  ? avc_has_perm+0x11a/0x1c0
[  161.613483][T11135]  ? __pfx_avc_has_perm+0x10/0x10
[  161.613494][T11135]  ? __lock_acquire+0xaa4/0x1ba0
[  161.613511][T11135]  ? sock_has_perm+0x259/0x2f0
[  161.613523][T11135]  ? ipv6_getsockopt+0x126/0x280
[  161.613534][T11135]  ipv6_getsockopt+0x126/0x280
[  161.613546][T11135]  ? __pfx_ipv6_getsockopt+0x10/0x10
[  161.613556][T11135]  ? __might_fault+0xe3/0x190
[  161.613565][T11135]  ? __might_fault+0x13b/0x190
[  161.613577][T11135]  udpv6_getsockopt+0x61/0xb0
[  161.613590][T11135]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  161.613603][T11135]  do_sock_getsockopt+0x3fc/0x800
[  161.613617][T11135]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  161.613629][T11135]  ? __fget_files+0x204/0x3c0
[  161.613650][T11135]  __sys_getsockopt+0x12f/0x260
[  161.613662][T11135]  __x64_sys_getsockopt+0xbd/0x160
[  161.613670][T11135]  ? do_syscall_64+0x91/0x260
[  161.613683][T11135]  ? lockdep_hardirqs_on+0x7c/0x110
[  161.613695][T11135]  do_syscall_64+0xcd/0x260
[  161.613724][T11135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.613734][T11135] RIP: 0033:0x7f761278e969
[  161.613742][T11135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.613751][T11135] RSP: 002b:00007f76135fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  161.613761][T11135] RAX: ffffffffffffffda RBX: 00007f76129b5fa0 RCX: 00007f761278e969
[  161.613767][T11135] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000003
[  161.613773][T11135] RBP: 00007f76135fa090 R08: 0000200000000440 R09: 0000000000000000
[  161.613778][T11135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.613783][T11135] R13: 0000000000000000 R14: 00007f76129b5fa0 R15: 00007ffd92a02f08
[  161.613796][T11135]  </TASK>
[  161.639739][   T40] audit: type=1400 audit(1746849018.608:42773): avc:  denied  { ioctl } for  pid=11136 comm="syz.0.1518" path="socket:[42043]" dev="sockfs" ino=42043 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  161.665777][T11139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1516'.
[  161.719948][   T40] audit: type=1400 audit(1746849018.688:42774): avc:  denied  { map } for  pid=11132 comm="syz.1.1516" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  161.730772][   T40] audit: type=1400 audit(1746849018.688:42775): avc:  denied  { execute } for  pid=11132 comm="syz.1.1516" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  161.759067][T11147] lo speed is unknown, defaulting to 1000
[  161.810942][T11142] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1518'.
[  161.854838][T11152] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1519'.
[  161.858872][T11152] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1519'.
[  161.865466][T11152] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1519'.
[  161.898029][T11152] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1519'.
[  161.901511][T11152] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  162.015580][T11180] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  162.023203][T11179] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  162.188375][ T5283] Bluetooth: hci2: unexpected event for opcode 0x0c1c
[  162.192834][   T40] audit: type=1400 audit(1746849019.158:42776): avc:  denied  { accept } for  pid=11194 comm="syz.0.1525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  162.193771][T11195] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1525'.
[  162.238981][T11197] netlink: 'syz.0.1526': attribute type 4 has an invalid length.
[  162.455705][   T40] audit: type=1400 audit(1746849019.428:42777): avc:  denied  { bind } for  pid=11201 comm="syz.2.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  162.680876][   T40] audit: type=1400 audit(1746849019.648:42778): avc:  denied  { ioctl } for  pid=11219 comm="syz.2.1532" path="socket:[41186]" dev="sockfs" ino=41186 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  162.732609][T11229] IPv6: sit1: Disabled Multicast RS
[  162.734933][T11229] sit1: entered allmulticast mode
[  162.782904][T11230] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  162.783289][T11233] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  162.851610][   T40] audit: type=1326 audit(1746849019.818:42779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11239 comm="syz.2.1535" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc92ab8e969 code=0x0
[  162.907520][ T8967] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  162.918370][T11247] netlink: 'syz.0.1536': attribute type 12 has an invalid length.
[  162.920919][T11247] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1536'.
[  162.947734][T11246] IPVS: set_ctl: invalid protocol: 43 172.30.1.3:20004
[  162.975353][T11254] netlink: 'syz.1.1538': attribute type 1 has an invalid length.
[  162.977842][T11254] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1538'.
[  162.981240][T11254] No control pipe specified
[  162.981358][T11255] No control pipe specified
[  163.010855][T11258] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  163.030112][T11261] bridge_slave_0: left allmulticast mode
[  163.031920][T11261] bridge_slave_0: left promiscuous mode
[  163.044448][T11261] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.044786][T11253] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  163.050931][T11261] bridge_slave_1: left allmulticast mode
[  163.052780][T11261] bridge_slave_1: left promiscuous mode
[  163.055789][T11261] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.084866][T11261] bond0: (slave bond_slave_0): Releasing backup interface
[  163.089091][T11261] bond_slave_0: left promiscuous mode
[  163.132117][    C0] vkms_vblank_simulate: vblank timer overrun
[  163.137383][T11261] bond0: (slave bond_slave_1): Releasing backup interface
[  163.148151][T11261] bond_slave_1: left promiscuous mode
[  163.165030][T11261] team0: Port device team_slave_1 removed
[  163.167307][T11261] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.169820][T11261] batman_adv: batadv0: Removing interface: batadv_slave_0
[  163.290036][T11288] netlink: 'syz.1.1549': attribute type 14 has an invalid length.
[  163.322863][T11288] syz.1.1549: attempt to access beyond end of device
[  163.322863][T11288] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0
[  163.328838][T11288] XFS (nbd1): SB validate failed with error -5.
[  163.347353][T11290] overlay: Unknown parameter 'fsname'
[  163.386726][T11301] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x2
[  163.397730][T11301] xt_hashlimit: max too large, truncated to 1048576
[  163.400232][T11301] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[  163.483022][T11311] Bluetooth: MGMT ver 1.23
[  163.488601][T11311] netlink: 'syz.1.1555': attribute type 20 has an invalid length.
[  164.039370][  T836] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[  164.041781][  T836] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[  164.044982][  T836] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[  164.064843][  T836] hid-generic 0000:0004:0000.000D: hidraw1: <UNKNOWN> HID v0.04 Device [syz0] on syz1
[  164.931084][T11362] __nla_validate_parse: 4 callbacks suppressed
[  164.931101][T11362] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1570'.
[  164.939174][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  164.939183][   T40] audit: type=1400 audit(1746849021.908:42786): avc:  denied  { map } for  pid=11361 comm="syz.1.1570" path="socket:[43411]" dev="sockfs" ino=43411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  164.988064][T11368] FAULT_INJECTION: forcing a failure.
[  164.988064][T11368] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.992212][T11368] CPU: 0 UID: 0 PID: 11368 Comm: syz.1.1572 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  164.992227][T11368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.992233][T11368] Call Trace:
[  164.992237][T11368]  <TASK>
[  164.992241][T11368]  dump_stack_lvl+0x16c/0x1f0
[  164.992260][T11368]  should_fail_ex+0x512/0x640
[  164.992275][T11368]  _copy_from_user+0x2e/0xd0
[  164.992289][T11368]  copy_msghdr_from_user+0x98/0x160
[  164.992301][T11368]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  164.992317][T11368]  ___sys_sendmsg+0xfe/0x1d0
[  164.992327][T11368]  ? __pfx____sys_sendmsg+0x10/0x10
[  164.992352][T11368]  __sys_sendmsg+0x16d/0x220
[  164.992362][T11368]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.992380][T11368]  do_syscall_64+0xcd/0x260
[  164.992399][T11368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.992410][T11368] RIP: 0033:0x7f451158e969
[  164.992418][T11368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.992428][T11368] RSP: 002b:00007f4512415038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.992437][T11368] RAX: ffffffffffffffda RBX: 00007f45117b5fa0 RCX: 00007f451158e969
[  164.992444][T11368] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  164.992449][T11368] RBP: 00007f4512415090 R08: 0000000000000000 R09: 0000000000000000
[  164.992455][T11368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.992460][T11368] R13: 0000000000000000 R14: 00007f45117b5fa0 R15: 00007ffd3f1e55c8
[  164.992473][T11368]  </TASK>
[  165.043133][    C0] vkms_vblank_simulate: vblank timer overrun
[  165.166244][   T40] audit: type=1400 audit(1746849022.138:42787): avc:  denied  { read } for  pid=11382 comm="syz.0.1580" path="socket:[41572]" dev="sockfs" ino=41572 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  165.172754][T11387] QAT: Device 7 not found
[  165.181380][   T40] audit: type=1804 audit(1746849022.148:42788): pid=11389 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.1581" name="/newroot/432/file0" dev="tmpfs" ino=2354 res=1 errno=0
[  165.190300][T11389] netlink: 'syz.1.1581': attribute type 39 has an invalid length.
[  165.197873][T11389] veth0_macvtap: left allmulticast mode
[  165.200411][T11389] veth0_macvtap: left promiscuous mode
[  165.218237][T11394] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  165.218939][T11393] IPVS: stopping master sync thread 11394 ...
[  165.241607][   T40] audit: type=1804 audit(1746849022.208:42789): pid=11395 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.1581" name="/newroot/432/file0" dev="tmpfs" ino=2354 res=1 errno=0
[  165.267405][   T40] audit: type=1400 audit(1746849022.238:42790): avc:  denied  { mount } for  pid=11398 comm="syz.0.1584" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  165.275068][   T40] audit: type=1400 audit(1746849022.248:42791): avc:  denied  { search } for  pid=11398 comm="syz.0.1584" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=dir permissive=1
[  165.286448][   T40] audit: type=1400 audit(1746849022.258:42792): avc:  denied  { unmount } for  pid=5937 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  165.319649][T11402] sysfs: cannot create duplicate filename '/class/ieee80211/���!�'
[  165.322176][T11402] CPU: 1 UID: 0 PID: 11402 Comm: syz.0.1585 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  165.322189][T11402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.322195][T11402] Call Trace:
[  165.322199][T11402]  <TASK>
[  165.322203][T11402]  dump_stack_lvl+0x16c/0x1f0
[  165.322221][T11402]  sysfs_warn_dup+0x7f/0xa0
[  165.322239][T11402]  sysfs_do_create_link_sd+0x124/0x140
[  165.322250][T11402]  sysfs_create_link+0x61/0xc0
[  165.322263][T11402]  device_add+0x62c/0x1a70
[  165.322278][T11402]  ? __pfx_device_add+0x10/0x10
[  165.322290][T11402]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.322309][T11402]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  165.322328][T11402]  wiphy_register+0x1c9c/0x2850
[  165.322338][T11402]  ? netdev_run_todo+0x864/0x1320
[  165.322350][T11402]  ? __dev_printk+0x260/0x270
[  165.322368][T11402]  ? __pfx_wiphy_register+0x10/0x10
[  165.322384][T11402]  ieee80211_register_hw+0x2432/0x4020
[  165.322406][T11402]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  165.322424][T11402]  ? find_held_lock+0x2b/0x80
[  165.322436][T11402]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.322453][T11402]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  165.322463][T11402]  ? __hrtimer_setup+0x176/0x280
[  165.322475][T11402]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  165.322495][T11402]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  165.322506][T11402]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  165.322521][T11402]  ? __asan_memcpy+0x3c/0x60
[  165.322538][T11402]  hwsim_new_radio_nl+0xb51/0x12c0
[  165.322552][T11402]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  165.322570][T11402]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  165.322585][T11402]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  165.322602][T11402]  genl_family_rcv_msg_doit+0x206/0x2f0
[  165.322616][T11402]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  165.322635][T11402]  ? bpf_lsm_capable+0x9/0x10
[  165.322643][T11402]  ? security_capable+0x7e/0x260
[  165.322656][T11402]  ? ns_capable+0xd7/0x110
[  165.322668][T11402]  genl_rcv_msg+0x55c/0x800
[  165.322683][T11402]  ? __pfx_genl_rcv_msg+0x10/0x10
[  165.322697][T11402]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  165.322711][T11402]  ? __lock_acquire+0xaa4/0x1ba0
[  165.322728][T11402]  netlink_rcv_skb+0x16a/0x440
[  165.322740][T11402]  ? __pfx_genl_rcv_msg+0x10/0x10
[  165.322754][T11402]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  165.322774][T11402]  ? __pfx_down_read+0x10/0x10
[  165.322790][T11402]  ? netlink_deliver_tap+0x1ae/0xd30
[  165.322803][T11402]  genl_rcv+0x28/0x40
[  165.322814][T11402]  netlink_unicast+0x53a/0x7f0
[  165.322827][T11402]  ? __pfx_netlink_unicast+0x10/0x10
[  165.322843][T11402]  netlink_sendmsg+0x8d1/0xdd0
[  165.322857][T11402]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.322874][T11402]  ____sys_sendmsg+0xa95/0xc70
[  165.322888][T11402]  ? copy_msghdr_from_user+0x10a/0x160
[  165.322897][T11402]  ? __pfx_____sys_sendmsg+0x10/0x10
[  165.322913][T11402]  ? try_to_wake_up+0xa2f/0x1680
[  165.322927][T11402]  ___sys_sendmsg+0x134/0x1d0
[  165.322938][T11402]  ? __pfx____sys_sendmsg+0x10/0x10
[  165.322966][T11402]  __sys_sendmsg+0x16d/0x220
[  165.322976][T11402]  ? __pfx___sys_sendmsg+0x10/0x10
[  165.322986][T11402]  ? __x64_sys_futex+0x1e0/0x4c0
[  165.323003][T11402]  ? rcu_is_watching+0x12/0xc0
[  165.323018][T11402]  do_syscall_64+0xcd/0x260
[  165.323033][T11402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.323044][T11402] RIP: 0033:0x7f761278e969
[  165.323053][T11402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.323062][T11402] RSP: 002b:00007f76135fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.323072][T11402] RAX: ffffffffffffffda RBX: 00007f76129b5fa0 RCX: 00007f761278e969
[  165.323079][T11402] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  165.323084][T11402] RBP: 00007f7612810ab1 R08: 0000000000000000 R09: 0000000000000000
[  165.323090][T11402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  165.323096][T11402] R13: 0000000000000000 R14: 00007f76129b5fa0 R15: 00007ffd92a02f08
[  165.323109][T11402]  </TASK>
[  165.353547][T11404] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=11404 comm=syz.1.1586
[  165.573264][   T40] audit: type=1400 audit(1746849022.538:42793): avc:  denied  { getopt } for  pid=11418 comm="syz.0.1591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  165.574008][T11420] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1591'.
[  165.582312][T11420] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1591'.
[  165.658795][T11430] random: crng reseeded on system resumption
[  165.678252][T11432] sysfs: cannot create duplicate filename '/class/ieee80211/���!�'
[  165.681528][T11432] CPU: 3 UID: 0 PID: 11432 Comm: syz.1.1595 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  165.681550][T11432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.681560][T11432] Call Trace:
[  165.681566][T11432]  <TASK>
[  165.681573][T11432]  dump_stack_lvl+0x16c/0x1f0
[  165.681599][T11432]  sysfs_warn_dup+0x7f/0xa0
[  165.681622][T11432]  sysfs_do_create_link_sd+0x124/0x140
[  165.681639][T11432]  sysfs_create_link+0x61/0xc0
[  165.681653][T11432]  device_add+0x62c/0x1a70
[  165.681674][T11432]  ? __pfx_device_add+0x10/0x10
[  165.681690][T11432]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.681715][T11432]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  165.681740][T11432]  wiphy_register+0x1c9c/0x2850
[  165.681754][T11432]  ? netdev_run_todo+0x864/0x1320
[  165.681770][T11432]  ? __dev_printk+0x260/0x270
[  165.681796][T11432]  ? __pfx_wiphy_register+0x10/0x10
[  165.681824][T11432]  ieee80211_register_hw+0x2432/0x4020
[  165.681855][T11432]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  165.681880][T11432]  ? find_held_lock+0x2b/0x80
[  165.681899][T11432]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.681925][T11432]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  165.681940][T11432]  ? __hrtimer_setup+0x176/0x280
[  165.681957][T11432]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  165.681989][T11432]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  165.682006][T11432]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  165.682027][T11432]  ? __asan_memcpy+0x3c/0x60
[  165.682068][T11432]  hwsim_new_radio_nl+0xb51/0x12c0
[  165.682093][T11432]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  165.682123][T11432]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  165.682151][T11432]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  165.682178][T11432]  genl_family_rcv_msg_doit+0x206/0x2f0
[  165.682200][T11432]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  165.682227][T11432]  ? bpf_lsm_capable+0x9/0x10
[  165.682239][T11432]  ? security_capable+0x7e/0x260
[  165.682257][T11432]  ? ns_capable+0xd7/0x110
[  165.682277][T11432]  genl_rcv_msg+0x55c/0x800
[  165.682300][T11432]  ? __pfx_genl_rcv_msg+0x10/0x10
[  165.682320][T11432]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  165.682343][T11432]  ? __lock_acquire+0xaa4/0x1ba0
[  165.682369][T11432]  netlink_rcv_skb+0x16a/0x440
[  165.682386][T11432]  ? __pfx_genl_rcv_msg+0x10/0x10
[  165.682407][T11432]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  165.682436][T11432]  ? __pfx_down_read+0x10/0x10
[  165.682459][T11432]  ? netlink_deliver_tap+0x1ae/0xd30
[  165.682481][T11432]  genl_rcv+0x28/0x40
[  165.682498][T11432]  netlink_unicast+0x53a/0x7f0
[  165.682514][T11432]  ? __pfx_netlink_unicast+0x10/0x10
[  165.682530][T11432]  netlink_sendmsg+0x8d1/0xdd0
[  165.682544][T11432]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.682562][T11432]  ____sys_sendmsg+0xa95/0xc70
[  165.682576][T11432]  ? copy_msghdr_from_user+0x10a/0x160
[  165.682586][T11432]  ? __pfx_____sys_sendmsg+0x10/0x10
[  165.682601][T11432]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  165.682617][T11432]  ___sys_sendmsg+0x134/0x1d0
[  165.682628][T11432]  ? __pfx____sys_sendmsg+0x10/0x10
[  165.682656][T11432]  __sys_sendmsg+0x16d/0x220
[  165.682667][T11432]  ? __pfx___sys_sendmsg+0x10/0x10
[  165.682677][T11432]  ? __x64_sys_futex+0x1e0/0x4c0
[  165.682694][T11432]  ? rcu_is_watching+0x12/0xc0
[  165.682711][T11432]  do_syscall_64+0xcd/0x260
[  165.682726][T11432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.682736][T11432] RIP: 0033:0x7f451158e969
[  165.682745][T11432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.682755][T11432] RSP: 002b:00007f4512415038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.682765][T11432] RAX: ffffffffffffffda RBX: 00007f45117b5fa0 RCX: 00007f451158e969
[  165.682772][T11432] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  165.682777][T11432] RBP: 00007f4511610ab1 R08: 0000000000000000 R09: 0000000000000000
[  165.682783][T11432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  165.682788][T11432] R13: 0000000000000000 R14: 00007f45117b5fa0 R15: 00007ffd3f1e55c8
[  165.682802][T11432]  </TASK>
[  165.815909][   T40] audit: type=1400 audit(1746849022.788:42794): avc:  denied  { ioctl } for  pid=11429 comm="syz.0.1594" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x330f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  165.828849][T11441] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1598'.
[  165.832010][T11441] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1598'.
[  166.022642][T11453] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1603'.
[  166.064642][T11457] xt_l2tp: unknown flags: 17
[  166.066748][T11457] openvswitch: netlink: IP tunnel dst address not specified
[  166.143918][T11467] overlayfs: failed to resolve './file1': -2
[  166.147605][T11467] nbd: must specify an index to disconnect
[  166.149667][T11467] SELinux:  Context system_u:object_r:cgroup_t:s0 is not valid (left unmapped).
[  166.153095][   T40] audit: type=1400 audit(1746849023.118:42795): avc:  denied  { relabelto } for  pid=11466 comm="syz.2.1607" name="file0" dev="tmpfs" ino=897 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:cgroup_t:s0"
[  166.154258][T11467] overlayfs: failed to resolve './file1': -2
[  166.243646][T11475] sysfs: cannot create duplicate filename '/class/ieee80211/���!�'
[  166.248083][T11475] CPU: 2 UID: 0 PID: 11475 Comm: syz.2.1609 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  166.248097][T11475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.248104][T11475] Call Trace:
[  166.248108][T11475]  <TASK>
[  166.248112][T11475]  dump_stack_lvl+0x16c/0x1f0
[  166.248130][T11475]  sysfs_warn_dup+0x7f/0xa0
[  166.248147][T11475]  sysfs_do_create_link_sd+0x124/0x140
[  166.248158][T11475]  sysfs_create_link+0x61/0xc0
[  166.248168][T11475]  device_add+0x62c/0x1a70
[  166.248186][T11475]  ? __pfx_device_add+0x10/0x10
[  166.248198][T11475]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.248216][T11475]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  166.248235][T11475]  wiphy_register+0x1c9c/0x2850
[  166.248244][T11475]  ? netdev_run_todo+0x864/0x1320
[  166.248255][T11475]  ? __dev_printk+0x260/0x270
[  166.248275][T11475]  ? __pfx_wiphy_register+0x10/0x10
[  166.248292][T11475]  ieee80211_register_hw+0x2432/0x4020
[  166.248314][T11475]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  166.248331][T11475]  ? find_held_lock+0x2b/0x80
[  166.248344][T11475]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.248360][T11475]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  166.248371][T11475]  ? __hrtimer_setup+0x176/0x280
[  166.248383][T11475]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  166.248404][T11475]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  166.248415][T11475]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  166.248430][T11475]  ? __asan_memcpy+0x3c/0x60
[  166.248447][T11475]  hwsim_new_radio_nl+0xb51/0x12c0
[  166.248462][T11475]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  166.248480][T11475]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  166.248495][T11475]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  166.248512][T11475]  genl_family_rcv_msg_doit+0x206/0x2f0
[  166.248526][T11475]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  166.248544][T11475]  ? bpf_lsm_capable+0x9/0x10
[  166.248553][T11475]  ? security_capable+0x7e/0x260
[  166.248565][T11475]  ? ns_capable+0xd7/0x110
[  166.248578][T11475]  genl_rcv_msg+0x55c/0x800
[  166.248593][T11475]  ? __pfx_genl_rcv_msg+0x10/0x10
[  166.248606][T11475]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  166.248621][T11475]  ? __lock_acquire+0xaa4/0x1ba0
[  166.248638][T11475]  netlink_rcv_skb+0x16a/0x440
[  166.248650][T11475]  ? __pfx_genl_rcv_msg+0x10/0x10
[  166.248663][T11475]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  166.248682][T11475]  ? __pfx_down_read+0x10/0x10
[  166.248698][T11475]  ? netlink_deliver_tap+0x1ae/0xd30
[  166.248711][T11475]  genl_rcv+0x28/0x40
[  166.248722][T11475]  netlink_unicast+0x53a/0x7f0
[  166.248736][T11475]  ? __pfx_netlink_unicast+0x10/0x10
[  166.248751][T11475]  netlink_sendmsg+0x8d1/0xdd0
[  166.248765][T11475]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.248782][T11475]  ____sys_sendmsg+0xa95/0xc70
[  166.248796][T11475]  ? copy_msghdr_from_user+0x10a/0x160
[  166.248806][T11475]  ? __pfx_____sys_sendmsg+0x10/0x10
[  166.248821][T11475]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  166.248836][T11475]  ___sys_sendmsg+0x134/0x1d0
[  166.248847][T11475]  ? __pfx____sys_sendmsg+0x10/0x10
[  166.248875][T11475]  __sys_sendmsg+0x16d/0x220
[  166.248885][T11475]  ? __pfx___sys_sendmsg+0x10/0x10
[  166.248895][T11475]  ? __x64_sys_futex+0x1e0/0x4c0
[  166.248938][T11475]  do_syscall_64+0xcd/0x260
[  166.248957][T11475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.248969][T11475] RIP: 0033:0x7fc92ab8e969
[  166.248978][T11475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.248988][T11475] RSP: 002b:00007fc92badc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  166.248999][T11475] RAX: ffffffffffffffda RBX: 00007fc92adb5fa0 RCX: 00007fc92ab8e969
[  166.249006][T11475] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  166.249012][T11475] RBP: 00007fc92ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[  166.249017][T11475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  166.249023][T11475] R13: 0000000000000000 R14: 00007fc92adb5fa0 R15: 00007ffea21af8c8
[  166.249037][T11475]  </TASK>
[  166.462804][T11491] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1614'.
[  166.513810][ T2217] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  166.534879][ T6057] libceph: connect (1)[c::]:6789 error -101
[  166.537428][ T6057] libceph: mon0 (1)[c::]:6789 connect error
[  166.673784][ T2217] usb 6-1: Using ep0 maxpacket: 16
[  166.678748][ T2217] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  166.681617][ T2217] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  166.684515][ T2217] usb 6-1: Product: syz
[  166.685880][ T2217] usb 6-1: Manufacturer: syz
[  166.687347][ T2217] usb 6-1: SerialNumber: syz
[  166.690177][ T2217] usb 6-1: config 0 descriptor??
[  166.749608][T11513] netlink: 165 bytes leftover after parsing attributes in process `syz.0.1620'.
[  166.765433][T11516] batadv_slave_0: entered promiscuous mode
[  166.804668][ T2217] libceph: connect (1)[c::]:6789 error -101
[  166.807174][ T2217] libceph: mon0 (1)[c::]:6789 connect error
[  166.902966][  T836] usb 6-1: USB disconnect, device number 14
[  166.990870][T11532] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  167.042067][T11548] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  167.134918][T11545] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  167.157628][T11571] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1634'.
[  167.196571][T11577] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1636'.
[  167.275096][    C3] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  167.314220][ T6057] libceph: connect (1)[c::]:6789 error -101
[  167.317695][ T6057] libceph: mon0 (1)[c::]:6789 connect error
[  167.361739][T11494] ceph: No mds server is up or the cluster is laggy
[  167.420587][T11609] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1281 sclass=netlink_route_socket pid=11609 comm=syz.1.1644
[  167.582754][T11636] ipt_ECN: cannot use operation on non-tcp rule
[  167.793794][ T6057] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  167.946497][ T6057] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  167.950383][ T6057] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.954219][ T6057] usb 5-1: Product: syz
[  167.955996][ T6057] usb 5-1: Manufacturer: syz
[  167.957942][ T6057] usb 5-1: SerialNumber: syz
[  167.965278][ T6057] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  167.977748][ T6057] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  168.170374][T11668] sysfs: cannot create duplicate filename '/class/ieee80211/���!�'
[  168.172971][T11668] CPU: 2 UID: 0 PID: 11668 Comm: syz.3.1661 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  168.172986][T11668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.172992][T11668] Call Trace:
[  168.172996][T11668]  <TASK>
[  168.173001][T11668]  dump_stack_lvl+0x16c/0x1f0
[  168.173035][T11668]  sysfs_warn_dup+0x7f/0xa0
[  168.173053][T11668]  sysfs_do_create_link_sd+0x124/0x140
[  168.173065][T11668]  sysfs_create_link+0x61/0xc0
[  168.173075][T11668]  device_add+0x62c/0x1a70
[  168.173098][T11668]  ? __pfx_device_add+0x10/0x10
[  168.173109][T11668]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  168.173129][T11668]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  168.173148][T11668]  wiphy_register+0x1c9c/0x2850
[  168.173158][T11668]  ? netdev_run_todo+0x864/0x1320
[  168.173170][T11668]  ? __dev_printk+0x260/0x270
[  168.173188][T11668]  ? __pfx_wiphy_register+0x10/0x10
[  168.173205][T11668]  ieee80211_register_hw+0x2432/0x4020
[  168.173227][T11668]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  168.173244][T11668]  ? find_held_lock+0x2b/0x80
[  168.173257][T11668]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  168.173273][T11668]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  168.173285][T11668]  ? __hrtimer_setup+0x176/0x280
[  168.173303][T11668]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  168.173333][T11668]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  168.173353][T11668]  ? __asan_memcpy+0x3c/0x60
[  168.173378][T11668]  hwsim_new_radio_nl+0xb51/0x12c0
[  168.173401][T11668]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  168.173428][T11668]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  168.173450][T11668]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  168.173467][T11668]  genl_family_rcv_msg_doit+0x206/0x2f0
[  168.173482][T11668]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  168.173500][T11668]  ? bpf_lsm_capable+0x9/0x10
[  168.173509][T11668]  ? security_capable+0x7e/0x260
[  168.173521][T11668]  ? ns_capable+0xd7/0x110
[  168.173534][T11668]  genl_rcv_msg+0x55c/0x800
[  168.173549][T11668]  ? __pfx_genl_rcv_msg+0x10/0x10
[  168.173562][T11668]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  168.173577][T11668]  ? __lock_acquire+0xaa4/0x1ba0
[  168.173594][T11668]  netlink_rcv_skb+0x16a/0x440
[  168.173606][T11668]  ? __pfx_genl_rcv_msg+0x10/0x10
[  168.173620][T11668]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  168.173639][T11668]  ? __pfx_down_read+0x10/0x10
[  168.173655][T11668]  ? netlink_deliver_tap+0x1ae/0xd30
[  168.173668][T11668]  genl_rcv+0x28/0x40
[  168.173680][T11668]  netlink_unicast+0x53a/0x7f0
[  168.173693][T11668]  ? __pfx_netlink_unicast+0x10/0x10
[  168.173725][T11668]  netlink_sendmsg+0x8d1/0xdd0
[  168.173741][T11668]  ? __pfx_netlink_sendmsg+0x10/0x10
[  168.173760][T11668]  ____sys_sendmsg+0xa95/0xc70
[  168.173775][T11668]  ? copy_msghdr_from_user+0x10a/0x160
[  168.173786][T11668]  ? __pfx_____sys_sendmsg+0x10/0x10
[  168.173803][T11668]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  168.173820][T11668]  ___sys_sendmsg+0x134/0x1d0
[  168.173832][T11668]  ? __pfx____sys_sendmsg+0x10/0x10
[  168.173862][T11668]  __sys_sendmsg+0x16d/0x220
[  168.173872][T11668]  ? __pfx___sys_sendmsg+0x10/0x10
[  168.173882][T11668]  ? __x64_sys_futex+0x1e0/0x4c0
[  168.173899][T11668]  ? rcu_is_watching+0x12/0xc0
[  168.173915][T11668]  do_syscall_64+0xcd/0x260
[  168.173930][T11668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.173941][T11668] RIP: 0033:0x7fc7ccf8e969
[  168.173951][T11668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.173961][T11668] RSP: 002b:00007fc7cddd2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  168.173971][T11668] RAX: ffffffffffffffda RBX: 00007fc7cd1b5fa0 RCX: 00007fc7ccf8e969
[  168.173977][T11668] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  168.173983][T11668] RBP: 00007fc7cd010ab1 R08: 0000000000000000 R09: 0000000000000000
[  168.173988][T11668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  168.173994][T11668] R13: 0000000000000000 R14: 00007fc7cd1b5fa0 R15: 00007ffc990d22b8
[  168.174007][T11668]  </TASK>
[  168.311099][T11634] trusted_key: encrypted_key: hex blob is missing
[  168.322203][   T29] usb 5-1: USB disconnect, device number 37
[  168.530336][T11675] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=11675 comm=syz.3.1662
[  168.566954][T11678] netlink: 'syz.3.1663': attribute type 39 has an invalid length.
[  168.712992][T11682] siw: device registration error -23
[  169.012350][T11701] syz.3.1669: attempt to access beyond end of device
[  169.012350][T11701] loop3: rw=0, sector=1, nr_sectors = 1 limit=0
[  169.016813][T11701] qnx4: unable to read the superblock
[  169.044315][ T6057] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  169.047118][ T6057] ath9k_htc: Failed to initialize the device
[  169.050377][   T29] usb 5-1: ath9k_htc: USB layer deinitialized
[  169.081981][T11706] sysfs: cannot create duplicate filename '/class/ieee80211/���!�'
[  169.085506][T11706] CPU: 2 UID: 0 PID: 11706 Comm: syz.0.1670 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  169.085521][T11706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.085529][T11706] Call Trace:
[  169.085532][T11706]  <TASK>
[  169.085537][T11706]  dump_stack_lvl+0x16c/0x1f0
[  169.085555][T11706]  sysfs_warn_dup+0x7f/0xa0
[  169.085573][T11706]  sysfs_do_create_link_sd+0x124/0x140
[  169.085584][T11706]  sysfs_create_link+0x61/0xc0
[  169.085595][T11706]  device_add+0x62c/0x1a70
[  169.085609][T11706]  ? __pfx_device_add+0x10/0x10
[  169.085621][T11706]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  169.085641][T11706]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  169.085659][T11706]  wiphy_register+0x1c9c/0x2850
[  169.085668][T11706]  ? netdev_run_todo+0x864/0x1320
[  169.085680][T11706]  ? __dev_printk+0x260/0x270
[  169.085698][T11706]  ? __pfx_wiphy_register+0x10/0x10
[  169.085715][T11706]  ieee80211_register_hw+0x2432/0x4020
[  169.085737][T11706]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  169.085755][T11706]  ? find_held_lock+0x2b/0x80
[  169.085767][T11706]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  169.085784][T11706]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  169.085796][T11706]  ? __hrtimer_setup+0x176/0x280
[  169.085807][T11706]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  169.085828][T11706]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  169.085839][T11706]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  169.085855][T11706]  ? __asan_memcpy+0x3c/0x60
[  169.085871][T11706]  hwsim_new_radio_nl+0xb51/0x12c0
[  169.085886][T11706]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  169.085904][T11706]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  169.085919][T11706]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  169.085936][T11706]  genl_family_rcv_msg_doit+0x206/0x2f0
[  169.085950][T11706]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  169.085969][T11706]  ? bpf_lsm_capable+0x9/0x10
[  169.085977][T11706]  ? security_capable+0x7e/0x260
[  169.085989][T11706]  ? ns_capable+0xd7/0x110
[  169.086003][T11706]  genl_rcv_msg+0x55c/0x800
[  169.086018][T11706]  ? __pfx_genl_rcv_msg+0x10/0x10
[  169.086031][T11706]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  169.086046][T11706]  ? __lock_acquire+0xaa4/0x1ba0
[  169.086063][T11706]  netlink_rcv_skb+0x16a/0x440
[  169.086075][T11706]  ? __pfx_genl_rcv_msg+0x10/0x10
[  169.086089][T11706]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  169.086114][T11706]  ? __pfx_down_read+0x10/0x10
[  169.086132][T11706]  ? netlink_deliver_tap+0x1ae/0xd30
[  169.086145][T11706]  genl_rcv+0x28/0x40
[  169.086158][T11706]  netlink_unicast+0x53a/0x7f0
[  169.086173][T11706]  ? __pfx_netlink_unicast+0x10/0x10
[  169.086190][T11706]  netlink_sendmsg+0x8d1/0xdd0
[  169.086206][T11706]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.086225][T11706]  ____sys_sendmsg+0xa95/0xc70
[  169.086240][T11706]  ? copy_msghdr_from_user+0x10a/0x160
[  169.086251][T11706]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.086268][T11706]  ? try_to_wake_up+0xa2f/0x1680
[  169.086282][T11706]  ___sys_sendmsg+0x134/0x1d0
[  169.086293][T11706]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.086321][T11706]  __sys_sendmsg+0x16d/0x220
[  169.086331][T11706]  ? __pfx___sys_sendmsg+0x10/0x10
[  169.086341][T11706]  ? __x64_sys_futex+0x1e0/0x4c0
[  169.086358][T11706]  ? rcu_is_watching+0x12/0xc0
[  169.086373][T11706]  do_syscall_64+0xcd/0x260
[  169.086388][T11706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.086399][T11706] RIP: 0033:0x7f761278e969
[  169.086408][T11706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.086418][T11706] RSP: 002b:00007f76135d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.086429][T11706] RAX: ffffffffffffffda RBX: 00007f76129b6080 RCX: 00007f761278e969
[  169.086435][T11706] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000008
[  169.086441][T11706] RBP: 00007f7612810ab1 R08: 0000000000000000 R09: 0000000000000000
[  169.086446][T11706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  169.086452][T11706] R13: 0000000000000000 R14: 00007f76129b6080 R15: 00007ffd92a02f08
[  169.086464][T11706]  </TASK>
[  169.088976][T11709] netlink: 'syz.3.1672': attribute type 10 has an invalid length.
[  169.166132][T11710] netlink: 'syz.3.1672': attribute type 10 has an invalid length.
[  169.406394][T11656] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  169.856305][T11709] batman_adv: batadv0: Adding interface: team0
[  169.858439][T11709] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.867620][T11709] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  169.872999][T11710] team0: entered promiscuous mode
[  169.881384][T11710] 8021q: adding VLAN 0 to HW filter on device team0
[  169.884554][T11710] batman_adv: batadv0: Interface activated: team0
[  169.886922][T11710] batman_adv: batadv0: Interface deactivated: team0
[  169.889791][T11710] batman_adv: batadv0: Removing interface: team0
[  169.892554][T11710] bridge0: port 1(team0) entered blocking state
[  169.895227][T11710] bridge0: port 1(team0) entered disabled state
[  169.897626][T11710] team0: entered allmulticast mode
[  170.028536][T11738] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=11738 comm=syz.0.1679
[  170.035427][T11738] __nla_validate_parse: 6 callbacks suppressed
[  170.035440][T11738] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1679'.
[  170.040201][T11738] netlink: 'syz.0.1679': attribute type 30 has an invalid length.
[  170.045159][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  170.045208][   T40] audit: type=1400 audit(1746849027.008:42810): avc:  denied  { name_bind } for  pid=11739 comm="syz.3.1681" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  170.058919][T11738] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  170.062941][T11738] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  170.066810][T11738] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  170.070424][T11738] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  170.112276][T11745] netlink: 'syz.0.1682': attribute type 2 has an invalid length.
[  170.115559][T11745] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  170.125418][T11745] input: syz0 as /devices/virtual/input/input19
[  170.192941][T11745] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1682'.
[  170.258705][T11752] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1683'.
[  170.742508][T11759] cgroup: none used incorrectly
[  170.747877][T11759] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1684'.
[  170.752708][T11759] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1684'.
[  170.960250][   T40] audit: type=1400 audit(1746849027.928:42811): avc:  denied  { setattr } for  pid=11768 comm="syz.2.1686" path="socket:[42787]" dev="sockfs" ino=42787 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  171.023421][T11775] kvm: emulating exchange as write
[  171.029712][T11775] netlink: 'syz.1.1687': attribute type 11 has an invalid length.
[  171.077154][T11782] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1688'.
[  171.167152][   T40] audit: type=1400 audit(1746849028.138:42812): avc:  denied  { ioctl } for  pid=11790 comm="syz.2.1690" path="socket:[44651]" dev="sockfs" ino=44651 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  172.003804][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout
[  172.182259][T11815] netlink: 'syz.1.1697': attribute type 10 has an invalid length.
[  172.223246][T11818] sysfs: cannot create duplicate filename '/class/ieee80211/���!�'
[  172.227442][T11818] CPU: 2 UID: 0 PID: 11818 Comm: syz.1.1698 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  172.227459][T11818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  172.227465][T11818] Call Trace:
[  172.227469][T11818]  <TASK>
[  172.227473][T11818]  dump_stack_lvl+0x16c/0x1f0
[  172.227509][T11818]  sysfs_warn_dup+0x7f/0xa0
[  172.227527][T11818]  sysfs_do_create_link_sd+0x124/0x140
[  172.227538][T11818]  sysfs_create_link+0x61/0xc0
[  172.227547][T11818]  device_add+0x62c/0x1a70
[  172.227565][T11818]  ? __pfx_device_add+0x10/0x10
[  172.227580][T11818]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  172.227603][T11818]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  172.227625][T11818]  wiphy_register+0x1c9c/0x2850
[  172.227635][T11818]  ? netdev_run_todo+0x864/0x1320
[  172.227646][T11818]  ? __dev_printk+0x260/0x270
[  172.227664][T11818]  ? __pfx_wiphy_register+0x10/0x10
[  172.227689][T11818]  ieee80211_register_hw+0x2432/0x4020
[  172.227718][T11818]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  172.227736][T11818]  ? find_held_lock+0x2b/0x80
[  172.227749][T11818]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  172.227769][T11818]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  172.227785][T11818]  ? __hrtimer_setup+0x176/0x280
[  172.227804][T11818]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  172.227827][T11818]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  172.227838][T11818]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  172.227853][T11818]  ? __asan_memcpy+0x3c/0x60
[  172.227869][T11818]  hwsim_new_radio_nl+0xb51/0x12c0
[  172.227884][T11818]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  172.227902][T11818]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  172.227918][T11818]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  172.227935][T11818]  genl_family_rcv_msg_doit+0x206/0x2f0
[  172.227949][T11818]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  172.227968][T11818]  ? bpf_lsm_capable+0x9/0x10
[  172.227976][T11818]  ? security_capable+0x7e/0x260
[  172.227989][T11818]  ? ns_capable+0xd7/0x110
[  172.228003][T11818]  genl_rcv_msg+0x55c/0x800
[  172.228018][T11818]  ? __pfx_genl_rcv_msg+0x10/0x10
[  172.228032][T11818]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  172.228046][T11818]  ? __lock_acquire+0xaa4/0x1ba0
[  172.228064][T11818]  netlink_rcv_skb+0x16a/0x440
[  172.228076][T11818]  ? __pfx_genl_rcv_msg+0x10/0x10
[  172.228090][T11818]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  172.228110][T11818]  ? __pfx_down_read+0x10/0x10
[  172.228125][T11818]  ? netlink_deliver_tap+0x1ae/0xd30
[  172.228139][T11818]  genl_rcv+0x28/0x40
[  172.228155][T11818]  netlink_unicast+0x53a/0x7f0
[  172.228168][T11818]  ? __pfx_netlink_unicast+0x10/0x10
[  172.228184][T11818]  netlink_sendmsg+0x8d1/0xdd0
[  172.228199][T11818]  ? __pfx_netlink_sendmsg+0x10/0x10
[  172.228217][T11818]  ____sys_sendmsg+0xa95/0xc70
[  172.228232][T11818]  ? copy_msghdr_from_user+0x10a/0x160
[  172.228243][T11818]  ? __pfx_____sys_sendmsg+0x10/0x10
[  172.228264][T11818]  ___sys_sendmsg+0x134/0x1d0
[  172.228276][T11818]  ? __pfx____sys_sendmsg+0x10/0x10
[  172.228306][T11818]  __sys_sendmsg+0x16d/0x220
[  172.228318][T11818]  ? __pfx___sys_sendmsg+0x10/0x10
[  172.228328][T11818]  ? __x64_sys_futex+0x1e0/0x4c0
[  172.228346][T11818]  ? rcu_is_watching+0x12/0xc0
[  172.228361][T11818]  do_syscall_64+0xcd/0x260
[  172.228377][T11818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.228387][T11818] RIP: 0033:0x7f451158e969
[  172.228397][T11818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.228410][T11818] RSP: 002b:00007f4512415038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  172.228421][T11818] RAX: ffffffffffffffda RBX: 00007f45117b5fa0 RCX: 00007f451158e969
[  172.228428][T11818] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  172.228434][T11818] RBP: 00007f4511610ab1 R08: 0000000000000000 R09: 0000000000000000
[  172.228441][T11818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  172.228447][T11818] R13: 0000000000000000 R14: 00007f45117b5fa0 R15: 00007ffd3f1e55c8
[  172.228461][T11818]  </TASK>
[  172.797692][T11840] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1703'.
[  172.979617][T11852] openvswitch: netlink: Tunnel attr 18 out of range max 16
[  173.017449][   T40] audit: type=1400 audit(1746849029.988:42813): avc:  denied  { map } for  pid=11851 comm="syz.2.1706" path="/dev/tty1" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  173.055724][T11856] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1708'.
[  173.059056][T11856] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1708'.
[  173.090784][   T40] audit: type=1400 audit(1746849030.058:42814): avc:  denied  { ioctl } for  pid=11855 comm="syz.3.1708" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  173.160650][T11863] netlink: 'syz.2.1707': attribute type 1 has an invalid length.
[  173.163459][T11863] netlink: 'syz.2.1707': attribute type 2 has an invalid length.
[  173.166830][T11863] netlink: 'syz.2.1707': attribute type 1 has an invalid length.
[  173.169322][T11863] netlink: 'syz.2.1707': attribute type 2 has an invalid length.
[  173.187581][T11868] program syz.3.1711 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  173.193548][T11868] sysfs: cannot create duplicate filename '/class/ieee80211/���!�'
[  173.197024][T11868] CPU: 2 UID: 0 PID: 11868 Comm: syz.3.1711 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  173.197040][T11868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  173.197046][T11868] Call Trace:
[  173.197050][T11868]  <TASK>
[  173.197055][T11868]  dump_stack_lvl+0x16c/0x1f0
[  173.197074][T11868]  sysfs_warn_dup+0x7f/0xa0
[  173.197092][T11868]  sysfs_do_create_link_sd+0x124/0x140
[  173.197104][T11868]  sysfs_create_link+0x61/0xc0
[  173.197113][T11868]  device_add+0x62c/0x1a70
[  173.197133][T11868]  ? __pfx_device_add+0x10/0x10
[  173.197145][T11868]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  173.197164][T11868]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  173.197184][T11868]  wiphy_register+0x1c9c/0x2850
[  173.197194][T11868]  ? netdev_run_todo+0x864/0x1320
[  173.197206][T11868]  ? __dev_printk+0x260/0x270
[  173.197224][T11868]  ? __pfx_wiphy_register+0x10/0x10
[  173.197241][T11868]  ieee80211_register_hw+0x2432/0x4020
[  173.197262][T11868]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  173.197280][T11868]  ? find_held_lock+0x2b/0x80
[  173.197292][T11868]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  173.197309][T11868]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  173.197320][T11868]  ? __hrtimer_setup+0x176/0x280
[  173.197332][T11868]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  173.197353][T11868]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  173.197364][T11868]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  173.197381][T11868]  ? __asan_memcpy+0x3c/0x60
[  173.197397][T11868]  hwsim_new_radio_nl+0xb51/0x12c0
[  173.197412][T11868]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  173.197430][T11868]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  173.197444][T11868]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  173.197462][T11868]  genl_family_rcv_msg_doit+0x206/0x2f0
[  173.197476][T11868]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  173.197494][T11868]  ? bpf_lsm_capable+0x9/0x10
[  173.197503][T11868]  ? security_capable+0x7e/0x260
[  173.197515][T11868]  ? ns_capable+0xd7/0x110
[  173.197529][T11868]  genl_rcv_msg+0x55c/0x800
[  173.197543][T11868]  ? __pfx_genl_rcv_msg+0x10/0x10
[  173.197557][T11868]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  173.197572][T11868]  ? __lock_acquire+0xaa4/0x1ba0
[  173.197589][T11868]  netlink_rcv_skb+0x16a/0x440
[  173.197600][T11868]  ? __pfx_genl_rcv_msg+0x10/0x10
[  173.197615][T11868]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  173.197633][T11868]  ? __pfx_down_read+0x10/0x10
[  173.197648][T11868]  ? netlink_deliver_tap+0x1ae/0xd30
[  173.197661][T11868]  genl_rcv+0x28/0x40
[  173.197673][T11868]  netlink_unicast+0x53a/0x7f0
[  173.197686][T11868]  ? __pfx_netlink_unicast+0x10/0x10
[  173.197702][T11868]  netlink_sendmsg+0x8d1/0xdd0
[  173.197715][T11868]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.197733][T11868]  ____sys_sendmsg+0xa95/0xc70
[  173.197746][T11868]  ? copy_msghdr_from_user+0x10a/0x160
[  173.197756][T11868]  ? __pfx_____sys_sendmsg+0x10/0x10
[  173.197772][T11868]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  173.197787][T11868]  ___sys_sendmsg+0x134/0x1d0
[  173.197798][T11868]  ? __pfx____sys_sendmsg+0x10/0x10
[  173.197825][T11868]  __sys_sendmsg+0x16d/0x220
[  173.197836][T11868]  ? __pfx___sys_sendmsg+0x10/0x10
[  173.197846][T11868]  ? __x64_sys_futex+0x1e0/0x4c0
[  173.197863][T11868]  ? rcu_is_watching+0x12/0xc0
[  173.197879][T11868]  do_syscall_64+0xcd/0x260
[  173.197894][T11868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.197924][T11868] RIP: 0033:0x7fc7ccf8e969
[  173.197934][T11868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.197945][T11868] RSP: 002b:00007fc7cddd2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.197956][T11868] RAX: ffffffffffffffda RBX: 00007fc7cd1b5fa0 RCX: 00007fc7ccf8e969
[  173.197963][T11868] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  173.197970][T11868] RBP: 00007fc7cd010ab1 R08: 0000000000000000 R09: 0000000000000000
[  173.197976][T11868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  173.197982][T11868] R13: 0000000000000000 R14: 00007fc7cd1b5fa0 R15: 00007ffc990d22b8
[  173.197996][T11868]  </TASK>
[  173.624222][T11906] netlink: 'syz.3.1719': attribute type 11 has an invalid length.
[  173.689082][T11908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1717'.
[  174.244434][   T40] audit: type=1400 audit(1746849031.218:42815): avc:  denied  { map } for  pid=11928 comm="syz.2.1724" path="socket:[47113]" dev="sockfs" ino=47113 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  174.286918][   T40] audit: type=1400 audit(1746849031.258:42816): avc:  denied  { create } for  pid=11935 comm="syz.2.1725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  174.295362][   T40] audit: type=1400 audit(1746849031.258:42817): avc:  denied  { bind } for  pid=11935 comm="syz.2.1725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  174.375638][T11942] vxcan0: tx drop: invalid da for name 0x0000000000000003
[  174.513643][T11954] netlink: 'syz.2.1731': attribute type 9 has an invalid length.
[  174.606889][T11969] gfs2: not a GFS2 filesystem
[  174.632398][T11976] nftables ruleset with unbound chain
[  174.638928][T11976] mac80211_hwsim hwsim11 `���: renamed from wlan1 (while UP)
[  174.650270][T11975] team0: left allmulticast mode
[  174.651988][T11975] bridge0: port 1(team0) entered disabled state
[  174.692899][   T40] audit: type=1400 audit(1746849031.658:42818): avc:  denied  { mount } for  pid=11972 comm="syz.3.1738" name="/" dev="pstore" ino=4678 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  174.701185][   T40] audit: type=1400 audit(1746849031.658:42819): avc:  denied  { remount } for  pid=11972 comm="syz.3.1738" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  175.012683][T12012] netlink: 'syz.3.1747': attribute type 10 has an invalid length.
[  175.018123][T12012] team0: left promiscuous mode
[  175.020215][T12012] team0: Cannot enslave team device to itself
[  175.070052][T12022] __nla_validate_parse: 4 callbacks suppressed
[  175.070062][T12022] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1752'.
[  175.144150][T12017] ==================================================================
[  175.144160][T12017] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60
[  175.144182][T12017] Write of size 8 at addr ffffc900052ba3e0 by task syz.0.1750/12017
[  175.144191][T12017] 
[  175.144197][T12017] CPU: 1 UID: 0 PID: 12017 Comm: syz.0.1750 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  175.144212][T12017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  175.144219][T12017] Call Trace:
[  175.144223][T12017]  <TASK>
[  175.144227][T12017]  dump_stack_lvl+0x116/0x1f0
[  175.144243][T12017]  print_report+0xc3/0x670
[  175.144254][T12017]  ? __virt_addr_valid+0x5e/0x590
[  175.144270][T12017]  ? sys_imageblit+0x1a6f/0x1e60
[  175.144285][T12017]  kasan_report+0xe0/0x110
[  175.144295][T12017]  ? sys_imageblit+0x1a6f/0x1e60
[  175.144312][T12017]  sys_imageblit+0x1a6f/0x1e60
[  175.144328][T12017]  ? rcu_is_watching+0x12/0xc0
[  175.144342][T12017]  ? __pfx_sys_imageblit+0x10/0x10
[  175.144356][T12017]  ? __lock_acquire+0x5ca/0x1ba0
[  175.144372][T12017]  ? alloc_pages_bulk_noprof+0xa4e/0x13b0
[  175.144390][T12017]  ? __pfx___page_table_check_ptes_set+0x10/0x10
[  175.144401][T12017]  ? find_held_lock+0x2b/0x80
[  175.144413][T12017]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  175.144427][T12017]  bit_putcs+0x90f/0xde0
[  175.144442][T12017]  ? __pfx_bit_putcs+0x10/0x10
[  175.144455][T12017]  ? fb_get_color_depth+0x120/0x250
[  175.144465][T12017]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  175.144483][T12017]  ? __pfx_bit_putcs+0x10/0x10
[  175.144494][T12017]  fbcon_putcs+0x380/0x4a0
[  175.144505][T12017]  con_putc+0x141/0x170
[  175.144518][T12017]  ? __pfx_con_putc+0x10/0x10
[  175.144531][T12017]  complement_pos+0x2d3/0x4e0
[  175.144541][T12017]  ? __pfx_complement_pos+0x10/0x10
[  175.144551][T12017]  ? trace_kmalloc+0x2b/0xd0
[  175.144561][T12017]  ? __kmalloc_noprof+0x242/0x510
[  175.144576][T12017]  ? vc_do_resize+0x24d/0x10e0
[  175.144586][T12017]  clear_selection+0x1b/0x70
[  175.144600][T12017]  vc_do_resize+0xd9b/0x10e0
[  175.144612][T12017]  ? __pfx_vc_do_resize+0x10/0x10
[  175.144623][T12017]  fbcon_set_disp+0x7ad/0xe40
[  175.144633][T12017]  set_con2fb_map+0x703/0x1060
[  175.144645][T12017]  fbcon_set_con2fb_map_ioctl+0x16c/0x220
[  175.144657][T12017]  ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10
[  175.144669][T12017]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  175.144686][T12017]  do_fb_ioctl+0x328/0x7e0
[  175.144699][T12017]  ? __pfx_do_fb_ioctl+0x10/0x10
[  175.144712][T12017]  ? do_vfs_ioctl+0x512/0x1990
[  175.144732][T12017]  ? selinux_file_ioctl+0x180/0x270
[  175.144748][T12017]  fb_ioctl+0xe5/0x150
[  175.144762][T12017]  ? __pfx_fb_ioctl+0x10/0x10
[  175.144774][T12017]  __x64_sys_ioctl+0x190/0x200
[  175.144787][T12017]  do_syscall_64+0xcd/0x260
[  175.144801][T12017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.144812][T12017] RIP: 0033:0x7f761278e969
[  175.144821][T12017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.144832][T12017] RSP: 002b:00007f76135fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  175.144875][T12017] RAX: ffffffffffffffda RBX: 00007f76129b5fa0 RCX: 00007f761278e969
[  175.144887][T12017] RDX: 00002000000000c0 RSI: 0000000000004610 RDI: 0000000000000008
[  175.144897][T12017] RBP: 00007f7612810ab1 R08: 0000000000000000 R09: 0000000000000000
[  175.144904][T12017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  175.144911][T12017] R13: 0000000000000000 R14: 00007f76129b5fa0 R15: 00007ffd92a02f08
[  175.144922][T12017]  </TASK>
[  175.144926][T12017] 
[  175.144938][T12017] The buggy address ffffc900052ba3e0 belongs to a vmalloc virtual mapping
[  175.144944][T12017] Memory state around the buggy address:
[  175.144950][T12017]  ffffc900052ba280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  175.144959][T12017]  ffffc900052ba300: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  175.144966][T12017] >ffffc900052ba380: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  175.144972][T12017]                                                        ^
[  175.144978][T12017]  ffffc900052ba400: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  175.144985][T12017]  ffffc900052ba480: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  175.144991][T12017] ==================================================================
[  175.144998][T12017] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  175.145006][T12017] CPU: 1 UID: 0 PID: 12017 Comm: syz.0.1750 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) 
[  175.145020][T12017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  175.145027][T12017] Call Trace:
[  175.145031][T12017]  <TASK>
[  175.145034][T12017]  dump_stack_lvl+0x3d/0x1f0
[  175.145049][T12017]  panic+0x71c/0x800
[  175.145066][T12017]  ? __pfx_panic+0x10/0x10
[  175.145081][T12017]  ? __pfx__printk+0x10/0x10
[  175.145101][T12017]  ? rcu_is_watching+0x12/0xc0
[  175.145114][T12017]  ? sys_imageblit+0x1a6f/0x1e60
[  175.145128][T12017]  check_panic_on_warn+0xab/0xb0
[  175.145145][T12017]  end_report+0x107/0x170
[  175.145156][T12017]  kasan_report+0xee/0x110
[  175.145167][T12017]  ? sys_imageblit+0x1a6f/0x1e60
[  175.145184][T12017]  sys_imageblit+0x1a6f/0x1e60
[  175.145200][T12017]  ? rcu_is_watching+0x12/0xc0
[  175.145213][T12017]  ? __pfx_sys_imageblit+0x10/0x10
[  175.145227][T12017]  ? __lock_acquire+0x5ca/0x1ba0
[  175.145243][T12017]  ? alloc_pages_bulk_noprof+0xa4e/0x13b0
[  175.145261][T12017]  ? __pfx___page_table_check_ptes_set+0x10/0x10
[  175.145271][T12017]  ? find_held_lock+0x2b/0x80
[  175.145283][T12017]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  175.145297][T12017]  bit_putcs+0x90f/0xde0
[  175.145311][T12017]  ? __pfx_bit_putcs+0x10/0x10
[  175.145323][T12017]  ? fb_get_color_depth+0x120/0x250
[  175.145334][T12017]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  175.145354][T12017]  ? __pfx_bit_putcs+0x10/0x10
[  175.145364][T12017]  fbcon_putcs+0x380/0x4a0
[  175.145375][T12017]  con_putc+0x141/0x170
[  175.145387][T12017]  ? __pfx_con_putc+0x10/0x10
[  175.145401][T12017]  complement_pos+0x2d3/0x4e0
[  175.145411][T12017]  ? __pfx_complement_pos+0x10/0x10
[  175.145420][T12017]  ? trace_kmalloc+0x2b/0xd0
[  175.145431][T12017]  ? __kmalloc_noprof+0x242/0x510
[  175.145446][T12017]  ? vc_do_resize+0x24d/0x10e0
[  175.145455][T12017]  clear_selection+0x1b/0x70
[  175.145470][T12017]  vc_do_resize+0xd9b/0x10e0
[  175.145481][T12017]  ? __pfx_vc_do_resize+0x10/0x10
[  175.145497][T12017]  fbcon_set_disp+0x7ad/0xe40
[  175.145512][T12017]  set_con2fb_map+0x703/0x1060
[  175.145528][T12017]  fbcon_set_con2fb_map_ioctl+0x16c/0x220
[  175.145544][T12017]  ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10
[  175.145564][T12017]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  175.145589][T12017]  do_fb_ioctl+0x328/0x7e0
[  175.145608][T12017]  ? __pfx_do_fb_ioctl+0x10/0x10
[  175.145628][T12017]  ? do_vfs_ioctl+0x512/0x1990
[  175.145659][T12017]  ? selinux_file_ioctl+0x180/0x270
[  175.145675][T12017]  fb_ioctl+0xe5/0x150
[  175.145687][T12017]  ? __pfx_fb_ioctl+0x10/0x10
[  175.145700][T12017]  __x64_sys_ioctl+0x190/0x200
[  175.145713][T12017]  do_syscall_64+0xcd/0x260
[  175.145727][T12017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.145738][T12017] RIP: 0033:0x7f761278e969
[  175.145746][T12017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.145756][T12017] RSP: 002b:00007f76135fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  175.145767][T12017] RAX: ffffffffffffffda RBX: 00007f76129b5fa0 RCX: 00007f761278e969
[  175.145774][T12017] RDX: 00002000000000c0 RSI: 0000000000004610 RDI: 0000000000000008
[  175.145781][T12017] RBP: 00007f7612810ab1 R08: 0000000000000000 R09: 0000000000000000
[  175.145787][T12017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  175.145792][T12017] R13: 0000000000000000 R14: 00007f76129b5fa0 R15: 00007ffd92a02f08
[  175.145801][T12017]  </TASK>
[  175.146348][T12017] Kernel Offset: disabled

VM DIAGNOSIS:
03:50:32  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff815f7e10 RDX=ffffffff8e097740
RSI=ffffffff815f7e58 RDI=ffffffff93a8ee80 RBP=0000000000000000 RSP=ffffc90000007fd0
R8 =0000000000000001 R9 =fffffbfff2751dd0 R10=ffffffff93a8ee87 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff815f7e59 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69e1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f4512414f98 CR3=000000004da60000 CR4=00350ef0
DR0=0000000000005918 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd3f1e5950 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4511611a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4511611a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4511611a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4511611aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4511611b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4511611c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854f4835 RDI=ffffffff9adf74e0 RBP=ffffffff9adf74a0 RSP=ffffc9000fc16f68
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303963666657
R12=0000000000000000 R13=0000000000000035 R14=ffffffff9adf74a0 R15=ffffffff854f47d0
RIP=ffffffff854f485f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f76135fa6c0 ffffffff 00c00000
GS =0000 ffff8880d6ae1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c31c3ae CR3=0000000026ae5000 CR4=00352ef0
DR0=0000080000001081 DR1=0000000000000007 DR2=fffffffffffffffd DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557cf02730
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557cf149b0 000055557cf147a0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557cf0fb99 000055557cf0f560
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1000018004040104 c20030656c69662f 2e01ffffffffffff ffffef080180033c
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ed08028003007039 01ffffffffffffff fff9080680030030
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 029c036f6e646672 01ffffffffffffff fff5080292032c64 663d736e61727401
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff f50802c403580200 02c203010000040c a406029e037a0200
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0002f60358020002 f403010000060ca4 0602d0037a020002 ce036f6e64667701
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0102800420828080 1000068004000400 10000a01418001d6 020002f603580200
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02f403010000060c a40602d0037a0200 02ce036f6e646677 01ffffffffffffff
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fff50802c4035802 0002c20301000004 0ca406029e037a02 00029c036f6e6466
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7201ffffffffffff fffff5080292032c 64663d736e617274 01ffffffffffffff
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000080010000 RBX=0000000000000000 RCX=ffffffff815f7e10 RDX=ffff888050b0c880
RSI=ffffffff815f7e58 RDI=ffffffff93a8ee80 RBP=0000000000000002 RSP=ffffc90000648fd0
R8 =0000000000000001 R9 =fffffbfff2751dd0 R10=ffffffff93a8ee87 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff815f7e59 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc92badc6c0 ffffffff 00c00000
GS =0000 ffff8880d6be1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2cf1fffc CR3=000000002da9f000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc92ac11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc92ac11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc92ac11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc92ac11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc92ac11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc92ac11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc92ad83488 00007fc92ad83480 00007fc92ad83478 00007fc92ad83450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc92b8ed100 00007fc92ad83440 00007fc92ad83458 00007fc92ad834a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc92ad83498 00007fc92ad83490 00007fc92ad83488 00007fc92ad83480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000080010002 RBX=0000000000000000 RCX=ffffffff815f7e10 RDX=ffff888026520000
RSI=ffffffff815f7e58 RDI=ffffffff93a8ee80 RBP=0000000000000003 RSP=ffffc900006f8fd0
R8 =0000000000000001 R9 =fffffbfff2751dd0 R10=ffffffff93a8ee87 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff815f7e59 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055558d036500 ffffffff 00c00000
GS =0000 ffff8880d6ce1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc7cdce56c0 CR3=0000000049e48000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc990d2640 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7cd011a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7cd011a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7cd011a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7cd011aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7cd011b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7cd011c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000004c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 000000000000004c
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000