last executing test programs:

3.790426468s ago: executing program 0 (id=3012):
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x8008af26, &(0x7f0000000680)={0x22f})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@link_local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @multicast1}, @address_request={0x11, 0x0, 0x0, 0xf5}}}}}, 0x0)

3.789940713s ago: executing program 0 (id=3013):
r0 = socket$xdp(0x2c, 0x3, 0x0)
sendmsg$xdp(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)="bc29367d50ab4bf9664090e4c2ac42eb4ea99ceb455aa7eec339a3afbdd7faa8434976f33a4b143b78b59b9d8bb90de657bfee620f545ed8bb6af429afac6bd5e6c0150745ea30abb7745e12c47d0bbf76922bc798ef4b773f5ac0f676fd65e6ef518df7f0581fe15f09ea95652d8271aa37073f2d8ee926f0678c130d34adda478c6d3a24cdc8791c59ec3a439608aa5e5556547d38ad0241e6adeec0014f8ad5c35ecbc5799e1906997752d1a004b67b317fdcd2f4b4038220aee355b8cd9c81a6b36b1a009c5a974412c9dea8e66aa9f16c6a5741287358037304a7", 0xdd}, {&(0x7f0000000140)="7393aa61dddc6f361a4fae51474732d53329053672bcb1f8b60467a557da75600f5825018aaadd366b575c406a3025dbbfb841f261796037ea7aead6b946f7e593190cd8faf64198dce50d108fb7dcb6b2b2b665a976176c016a919f3bf8aff5fe390cd99ab50f5ae99124e4ac38b164ce44d5aca9b1e7101c8fd2a36e7b2882760295275d613599ce8a96253c552af7", 0x90}, {&(0x7f0000000200)="81a9e12dd31783e3cd09459f8a83b4a9a72525ad129c961c5ed14e7b0a5d98c1f6c97341cde3aff7eab34e73f872d38bbf598e91bf39ffbac4d3e6ad166759826eeb4035b306e67eecbebda877cc5555bb500760a4ba28329d29ad4602e806b0d01c45c6edd98987339f6b87272671b028c82c0498f5cac0fe1871606927e43409fe821b50707eee44a19aca9b40009b320e4aa54ce31ca3bb5c1fa9ac92129673c3d4750aaf4bce8c837793e44faf15ec3c1fee9a71cb5879da92fb1d6dd6879e8c9cb0f1453ce7e1843bdc7f3a9ab876854ec1d4676feda00f45ba6f3ef508c035004ae4060655dd8d13166d8e05", 0xef}, {&(0x7f0000000300)="f4aa4e50ad73954fb067762b13edda81044ff9d2713954fc37fd6e40ddf62acdbd1da588b2206e87162bf64a7117b8fc84fd697c91c0cb0a3d2462ca729f07e0f91ef94141c2bb68be0ee98b9e9a24aea506d019faf630c2", 0x58}], 0x4, 0x0, 0x0, 0x24000000}, 0x4000041)
r1 = syz_usb_connect(0x3, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0xe6, 0xfd, 0xae, 0x40, 0xe41, 0x4650, 0xd441, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x5, 0x9, 0x20, 0x10, [{{0x9, 0x4, 0x1, 0xa, 0x0, 0x6c, 0x6c, 0xd1, 0x9}}]}}]}}, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0})
syz_usb_disconnect(r1) (async)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f0000001c00)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x5, 0x10, 0x3, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x2}, {0xd, 0x24, 0xf, 0x1, 0x4, 0xc82b, 0xfff}, {0x6, 0x24, 0x1a, 0x7, 0x1}}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x2, 0x1, 0x3}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x0, 0x9, 0x6, 0xfd}}, {{0x9, 0x5, 0x3, 0x2, 0x270, 0x9, 0x9, 0xa0}}}}}}}]}}, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0) (async)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGSOFTCAR(r2, 0x4b46, &(0x7f0000000500)) (async, rerun: 64)
r3 = syz_open_dev$mouse(&(0x7f0000002800), 0x10000, 0x60040) (rerun: 64)
ioctl$FS_IOC_GETFLAGS(r3, 0x80086601, &(0x7f0000002a40))

2.377127345s ago: executing program 0 (id=3034):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000003700)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2", 0x24}], 0x1}, 0x4002}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="b1", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000001c0)="3dbe33faf3597dcad38c7f076a09d0f7090253d1e2c69753fdd90a509139be4aa82b1390602b5905bdf11557cd9cb9e757255125f9f616b37e43222b53b0a8b9b3aa57573b23f185f86e3201a62f3bdb53096e144840e98a91c66dabcc37b93bdc19b60e3ee799ef7865f866959d2641b5876523fe67fd11503032e174f8f163731eb5e4663bc77f97687b59bd22c96f90b91cae", 0x94}, {&(0x7f0000000d40)="13fe0d0ebaa8f8e6945eda37626722a991bb043a3f0055b3077bbb48090fc9ec5ce2b21e4a08fe7ade767d68a0429b24ae1af46fd6bc808750074e324dfb9a870aa3ff152df224", 0x47}], 0x2}}], 0x3, 0xc0)

2.318357066s ago: executing program 0 (id=3036):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x1, 0x0, 0x2, "fef9149d2965e642f2557f83660400d2be1d755f00", 0x3136564e})
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$cgroup_subtree(r1, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2.249370694s ago: executing program 0 (id=3037):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000340)={0x1d, r1, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
sendmsg$can_j1939(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x1d, r1, 0x0, {0x2, 0xfe, 0x4}, 0x2}, 0x18, &(0x7f0000000140)={&(0x7f0000000400)="8b5a0b1815b45cb44e", 0x9}, 0x1, 0x0, 0x0, 0x24004050}, 0x20000040)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r3=>0x0})
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
sendmsg$can_j1939(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r1, 0x0, {}, 0x1fb}, 0x18, &(0x7f0000000180)={&(0x7f00000003c0)="4dfb04f0d556f1327d", 0x9}, 0x1, 0x1000000, 0x0, 0x48080}, 0x40010)

2.080422328s ago: executing program 3 (id=3044):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140)={0x2, 0x0, [{0x4000, 0x0, &(0x7f0000000040)}, {0x0, 0x96, &(0x7f0000000080)=""/150}]})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040), 0x10)
getsockopt$netlink(r2, 0x10e, 0x9, 0x0, &(0x7f0000000100))
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r3, &(0x7f00000065c0)={0x0, 0x0, &(0x7f0000006580)={&(0x7f0000006080)=ANY=[@ANYBLOB="2800000014001102000000000000000028001100ea004ac2411e47060aefadfa617ab90000000000"], 0x28}}, 0x0)
recvmmsg(r3, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
writev(r2, &(0x7f0000001780)=[{&(0x7f00000001c0)="1b5b3f6a62ff004551b1b20fa912ef6c9ac4b694f2a04b7f51c40a70218f885cfc78c0a7779df32143149663e16fff4698cb6ba98f17f458b2b0d8b962a8a081bc1323dce6f8a0f5fba2b052b9816633d8beb405eca8262197e6ef459816aa40c9abaac42d652020a847549cfab2106c8fee5e5f71623f33176951d73a1561e24f84a3e5b05c300b3d0ab6b5aedd71c9aadd39148c50ac1ed687a8b3b254b665630f8521f73631667af1ca3a1e76413d", 0xb0}, {&(0x7f0000000280)="87a54d22cafa9f2507c844e6060462303e2e86f899ba327ba9d4505f52a2155b06365c9b327b521e5c5c3f261108d178", 0x30}, {&(0x7f00000002c0)="9afadc87a3173487ba1ceb5645e498a1d67e7b1d20f78ccc4b71512b9369faa47373658f687fd08b119053df2307651cce48164b4c95ccc0a304b911a32be7d919f3df12ea240778fae02d609b26bfbdff8c586ac5a5bee6297bf37b843356f194db7461acb26bc4d05a306a2f2712be8286381c4edc35bf5dc9756e10ddde531c6333ba2e8ff03a830fcb1d352ff574dec83c280885577f2cd82f93a8bdd5de59c39ec799cd4e75e37e30", 0xab}, {&(0x7f0000000440)="e379a74862252f090782e1b2ab185078392878509ec7a2ff2e193d65b68220e7f73735558ef568b94971be1c52a6617647069112d40a25e82f3e7397db2a3211ac834b622837f2a3a969a9ac47a740944e693f97061c18f9ae9bb059200142feb9d55a1212fc74621115262af74bb663763891bd7ee11bacd352a6ea6dd860081d3e6c3efccf3bae1bc47abb96f20bde581720d49c0d214bbd075cda37d21a96217d65537d6483a6a8434b75", 0xac}, {&(0x7f0000000380)="bd52f17ee3e18ed0d5a2d32ba07c028fb8cf7c7947ae654cbd691174ecb570d492271303d337ea2bf7ef242bf78e2c03027e29d26d273d2a4f1f789680888cc4adcce89621dcd38beaf456c5c4a3", 0x4e}, {&(0x7f0000000500)="d4c9370b737780fb75eef79f925329c9a5836fa3eb1378e98b6db6b971601d3d205f4a0f378e0c3a15d85a071060464d4c1758dd9ce39162", 0x38}, {&(0x7f0000000540)="4d0bb006d3d98739a87b26e15ffe9121c31b7f0fe36edc8f896ddfeda0811a33548a80bccde4fa87151eafd0cb4d64001369a6233934eb3cd404dc3792d95352a52428d25bb199038b5ca3e8e4f1ba58ab4d9d168f8f16d8277178790ffe7b171dd0f2f9423bf4499b27ba6a7e8be31964acafd05842bb7841da207bb72e636036cb1c5be65e2970f90002865ca1ee457dcb0f6c895c43efdfd717e51d487aa1c7cbd9773aaff55c1a1f847ff8b89329e4093257eadc981cb27f126132c81959c4e024b3836bcc75ee8ca17849d11dd2b94027ce932a69a5ab6d2029ec", 0xdd}, {&(0x7f0000000640)="270ac17b3c88270aa7bf39efaea8e8372b28813efc903cc37dca661efc7599e82524468f3bc22adf9405a568e8e298310de1b46edbb1324ad86f14f330d5e1105111fe2cf25d1524f1", 0x49}, {&(0x7f00000006c0)="f42262ccde6cdaf8f5f65c4a26dcc1aefee48bc9b696898d1a706a40cac96c9580049770a54b859f1a6142abd795818c1822645134d580aec312db79015f631b2279a8285ec5118647ab7a8b4fb840b418193c3d3a66eeae892e9cce8a3d4e828dcc548d58828280d21fefe6eedb1cae5aae48d8b2562c188ac8c981ecaf12c500e1c33638bad6b8cf51cfcaf82740d03c00146e61b723c8796841eb991703b90975148f303b2fe10675e9af577d5d771a1dfcbd4ebbcfe09e10a4b05411badd93fd3432ff97de54a3508cfb4191ea31dfd2d3e0c6582b83bc2563aaeabbf5b63d750b1970b2e8f45c24584cbc67918f5c3fa85cd4a71fec43a5e83ebe4ff010681fcc81a2a43ac8d176ccb9100427867462d81b3d3e8a181955406c82b4e9fbc4d73e92da17dcd6da31c848dcad5bcf01d9e2e57b55515878a19bea27fe77e08aaa43286db3e5631d9fa164e7e04d039c3cacfcb2de81df6a41328faaff880b027c1a4fa6e08928e3746a71d26674e15ce11ff9b28055dd316b237b4292c401a01407f3254f6dbba8a0a0f1f2642921c47cf8e0072bb318f4c39b6bf2b391bf5b2019791a10877b0a35e082c6ba93bae76cd64a5b4d97163f2fe5e3af5903b91808627a895e28593de1ff83876bf6d7250e9ffcfdd90e190399aca61ac511e3e973fcb8e9f8af16605442152afd1c277f57cfd0fa95656c5f299a47d85ddfdb607912619dfc76b316ac4a94abdf78ddd0ae68f48b64207751f880737849f4d52e5c990443be7c86a85618be36e8d2e6705dbf64b620a7189904115d4d821644b1990befc72fc42d0aaaec735a3cf1a7b66cba94396cdfd8c033c4931384c94125fe098a698cd776d5c78c586c6bad86f08d45d1e52f6ea3994db4343a3ffcf5e5f351c445381f703f7417fb10c31edd2304663bc9a5fe30cd8319a151557f4b9a6da457a619b1fac46e4feb233268a9d9975d53df08bf10a9a7036bc0143d20873bfa2ecdddcd69362f15d4becc075d6861e115d0b577b2210663ec339931f7b9e944d7b6d392de6bd364a5ce5b954ee3fee15d6f0cc1297ea140dc2c2db6269d93e6ff0b2a766be149d8f1c435d5faf95d37611d6cdc14c3ba5c9fa565bc0cda04e1688c6ab8c4c8ddf4c205637bd4a8023c5f5c6f4239ac0b0003792b9f105b7c7730169f15033df151cdc5df1172835af6e097e71c07d2f3e8abc24b4d5ac683ed5c397434b04e8cecd4983b0a3da3fe1a46c9f4a5f1cc16330f0d5567725d2f1f1fe8c20648d5629591e2960efecfc8d9cc1a97919712db5f3ff987a4a987672cd3eeae091bd06fe701829e581c884669563527f81c3cf7fefaeaab3e6a26f3e703346830a2851318d5d235f69901a635adaf23bbffd559aa586683cda872705506653e701f53c2f855505cbbf674b2ca4c036aec86a2063e5659601af16efc78fc6ef688cc5e5f240696c0e79e9373de424ca240b69ac72c884ac8efed025cd8c1c046c619f6c33ee40a9c3ce21a7901de419b83bb5d75840f8716466548a5ba26580c85a28eef212b0096521e672a4c72c57c0c742cd739292ba4bb72ec96bc94dc0d9b32b31d88938a3b281d092f7779c05aec85a9cf00641e8d11399a3d035e05467b4d47e4d46af7df3bd7cf1d94d6408fda9f4de6bfe313f8dac098dab7a0fcdec49b42ff4eb97bea2f5a1542fc663fcd86c94f9403fb854be07e1b91d1d3e30d9ecde4c9506a6698322ef86bc5cd33a20ccaf03a485315ce2adc8c536b7be5ce93fb73ed54bb1b8560f1acd8ab1eac636e3ea26d6449aad0a8566318097065b565b1f4f1f26288c20af489cc5057042d07327361cbe41bd3e06fda8ea1ab1f1a0c77e5b09ceb545225584fe371a97737f8e72059af717d3c94f5cc5f51b7b2d379ef8fc11b526a1d6529632902293219350444cecb4e58b7bcf0b14e2a579c3be7eebd05c8fd5f009eb4d024f8d901b9225eed10bc2df847470322ea9704e3791eb4639d9105c79962ba3bd79d5fcd4880275948e84e9597ef9753474dab76559318909eb484c3256b5e1b8fbb4e8818e6978f2aaa1105c845f6dd039f36da747dd5563b699b369089847d36d89bc788fe6ae417d85dc0cd0a905e178bae9039eae12c86cb2be924ccf9a4662086137666a5d6d22c4d42c02ee858d9ac9acdb67f3eae896ee6e803ec319ccd6f3f975dd1a2a8f2ecdc0dc62c30e870cf84c035d08d468c379d1a116de215103b50cfdb19e2d09008036e21fa97c8a4ead6e7e8574baa18ae00ce393208a896ab54229f591bf6cd1774b3850fd326db267120bbe5936469d5620e40564f638f9077faddf182b6ea8d13c54eeea110a8e5b920c7d218222bf4c6ca352a627d23c8d89f67347c29e7ac181c0efeaa5ff5fdf56c52eb0e177b73e8e4e8b557c2a0ba132782cac0efc9c8df297e9758f4d723985c234b9ab417be354c2ee54e25557c6091c6fa26a4569f872948ca24c18094dee142d6454fb881d03dfba4daadf2eecb3d6bd838c8eb6adf24c4e464d45b071c65d812a8a5248ca738721a432a5540eb67547fced3b185f332c88208c36ea1524c362bb66bf85d527440f5249cad3e0227cdffc1c78fe04c6b44edfa35818b201f62d68dcf244b2488cf13a77074c3973a5626f9b80e6259d0778f9621b106100987504d0de8309f36bd79989f76332b9f28ed59f52f4ef036efaf30dd053bb0910654d73352d5e265eba73d8582525cf118aff371d29d72025e2bf6c2cfdb7aac1856c43d443a1736813762d4621f300fa2572fdde2c9cba0a0d866a5ecf7574f0f7188c5b8c727e0c833687cedb124517e8238aa7045b67d94310838bd595fd9af7a5dc4355c67218b0205fb5fe06126616a2f8d370717672c93f821fb9d6521d18369d67c702d049022fff48faa8f354b6fa2d34f3592707d68f847ca8c1a60e52ad60a3c4dbb84bc4d003e9b0968db4aa10fce43551d1f7ed0533c275bce3b12ae2c4792baca70383d926055079f978608ac5ffc728ee4b7b76b811c0f914dba95d58327f54b5dbda82c6390f09e6edb2af840f9c43d6663ee62096ffbf4606fb534e52ccc6802a3d1c44018560a8cabe925673c564304608370e26f5839444864590c20d26cab3567d38d6d23fd1905344c9255b9ed9d46545e3efad340ecf536bb99b245d80bf6ef3cf63664f1344092277253cb8d76ce6a441061a6d1ec2496a4649f3710eca8f7ae2b0196f8c70e2ba445714e7875203562fbf9554db4117081ab0120eb001c835598dc0ec4e7ec9172339e5c9aac9ce817d7172806b280e524b9918582c056cb8e4dc32a1de05b0cce2da9c477044ee00f80d27aebabb190f0c84f149219c4597e452bf39939144a7717b172df8e559d12ee67726c77a92eadd1eca4aa00fffbe2c1c10877e6cd896887091a2714e0c56c9a04e33cd4999295f09e4b397e5b888a0f477222c160317dc3c67938acf09d0746cc39756d6238b849b360df131708f3e4a607938f6b421d686e7aa3e33acb8884937e2d856a534235c2f5f0aa17def4d571257269d94e2bebe7a37bc8ba27cd4131e6f5f88918c57a473531781d0cefc662be97ea9b17087702123a6f179eb97d067c42111ed269e97f8985f9ad820ac41b2a64ef0b414d6475ccc18bd883294290335ed45874572afac63c62df046404883c7a8534b99094ff470217f25e044ca62303cc5bb8d1048911e6020654dc6e6133a04d15e11e28cf677bbfacbc7b7ae390156abc7d20f488df766fb05591a198f6a7b8e74b01fd077e142769f742ac4ddc685c10a393a5d4c49fe361e00307a46dbe8775a960d946bc6bb84faec5b26b16ae34708d79107d90ea70ea82fd5d4d6cd0fb750f98b5bc414596ca83890ff338544d2540c6445dbad8608c662e187531ec09af62943bf9ff5b549879e864d06686e21f0d3457b74fa51e997f68e5973b72a1e1ae8001d08b3a91fb8def5f1f9c02e04ff524294a6ebd6fd6ea2c27a1039647456b64bfa26c26cb4e0bc104985c165925c7daffa94dd7b87b14795fa682689f6680e6aaf5883c0bcc2415c5ab59289e1bd91d30cc0f34aa0ea08905e29fea11f8fffe425301870738694fd5c3aee8b2be978c1f49ba67974302555789a77801fc2fb0bf50228b1257c82da8ca9fa8279e0b0592828a3e6bf3f84405d66abcc369dfd03d6a4cc9edc37061d582901870176671b0edd9d52f11cef4f0a5044fc27ee7a52a825c1e400dfc7065cfbae37a2a23e0845966424491ad444b186b1e22d78dc7cf5f84ceb826f80133fcb206869b45533287337eb7dc238930d6f327e7149cd1fad1effc95bca1c5351f0ca8d5d99af83362b09e5199ef729666b32c6e226d5d92a3ed52f83a5e6fbfa6cf89009b87a026b493173daa42e1332a0ac5efa850b2c1a3241592e04956aa469c7bf1b72bfa2edf26005918bceb78834244c3b624501f42067e4b49c81e8f8224b009e362e87dcbd9fa3489432d6a00279df4f30bfb01eb0b46401a6c44e58ae77cd1755359ab858d856b17bbccb5e44424dde12fa004da85a130c9f844eb29da37177c3ae45a4e504ecf41a0dec20922de2d51368f4017689982ec8c48d780bb6f0c3f9fdb2d09f8cbcf969f9e095b7673cbc62b20e7036e8eab3bd35a922780c72ec66a339c94ff682f982900a6a0ba397c2ffb1e99eef2ebcd65a1d5f446852897748dad4e8abb60e618b9fe13a1ef081ee4724fb574a74669d523ff66cebb0051aee8b2bb4d7c4edf5e6977e4f192d938622fc39a2610e7afb793a7b299b0ede4fddca86a114843af12482fede6b93d5ca0372dcbba19b8fce6071b0b14862293b8da4e9a8eff75543675f0c093186cf67448218beaf2a548404b47c5c61681c3bbcd0ba54fc3c3c25594cceb68f386e2515cfd4f33c298518f2c80780f0ce340b6fe5f6c140e30b0d153fe278b14eb30177b7c375bd65787389176a271f2d59cc5dd55d9fb7f00dd8441e4d17ff8bc6c3bf05f2b50950b2397c34868a8049e11d7cbbea37141d982a480d930fde444310e96a89de85ded2ca0faff8236b82a51e3a1ac0b73c422fd9b5a927bf99647a77e19b72faba9fc6ee2891ecdce856a3241c4f6a91cb7ecd8171a6f17d1edddd7df76b8113f1b3474d8609c7497f719757db5614bcda4c7c4d240c37ea5c0970181ced67a5a0ddeff50d87e4efa8f8e17f7996b907b596b52ec599e82be41f44500166df288e0f8afb3a63596901c18077d146ed51f012f508b217e71d08c0629136e8faec96556a30bab3e1287e3e53d0e4c8bdd76341bb10d7aa404ba53d09965071ea172925a7a78f0e3804b3b1dcf9200f84811560ae1cb66fc76c90fe6c8a7c0df41e442bf1b49c9276eb8fbc932bf959ce5b9d50022de64782daccde17f4077d099281372a37ae96c020b35fcc16bf2f0f6ee372d2fcc7ebd09a515e67c8773e1c3740d460e8ae431123669a287475a47c1287779920d81927a444151305e62acf917aa6328ac71ac9698991ca34212134c11a84bcd9ed8063d2ed07448719c4f503db9722d66a8350903ce580c8e2e1d6135baf3f7b94feb203e02ad7389474edf38c2c34075ebbf6c3dbf92a32db2d1ba6ed6c056182b8a262869557b3641ae94e606b1e7e333d31722be710305bcd9a0f70d1468ec3a9825ccc54085753c1845f72e3102b82985b98bdde78974b3a2ada1e8e790f068b17798b7319117b38ce33ab69e4b2c122cc38c4bd2a296b3652f05a70514af16b48f623fdd1b8fbde4d0a752278f4f5fdc", 0x1000}, {&(0x7f00000016c0)="0d987e9fe4e4a859c344f67810f716f665133ce82a4ccd45bf66c042202efb7ab1ac5add4cdd4274eacb4f6eb5b10bf3d5dd78a6869757339a105555e93b7ee25228fc1d051e3bf02d07a985a2aa7bddca2a3aeaaffba9fed4ebc79d5b3df5592257e91da8c31460b60e87f8232ea04a75d626465ec90a3228d680d81cbaa5a835ef3780f06a96249ada5be503905a1b", 0x90}], 0xa)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140)={0x2, 0x0, [{0x4000, 0x0, &(0x7f0000000040)}, {0x0, 0x96, &(0x7f0000000080)=""/150}]}) (async)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
bind$vsock_stream(r1, &(0x7f0000000040), 0x10) (async)
getsockopt$netlink(r2, 0x10e, 0x9, 0x0, &(0x7f0000000100)) (async)
socket$nl_sock_diag(0x10, 0x3, 0x4) (async)
sendmsg$SOCK_DIAG_BY_FAMILY(r3, &(0x7f00000065c0)={0x0, 0x0, &(0x7f0000006580)={&(0x7f0000006080)=ANY=[@ANYBLOB="2800000014001102000000000000000028001100ea004ac2411e47060aefadfa617ab90000000000"], 0x28}}, 0x0) (async)
recvmmsg(r3, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) (async)
writev(r2, &(0x7f0000001780)=[{&(0x7f00000001c0)="1b5b3f6a62ff004551b1b20fa912ef6c9ac4b694f2a04b7f51c40a70218f885cfc78c0a7779df32143149663e16fff4698cb6ba98f17f458b2b0d8b962a8a081bc1323dce6f8a0f5fba2b052b9816633d8beb405eca8262197e6ef459816aa40c9abaac42d652020a847549cfab2106c8fee5e5f71623f33176951d73a1561e24f84a3e5b05c300b3d0ab6b5aedd71c9aadd39148c50ac1ed687a8b3b254b665630f8521f73631667af1ca3a1e76413d", 0xb0}, {&(0x7f0000000280)="87a54d22cafa9f2507c844e6060462303e2e86f899ba327ba9d4505f52a2155b06365c9b327b521e5c5c3f261108d178", 0x30}, {&(0x7f00000002c0)="9afadc87a3173487ba1ceb5645e498a1d67e7b1d20f78ccc4b71512b9369faa47373658f687fd08b119053df2307651cce48164b4c95ccc0a304b911a32be7d919f3df12ea240778fae02d609b26bfbdff8c586ac5a5bee6297bf37b843356f194db7461acb26bc4d05a306a2f2712be8286381c4edc35bf5dc9756e10ddde531c6333ba2e8ff03a830fcb1d352ff574dec83c280885577f2cd82f93a8bdd5de59c39ec799cd4e75e37e30", 0xab}, {&(0x7f0000000440)="e379a74862252f090782e1b2ab185078392878509ec7a2ff2e193d65b68220e7f73735558ef568b94971be1c52a6617647069112d40a25e82f3e7397db2a3211ac834b622837f2a3a969a9ac47a740944e693f97061c18f9ae9bb059200142feb9d55a1212fc74621115262af74bb663763891bd7ee11bacd352a6ea6dd860081d3e6c3efccf3bae1bc47abb96f20bde581720d49c0d214bbd075cda37d21a96217d65537d6483a6a8434b75", 0xac}, {&(0x7f0000000380)="bd52f17ee3e18ed0d5a2d32ba07c028fb8cf7c7947ae654cbd691174ecb570d492271303d337ea2bf7ef242bf78e2c03027e29d26d273d2a4f1f789680888cc4adcce89621dcd38beaf456c5c4a3", 0x4e}, {&(0x7f0000000500)="d4c9370b737780fb75eef79f925329c9a5836fa3eb1378e98b6db6b971601d3d205f4a0f378e0c3a15d85a071060464d4c1758dd9ce39162", 0x38}, {&(0x7f0000000540)="4d0bb006d3d98739a87b26e15ffe9121c31b7f0fe36edc8f896ddfeda0811a33548a80bccde4fa87151eafd0cb4d64001369a6233934eb3cd404dc3792d95352a52428d25bb199038b5ca3e8e4f1ba58ab4d9d168f8f16d8277178790ffe7b171dd0f2f9423bf4499b27ba6a7e8be31964acafd05842bb7841da207bb72e636036cb1c5be65e2970f90002865ca1ee457dcb0f6c895c43efdfd717e51d487aa1c7cbd9773aaff55c1a1f847ff8b89329e4093257eadc981cb27f126132c81959c4e024b3836bcc75ee8ca17849d11dd2b94027ce932a69a5ab6d2029ec", 0xdd}, {&(0x7f0000000640)="270ac17b3c88270aa7bf39efaea8e8372b28813efc903cc37dca661efc7599e82524468f3bc22adf9405a568e8e298310de1b46edbb1324ad86f14f330d5e1105111fe2cf25d1524f1", 0x49}, {&(0x7f00000006c0)="f42262ccde6cdaf8f5f65c4a26dcc1aefee48bc9b696898d1a706a40cac96c9580049770a54b859f1a6142abd795818c1822645134d580aec312db79015f631b2279a8285ec5118647ab7a8b4fb840b418193c3d3a66eeae892e9cce8a3d4e828dcc548d58828280d21fefe6eedb1cae5aae48d8b2562c188ac8c981ecaf12c500e1c33638bad6b8cf51cfcaf82740d03c00146e61b723c8796841eb991703b90975148f303b2fe10675e9af577d5d771a1dfcbd4ebbcfe09e10a4b05411badd93fd3432ff97de54a3508cfb4191ea31dfd2d3e0c6582b83bc2563aaeabbf5b63d750b1970b2e8f45c24584cbc67918f5c3fa85cd4a71fec43a5e83ebe4ff010681fcc81a2a43ac8d176ccb9100427867462d81b3d3e8a181955406c82b4e9fbc4d73e92da17dcd6da31c848dcad5bcf01d9e2e57b55515878a19bea27fe77e08aaa43286db3e5631d9fa164e7e04d039c3cacfcb2de81df6a41328faaff880b027c1a4fa6e08928e3746a71d26674e15ce11ff9b28055dd316b237b4292c401a01407f3254f6dbba8a0a0f1f2642921c47cf8e0072bb318f4c39b6bf2b391bf5b2019791a10877b0a35e082c6ba93bae76cd64a5b4d97163f2fe5e3af5903b91808627a895e28593de1ff83876bf6d7250e9ffcfdd90e190399aca61ac511e3e973fcb8e9f8af16605442152afd1c277f57cfd0fa95656c5f299a47d85ddfdb607912619dfc76b316ac4a94abdf78ddd0ae68f48b64207751f880737849f4d52e5c990443be7c86a85618be36e8d2e6705dbf64b620a7189904115d4d821644b1990befc72fc42d0aaaec735a3cf1a7b66cba94396cdfd8c033c4931384c94125fe098a698cd776d5c78c586c6bad86f08d45d1e52f6ea3994db4343a3ffcf5e5f351c445381f703f7417fb10c31edd2304663bc9a5fe30cd8319a151557f4b9a6da457a619b1fac46e4feb233268a9d9975d53df08bf10a9a7036bc0143d20873bfa2ecdddcd69362f15d4becc075d6861e115d0b577b2210663ec339931f7b9e944d7b6d392de6bd364a5ce5b954ee3fee15d6f0cc1297ea140dc2c2db6269d93e6ff0b2a766be149d8f1c435d5faf95d37611d6cdc14c3ba5c9fa565bc0cda04e1688c6ab8c4c8ddf4c205637bd4a8023c5f5c6f4239ac0b0003792b9f105b7c7730169f15033df151cdc5df1172835af6e097e71c07d2f3e8abc24b4d5ac683ed5c397434b04e8cecd4983b0a3da3fe1a46c9f4a5f1cc16330f0d5567725d2f1f1fe8c20648d5629591e2960efecfc8d9cc1a97919712db5f3ff987a4a987672cd3eeae091bd06fe701829e581c884669563527f81c3cf7fefaeaab3e6a26f3e703346830a2851318d5d235f69901a635adaf23bbffd559aa586683cda872705506653e701f53c2f855505cbbf674b2ca4c036aec86a2063e5659601af16efc78fc6ef688cc5e5f240696c0e79e9373de424ca240b69ac72c884ac8efed025cd8c1c046c619f6c33ee40a9c3ce21a7901de419b83bb5d75840f8716466548a5ba26580c85a28eef212b0096521e672a4c72c57c0c742cd739292ba4bb72ec96bc94dc0d9b32b31d88938a3b281d092f7779c05aec85a9cf00641e8d11399a3d035e05467b4d47e4d46af7df3bd7cf1d94d6408fda9f4de6bfe313f8dac098dab7a0fcdec49b42ff4eb97bea2f5a1542fc663fcd86c94f9403fb854be07e1b91d1d3e30d9ecde4c9506a6698322ef86bc5cd33a20ccaf03a485315ce2adc8c536b7be5ce93fb73ed54bb1b8560f1acd8ab1eac636e3ea26d6449aad0a8566318097065b565b1f4f1f26288c20af489cc5057042d07327361cbe41bd3e06fda8ea1ab1f1a0c77e5b09ceb545225584fe371a97737f8e72059af717d3c94f5cc5f51b7b2d379ef8fc11b526a1d6529632902293219350444cecb4e58b7bcf0b14e2a579c3be7eebd05c8fd5f009eb4d024f8d901b9225eed10bc2df847470322ea9704e3791eb4639d9105c79962ba3bd79d5fcd4880275948e84e9597ef9753474dab76559318909eb484c3256b5e1b8fbb4e8818e6978f2aaa1105c845f6dd039f36da747dd5563b699b369089847d36d89bc788fe6ae417d85dc0cd0a905e178bae9039eae12c86cb2be924ccf9a4662086137666a5d6d22c4d42c02ee858d9ac9acdb67f3eae896ee6e803ec319ccd6f3f975dd1a2a8f2ecdc0dc62c30e870cf84c035d08d468c379d1a116de215103b50cfdb19e2d09008036e21fa97c8a4ead6e7e8574baa18ae00ce393208a896ab54229f591bf6cd1774b3850fd326db267120bbe5936469d5620e40564f638f9077faddf182b6ea8d13c54eeea110a8e5b920c7d218222bf4c6ca352a627d23c8d89f67347c29e7ac181c0efeaa5ff5fdf56c52eb0e177b73e8e4e8b557c2a0ba132782cac0efc9c8df297e9758f4d723985c234b9ab417be354c2ee54e25557c6091c6fa26a4569f872948ca24c18094dee142d6454fb881d03dfba4daadf2eecb3d6bd838c8eb6adf24c4e464d45b071c65d812a8a5248ca738721a432a5540eb67547fced3b185f332c88208c36ea1524c362bb66bf85d527440f5249cad3e0227cdffc1c78fe04c6b44edfa35818b201f62d68dcf244b2488cf13a77074c3973a5626f9b80e6259d0778f9621b106100987504d0de8309f36bd79989f76332b9f28ed59f52f4ef036efaf30dd053bb0910654d73352d5e265eba73d8582525cf118aff371d29d72025e2bf6c2cfdb7aac1856c43d443a1736813762d4621f300fa2572fdde2c9cba0a0d866a5ecf7574f0f7188c5b8c727e0c833687cedb124517e8238aa7045b67d94310838bd595fd9af7a5dc4355c67218b0205fb5fe06126616a2f8d370717672c93f821fb9d6521d18369d67c702d049022fff48faa8f354b6fa2d34f3592707d68f847ca8c1a60e52ad60a3c4dbb84bc4d003e9b0968db4aa10fce43551d1f7ed0533c275bce3b12ae2c4792baca70383d926055079f978608ac5ffc728ee4b7b76b811c0f914dba95d58327f54b5dbda82c6390f09e6edb2af840f9c43d6663ee62096ffbf4606fb534e52ccc6802a3d1c44018560a8cabe925673c564304608370e26f5839444864590c20d26cab3567d38d6d23fd1905344c9255b9ed9d46545e3efad340ecf536bb99b245d80bf6ef3cf63664f1344092277253cb8d76ce6a441061a6d1ec2496a4649f3710eca8f7ae2b0196f8c70e2ba445714e7875203562fbf9554db4117081ab0120eb001c835598dc0ec4e7ec9172339e5c9aac9ce817d7172806b280e524b9918582c056cb8e4dc32a1de05b0cce2da9c477044ee00f80d27aebabb190f0c84f149219c4597e452bf39939144a7717b172df8e559d12ee67726c77a92eadd1eca4aa00fffbe2c1c10877e6cd896887091a2714e0c56c9a04e33cd4999295f09e4b397e5b888a0f477222c160317dc3c67938acf09d0746cc39756d6238b849b360df131708f3e4a607938f6b421d686e7aa3e33acb8884937e2d856a534235c2f5f0aa17def4d571257269d94e2bebe7a37bc8ba27cd4131e6f5f88918c57a473531781d0cefc662be97ea9b17087702123a6f179eb97d067c42111ed269e97f8985f9ad820ac41b2a64ef0b414d6475ccc18bd883294290335ed45874572afac63c62df046404883c7a8534b99094ff470217f25e044ca62303cc5bb8d1048911e6020654dc6e6133a04d15e11e28cf677bbfacbc7b7ae390156abc7d20f488df766fb05591a198f6a7b8e74b01fd077e142769f742ac4ddc685c10a393a5d4c49fe361e00307a46dbe8775a960d946bc6bb84faec5b26b16ae34708d79107d90ea70ea82fd5d4d6cd0fb750f98b5bc414596ca83890ff338544d2540c6445dbad8608c662e187531ec09af62943bf9ff5b549879e864d06686e21f0d3457b74fa51e997f68e5973b72a1e1ae8001d08b3a91fb8def5f1f9c02e04ff524294a6ebd6fd6ea2c27a1039647456b64bfa26c26cb4e0bc104985c165925c7daffa94dd7b87b14795fa682689f6680e6aaf5883c0bcc2415c5ab59289e1bd91d30cc0f34aa0ea08905e29fea11f8fffe425301870738694fd5c3aee8b2be978c1f49ba67974302555789a77801fc2fb0bf50228b1257c82da8ca9fa8279e0b0592828a3e6bf3f84405d66abcc369dfd03d6a4cc9edc37061d582901870176671b0edd9d52f11cef4f0a5044fc27ee7a52a825c1e400dfc7065cfbae37a2a23e0845966424491ad444b186b1e22d78dc7cf5f84ceb826f80133fcb206869b45533287337eb7dc238930d6f327e7149cd1fad1effc95bca1c5351f0ca8d5d99af83362b09e5199ef729666b32c6e226d5d92a3ed52f83a5e6fbfa6cf89009b87a026b493173daa42e1332a0ac5efa850b2c1a3241592e04956aa469c7bf1b72bfa2edf26005918bceb78834244c3b624501f42067e4b49c81e8f8224b009e362e87dcbd9fa3489432d6a00279df4f30bfb01eb0b46401a6c44e58ae77cd1755359ab858d856b17bbccb5e44424dde12fa004da85a130c9f844eb29da37177c3ae45a4e504ecf41a0dec20922de2d51368f4017689982ec8c48d780bb6f0c3f9fdb2d09f8cbcf969f9e095b7673cbc62b20e7036e8eab3bd35a922780c72ec66a339c94ff682f982900a6a0ba397c2ffb1e99eef2ebcd65a1d5f446852897748dad4e8abb60e618b9fe13a1ef081ee4724fb574a74669d523ff66cebb0051aee8b2bb4d7c4edf5e6977e4f192d938622fc39a2610e7afb793a7b299b0ede4fddca86a114843af12482fede6b93d5ca0372dcbba19b8fce6071b0b14862293b8da4e9a8eff75543675f0c093186cf67448218beaf2a548404b47c5c61681c3bbcd0ba54fc3c3c25594cceb68f386e2515cfd4f33c298518f2c80780f0ce340b6fe5f6c140e30b0d153fe278b14eb30177b7c375bd65787389176a271f2d59cc5dd55d9fb7f00dd8441e4d17ff8bc6c3bf05f2b50950b2397c34868a8049e11d7cbbea37141d982a480d930fde444310e96a89de85ded2ca0faff8236b82a51e3a1ac0b73c422fd9b5a927bf99647a77e19b72faba9fc6ee2891ecdce856a3241c4f6a91cb7ecd8171a6f17d1edddd7df76b8113f1b3474d8609c7497f719757db5614bcda4c7c4d240c37ea5c0970181ced67a5a0ddeff50d87e4efa8f8e17f7996b907b596b52ec599e82be41f44500166df288e0f8afb3a63596901c18077d146ed51f012f508b217e71d08c0629136e8faec96556a30bab3e1287e3e53d0e4c8bdd76341bb10d7aa404ba53d09965071ea172925a7a78f0e3804b3b1dcf9200f84811560ae1cb66fc76c90fe6c8a7c0df41e442bf1b49c9276eb8fbc932bf959ce5b9d50022de64782daccde17f4077d099281372a37ae96c020b35fcc16bf2f0f6ee372d2fcc7ebd09a515e67c8773e1c3740d460e8ae431123669a287475a47c1287779920d81927a444151305e62acf917aa6328ac71ac9698991ca34212134c11a84bcd9ed8063d2ed07448719c4f503db9722d66a8350903ce580c8e2e1d6135baf3f7b94feb203e02ad7389474edf38c2c34075ebbf6c3dbf92a32db2d1ba6ed6c056182b8a262869557b3641ae94e606b1e7e333d31722be710305bcd9a0f70d1468ec3a9825ccc54085753c1845f72e3102b82985b98bdde78974b3a2ada1e8e790f068b17798b7319117b38ce33ab69e4b2c122cc38c4bd2a296b3652f05a70514af16b48f623fdd1b8fbde4d0a752278f4f5fdc", 0x1000}, {&(0x7f00000016c0)="0d987e9fe4e4a859c344f67810f716f665133ce82a4ccd45bf66c042202efb7ab1ac5add4cdd4274eacb4f6eb5b10bf3d5dd78a6869757339a105555e93b7ee25228fc1d051e3bf02d07a985a2aa7bddca2a3aeaaffba9fed4ebc79d5b3df5592257e91da8c31460b60e87f8232ea04a75d626465ec90a3228d680d81cbaa5a835ef3780f06a96249ada5be503905a1b", 0x90}], 0xa) (async)

2.078492314s ago: executing program 3 (id=3046):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4c80, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) (async)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f00000001c0)="0f01c4d82765defe0f01c8b881000f00d86564dd22f20f2af70f01c9b80a000f00d02ef0800100", 0x27}], 0x1, 0x11, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$CDROM_CHANGER_NSLOTS(r0, 0x5328)

1.874433679s ago: executing program 3 (id=3048):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="820000000000000008010040"]) (fail_nth: 3)

1.770180346s ago: executing program 3 (id=3049):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x8)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
preadv(r3, &(0x7f00000001c0)=[{&(0x7f0000001140)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r4, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
r5 = dup(r2)
r6 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCETHTOOL(r6, 0x8993, &(0x7f0000001440)={'bond0\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x1, 0x8, 0x1, 0x0, 0x0, 0x3, 0x6, 0x0, 0x0, 0x5, [0xbff, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1]}})
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000008010040ad805cf0d6564fe1e57cba050a8adac547cf8fbad1e2e8ec59d24d67e1c5b6aa3a572c50827fa8782936d8169386dd8fb98955bad3629045c165e8616a65e0d5cca6a19a685f4fb6e77aec70ab032076f2941181bbe80fc6b3f87817e417e9916c896683ba3e24ae43fa5f1acb97ee9efce4d948d42c8c0a1dc0ba57c4d62b60ce76412900"/156])
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r7, 0x6, 0x14, 0x0, &(0x7f0000000380)=0x28)
syz_open_dev$hiddev(&(0x7f0000000000), 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="7a0af8ff75253073bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f81d9217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000098045f785a1292fcb8c1d3079a00db453620ce72d75946c2b638d91dbef661935839c77edf2d34b12cd48a1b20fb7dd8430a19f2c50d77bc0ea9b0af58e604f4942eb613eff28902010045ef76d7d864409ef2dc9518a09f4886afc26abba34635d0e8b598a51bc7421d33fe226c944bc76be40d435aa8b5208ff0df2db7619a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be34dda66fb977aef7c9cb92428ef25d9bf665bd60020500000000000000abe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e02200b95941d34ac81fd48f9b7314ffa730017f3d37fdb23bc26992529402a520ef67e246415a697a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f000000000080c4adf75a0a108585e9b2000000000000000000000074054d643c2b5692d8304a23eaf9153c457ae5bbe49b3c164461470a452bd357fa62341c759dc21b45a06ec414cadf9695d030012acad582e3fe75e61ae908347e4d6d089b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$sock_attach_bpf(r8, 0x1, 0x32, &(0x7f0000000040)=r10, 0x4)
sendmsg$unix(r9, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r11, @ANYRES32=r12, @ANYBLOB="0200"], 0x10)
setsockopt$inet6_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f00000007c0)={@in6={{0xa, 0x4e21, 0x400, @private2={0xfc, 0x2, '\x00', 0x1}}}, 0x0, 0x0, 0x27, 0x0, "13a14c918a51a3bba02063a5dc9777fd6d5c44209816a9ed22d230f6a64300265686b1d9551bef2431e1c80582a1897d2c8ae8acdf2fc88ebfa0d272f32633930348801584e45ad5a7cb147d6b8d3ce4"}, 0xd8)
r13 = socket$phonet_pipe(0x23, 0x5, 0x2)
getsockopt$PNPIPE_INITSTATE(r13, 0x113, 0x4, &(0x7f0000000180), &(0x7f0000000080)=0x4)
socket$l2tp(0x2, 0x2, 0x73)

1.650195514s ago: executing program 3 (id=3050):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000240)={0x11, @multicast1, 0x4e1f, 0x0, 'lblc\x00', 0x0, 0x0, 0x4}, 0x2c) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x2}) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r3)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x20, r4, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xea}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000) (async)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000180)="6824a8f080ae00006a663ef20f1eeadb9f670066b9800000c00f326635010000000f30baf80c66b8e932708866efbafc0cb000eebaa00066ed2e0f8ff477660f388229dbe0", 0x45}], 0x1, 0x70, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SIOCGSKNS(r6, 0x894c, &(0x7f0000000140)={'bridge_slave_1\x00'}) (async)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.440189528s ago: executing program 3 (id=3051):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc00"/27], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000300000000000000ac1e000100000000000000000000000000000000000000000a004000"], 0xb8}}, 0x0)

819.882203ms ago: executing program 1 (id=3063):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x104})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
r6 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x10})
r7 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000200)={0x9, 0xffff, 0xc})
close_range(r0, 0xffffffffffffffff, 0x0)

734.896062ms ago: executing program 1 (id=3064):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@ipv6_newrule={0x24, 0x20, 0x1, 0x0, 0x27dfdbfb, {}, [@FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e20, 0x4e21}}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="9400000010000104000000000000000012000000", @ANYRES32=0x0, @ANYBLOB="0300000000000000640012800b0001006970366772650000540002800800150061db0a0008000100", @ANYRES32, @ANYBLOB="14000700fe8000000000000000000000000000aa08000d005fe1ffff060010004e22000008000500200c000014000600fc"], 0x94}}, 0x0)

629.361759ms ago: executing program 2 (id=3066):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @loopback}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x12, 0x0, &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
recvmmsg(r1, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000780)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000829bd7000fedbdf25120000000800060000040000180001801400020076657468315f746f5f7465616d0000002400018008000100", @ANYRES32=0x0, @ANYBLOB="000000004000a018080001002f46c188beaf3ac1ceafa10ba1b9c6f9745ae0aef1d9bb1289d3c4270ed9c38df25795a9b72cb540eb3258061afc2dc61f475130b4308f01b34c9ea7cb71c6f742fb108a5e7c76a71dd661c76a57586cac26255e9bd667300ab22964fb02dadca94ec0ca391e83933261efe2993882e28d5582bae683822bbb08d67a9b29f779392f00d1923e6498b73097d9188c", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x880}, 0x4000855)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
write(r3, &(0x7f00000009c0)="1e67b9978505b86c43ce20e253428acad78c8dfa19a043a983846c4ece7ba7921740dd3f487c57ef51ddfe5a869da08b55fcb8d7f59984f713aaa79edb666fde6a96ae8952f9f8259881d2c0704c8392883e5b1545dd13e640107c92f3acd620fa09918b1d917a9e83ae1badb44e8fa14e298b945313dda0d588ebee8a387f1b096aed0e79607fb21ba34d455029f19ef4fd307e8963cc724e904eae66352d8095e558c1b5197ba2bc4ca4b501c2488a5c9f3a3142f76878a2a87fe7f4a6ef14a9d4f4f0469cba9701e1bada85a9d876f71c4a323c2fd587d2431679e2a75b35240ba03347ae186e28907435caec72f8e223c98d0ad526a3dbdd01568d47dcbf8a0f8eff2d412cbd9e8f49a12b28e446dba4f1bdc04af45903bdbf5cb7e928ab5c6b56d58fd7e309dc611aff20045f5aaa5d063adb1842b8746e828a3cdd18e79446e8e0e9cc0ddba08afda3ccbec4afcd404d703afa1b9740150f3ca568fbb89584b4efd7b3546d1d8b77b2d7ab355329973210491642b8015762672a9f820c0c53002bdbccbaf04a7549270c75c09d3924c61ad95d914f20bea5767f5b0d18a79f1f3e0d6c9aaefe92b0c00baa9fe4a0613ef782b5766ce425e9a5174c94d8d759e834cd315129cb7a87dbb57ecaaa3e684bab62f38b448f51eac8f7fca5d5543460d0ca4e3fde55146e7faad5b29858c4df84160a139cd4fa9cc6b99c1cb4dc4249d71618af31c68613adb68c8173e327a9c0fad1bd5ed631d97cd295eec914bf38701db60bd873b4a218875d36d13c17e0e354656e838b9ff6d0b396ac12de1d2b28c9473f9306e6179c58b764d6b222aa6e3132d457288785b6870683e21786d8d375f2675e6561f8637e2f32d344227fce901a5dd7f289da452d7f3d4c9406d77b8da0059396ffb1e905ca2bd708c42af5c560c3cd9bf213258e7c532a34e7ad1813d1822ad0f27f15c302ee965603b5641b2153dabe7b25a46ce1cb99ee32ed5c89fc54f91b00d29ef3a6eee20262ee3b48aad126b2b76912143599d4152c76c50ce2a6a6e7dd973bf1e99b9ad385b2e93397c18e6ea3c2d4b4d756477db085949d91adcfe878af9d880126795316748cce7e9151da456d0853a6a12b48d818f05db468be40910c5f26aa0be6e65ef2749ff33edd1c8a2e85c0e2935bdddc4a27926cd39714ffd5c0bc258e8e36a7ab36feefea1a71073da5e43476eee64021d8af5eef72e77129b1de6b4d5e860843991e694c6a1c24bdaf4ca7da8e3f9bf80ea5732439380d89fa498dd9e8a99a40b294cf587a02198aedc71db2bf1ef1a513c1d23c64589996e0e3522b216a8158e8122f68c240e02f247dbfba831a0bf38d18708f7066352dfc4fa135f43120433672cbb555507d67fc3d76b3fa36028ec908039b1c9cfbde7588d4d3d3f8db4650229d31c7658c541697ff014239f2c3c056cd46bf201f63cd7f54bcf7a9bca8074a14fe91f4d21dc6ea1cdafdd33b4b41bd1fa85ccc622023861e50e09393847ae3e8f9f8102a59045bcb7f601a462fbcc3dfd194f28a09d85b727beb1fbc616032a509a791b0c58e5dd9d96ad07f7ec14ead21b0a184b5f33165a85a168f011ba96cbcc6a3c1eefb46cd35611ebe7861502942c01ebf3d450c837817a51f7f4c7414f7b0d92fdd3d90f59fb806d5c30af9d3635f601ab6e2a52bf465e2c95fd645962a64ecde4f1de6673443a74355cedb798ece233843ad54b093ffa69ad983a8754781fa407a5b7b8deec9fb089bd1d6785f4c5401676dc7684dbcbe60f7532acbd1360eb0206df2dbfe07bba6f35a21a4c702b9e4a2171985965845ef57dee1a9a8053a45c4d0af4bedaa2a961831049e0d1991c670116dd8ffdc60c17693eb8e465a143574345920f2660c0a58915c8a8ee0d5a7664bedf76552e5cc2f6254846d4038b55fbeb0b2b9f89ca450fff2df75f220404e4e9083532d80450b4c40dffffbf50e8d099ad291f0332e805ed0112bfd58b02015a651b31bc0103318558e075e4a4c44fd289fde56f3f04711b947ac0bb0aef09a621e84d55fb10bc1f9e3eed4679dbf9a171c1adba603a10e34350812d6158f2d8833c6bb4bebdc733828e4abf3e1e790542f3fd29b9ea97ef6ccaf808e843bc4e8557598633cbb2fa12ff26265deef2f8b79286cad6373b926663029cfa49004bf1efd6989148f058a8a6707e2e8091fd7d409b063387c6f4f70190e3b68411372e4401fcb6dcc8bfdbaf45d97f9c3ad8720d235deee8b7e9786aae255f3abfc082df3eb41535a7b2e8d51f46c29befd4bef399f45a88c852f9b44", 0x667)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x200, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r5}, 0xc)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x5, 0x2})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e24, @multicast1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000007000000050000000100000f080000000d0010000400060103000000005f30002e61"], 0x0, 0x37, 0x0, 0xa, 0x0, 0x0, @void, @value}, 0x28)
ioctl$KVM_GET_VCPU_EVENTS(r8, 0x4048aecb, &(0x7f0000000080))
r9 = dup3(r2, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000680)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6313}], 0x0, 0x0, 0x0})
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r11 = dup(r10)
write$UHID_INPUT(r11, &(0x7f0000001980)={0xc, {"a2e3ad214fc752f91b3d060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b305d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x5f1}}, 0x505)
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f00000001c0)={0x20, 0x0, &(0x7f0000000240)=[@register_looper, @release={0x40046306, 0x2}, @acquire_done={0x40106309, 0x2}], 0x2a, 0x0, &(0x7f0000000180)="8698a5b8d9741cb6a7af77191074cae4b83f45e4faf4a906f2f78c30ffde75937b7aa92272411ef7ee99"})

537.0634ms ago: executing program 1 (id=3067):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="820000000001000008010040"])

467.814645ms ago: executing program 2 (id=3068):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003e40), r2)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000005700)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f0000005800)={0x0, 0x0, &(0x7f00000057c0)={&(0x7f0000005740)={0x2c, r4, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x1}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="2c000000190001090000000000000000021800000000fd090000000008000100ac14140008000f00ff007f"], 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r8 = dup(r7)
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="820000000000000001000040"])

467.406552ms ago: executing program 0 (id=3069):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e890d02120001aaaaaaaaaa1210020987014a07f70000000000000008"], 0x8c)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0xd8, 0x24, 0x90d, 0x0, 0x0, {0x60, 0x0, 0x0, r9, {}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@TCA_STAB={0xb4, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x7, 0x3, 0x0, 0x0, 0x80000000, 0x1, 0x5}}, {0xffffffffffffff80, 0x2, [0x100, 0x9bd, 0xc1, 0x4, 0x8]}}, {{0x1c, 0x1, {0x7, 0xc, 0x1e, 0x4, 0x2, 0x46c0e61e, 0x3, 0x4}}, {0xc, 0x2, [0x2, 0x14, 0xb74, 0x1]}}, {{0x1c, 0x1, {0x81, 0x9, 0x4, 0x1, 0x0, 0x5, 0x4, 0x5}}, {0xe, 0x2, [0x800, 0x6, 0x401, 0x4, 0x405]}}, {{0x1c, 0x1, {0xd9, 0x41, 0x6, 0xca, 0x0, 0x6, 0x9, 0x8}}, {0x14, 0x2, [0x2, 0x9, 0x2, 0x101, 0x3, 0x7, 0x10, 0x2]}}]}]}, 0xd8}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f00003e1000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x8140aecc, &(0x7f0000000a00)=ANY=[@ANYBLOB="000000000000ce9f7da4b9befb2631c4000063aec5f95da36832aad413689609000000000000000000000000ddbcf7114e30f25611686b6348eb8c0b1ce142c0c0d9c0f1eadf7ba9b2cdc8d9a3671f4951242929032cfa1aaab36a210c2c9584299862695d703b505808b595aa113b158f3f9e3dadace0420f5770adcb4034e9a0fe235f6a3596a2c893b29bd828a9dea653ecd23ece0241f86ac68b54f5cd89f869829c601766b8eaf43367872790c0f8ae22f1265fb273e308a81aa8a7615063b8ec3d4e1b4a5caaedfa92b210446cfe0dbeca21c48e73a7c4a85463b406ceb754"])
sendfile(r3, r3, 0x0, 0x8)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r11, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002040)={&(0x7f0000000240)={0x1c, 0x2, 0x3, 0x305, 0x0, 0x0, {0x7, 0x0, 0xffff}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x1}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0xc804)
sendmsg$NFQNL_MSG_CONFIG(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff000000000800010001"], 0x28}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000020301030000010400000004000840000800010001"], 0x1c}}, 0x0)
close(0x3)
r12 = syz_usb_connect$cdc_ncm(0x3, 0xa7, &(0x7f0000000100)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x95, 0x2, 0x1, 0x7, 0x10, 0x80, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x8001}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x104, 0x3ff, 0x6}, {0x6, 0x24, 0x1a, 0xfffb, 0x2}, [@mdlm={0x15, 0x24, 0x12, 0x4}, @mbim_extended={0x8, 0x24, 0x1c, 0x4, 0x8, 0x4}, @acm={0x4, 0x24, 0x2, 0xc}, @mbim={0xc, 0x24, 0x1b, 0x7ff, 0x3, 0x8, 0x0, 0xfffd, 0x9b}, @mbim={0xc, 0x24, 0x1b, 0x6, 0x2, 0x81, 0xa, 0x7}]}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0x6f, 0x13, 0x4}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x48, 0x6, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x3, 0x7}}}}}}}]}}, &(0x7f00000004c0)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x201, 0x8, 0xf7, 0x1, 0x10, 0x1}, 0x16, &(0x7f0000000200)={0x5, 0xf, 0x16, 0x2, [@ext_cap={0x7, 0x10, 0x2, 0x14, 0x3, 0x5, 0xad6}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xc6bd77e666313c3f, 0x6, 0x9, 0xff80}]}, 0x3, [{0xec, &(0x7f0000000280)=@string={0xec, 0x3, "3cc3e26937d6d396cefbaf8da04ff23ad5ca3e42c6f6152364483bc771e4d745702a0ebdd328d0be831d29d96e239e75712c210b71dcf81186dbefe6d812f0fc930f13614f9f1a98bb623c6da618e5ee3acfaf0ea5ea9a9ee0d4c4fa46727b27f7c08c8916cca64e0056659627524b7ced8ed709082d89c3b6007f01e14fe6f02dbe8d0734e086feb3398708734d0b924cae0293a23e0f6ef86f5274094deb0e37b62daafd28e4162310ef2ef0be1f3f5325ba0269da3d60af0f93cbd48208ecc286c63ffa2b4e3d40e5b2715d3293182fc758447be275274800cb2c4df39e516f9ac37ab8e7925100c9"}}, {0x12, &(0x7f0000000380)=@string={0x12, 0x3, "7446ca37282a6bd51db6992296457add"}}, {0xe8, &(0x7f00000003c0)=@string={0xe8, 0x3, "e01affe1d3b1a00c14ca389d0d71872485c5aa44bda70b9a5886e62dfdedef47d6a548e7610742337064b52fff301d3f543b0bbe0722e85fef571690c1784ef8037d3e63a3f196bf3e12cb4c1b8b700f5dbb0a9212cfd20b294da8ba7cf0d607c731088a20b0ae7d4dc0690e55b83c321ab1d2cb0128e3fc21741745b623efac7d2675474c5411d024a2dd1d89508a88333c4d5499159edbff0e3baf6c44796782882481481408c2df9a7812dde50bf1b90c9c34110036b67f77a3d311bdeb4fa6ce3c866cc92304981cad525d9a190daaf57af9cfe5ebf0a252a29a8cfa6fcf6244f78641fc"}}]})
syz_usb_control_io$cdc_ncm(r12, &(0x7f0000000640)={0x14, &(0x7f0000000500)={0x20, 0x22, 0xe2, {0xe2, 0x9, "0ac5bc7a1402da6f6d5c61fc79db70d17697d6e60c26a377b6d9de406581c3c20e674e5917f6dc0acc7b0c0429dc76e52f9061a216910ea08f05a7d7e7e61660a09f669bbc6ccaa38a07184101ca1acf2a210bc1aae606df80ab946a188e36b336249e198d574f53799592dd29e0cb8298c99d9af452bb14498e281dad84f8ea44bea54054c6e34af0eed9a38a85450dd59098b5bb274f11b7ee026e58d23001b6fdb4ce1a1c5f9eea82db67ec5477db49a527209ea71328762773be1f29e9cdbd250cf439d5a6977acfd9438211569b4da7c9ee4fff4cc359aefcc54a23caa3"}}, &(0x7f0000000600)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000980)={0x44, &(0x7f0000000680)={0x40, 0xe, 0xbb, "159fae2cd9a97262048207f43a6bcabcea0700c377b787c1f2f58ec9162156b2fa83dcb968289472d6369f5d28ea049c4a19dfd3cead6ab7b1052d7da56675346b99e27246be344e485e812c71dd41117d8300f3852cd11a47ed3928e7af2bc2153fdbe287a4f2cef5dd35f79aecb014a5fff53dcb0ae6fa7f8c681cb89b4a7e6fc2ac8b157cd51824da4f84357a23087ff69b87e49992ba91768a24f0b7694ef9eda57171053886fbace1c673e53565ec21592e0920528ef551a6"}, &(0x7f00000007c0)={0x0, 0xa, 0x1, 0x8}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x8}, &(0x7f0000000840)={0x20, 0x80, 0x1c, {0x1, 0x0, 0x100, 0x1ff, 0x8, 0xe, 0x7, 0x9, 0x4, 0x5, 0x8, 0x1}}, &(0x7f0000000880)={0x20, 0x85, 0x4, 0x3ed}, &(0x7f00000008c0)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000900)={0x20, 0x87, 0x2, 0x5}, &(0x7f0000000940)={0x20, 0x89, 0x2}})

408.652558ms ago: executing program 1 (id=3070):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff"], 0x48)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xaece, 0x0)
preadv(r2, &(0x7f0000000540)=[{&(0x7f0000001dc0)=""/4100, 0x478}], 0x100000000000004d, 0x8, 0x400000)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r3, 0x29, 0x41, &(0x7f0000000200)=ANY=[], &(0x7f0000000040)=0x28)
prctl$PR_SET_PDEATHSIG(0x25, 0x2000000000034)

280.649966ms ago: executing program 1 (id=3071):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="820000000000000008010040"]) (fail_nth: 6)

279.970473ms ago: executing program 2 (id=3072):
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x17, 0x4, 0x6, 0xfffa}, 0x1d, [0x0, 0xc95a, 0xfffffff3, 0x4, 0x80, 0x2, 0x3, 0xfff, 0x6, 0x4d, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x4, 0x0, 0x4, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x24, 0x9, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x7fff, 0xb, 0x80000001, 0x7fff, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x71, 0x2, 0x5, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x3, 0x0, 0x92a3, 0x4, 0x1, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0xfffffffc, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x1000, 0xfffffffc, 0x3, 0x0, 0xb, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x3fe, 0x1, 0x6, 0x1, 0xff, 0x5, 0x5, 0x5f31, 0x4, 0x0, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x7, 0x8000, 0x1, 0xfe000000, 0x9, 0x2, 0x7f, 0x9, 0x3, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x7, 0x6, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x1, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x1, 0x8, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x5, 0x6, 0x2, 0x3, 0x8, 0x4, 0x8001, 0x5, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x53cf617b, 0x5, 0x6, 0xac8, 0xbf, 0x10002, 0x3, 0x7ff, 0xfffffff9, 0x2, 0x4, 0xffff, 0x0, 0x6, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0x25], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x1, 0x3d9, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0x7, 0x1, 0x1003, 0x104, 0x10000, 0x9d, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0x6, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0xb, 0x2, 0x4, 0x6, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x4, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="70000000100003040000800000000000a1007400", @ANYRES32=r3, @ANYBLOB="0000000003120100500012800b000100627269646765000040000280080005000100000006002700000000000800010015000800050025000000000008000400000000000c002e"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

78.266139ms ago: executing program 2 (id=3073):
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x8008af26, &(0x7f0000000680)={0x22f})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@link_local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @multicast1}, @address_request={0x11, 0x0, 0x0, 0x4000}}}}}, 0x0)

640.843µs ago: executing program 2 (id=3074):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000003700)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2", 0x24}], 0x1}, 0x20000}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="b1", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000001c0)="3dbe33faf3597dcad38c7f076a09d0f7090253d1e2c69753fdd90a509139be4aa82b1390602b5905bdf11557cd9cb9e757255125f9f616b37e43222b53b0a8b9b3aa57573b23f185f86e3201a62f3bdb53096e144840e98a91c66dabcc37b93bdc19b60e3ee799ef7865f866959d2641b5876523fe67fd11503032e174f8f163731eb5e4663bc77f97687b59bd22c96f90b91cae", 0x94}, {&(0x7f0000000d40)="13fe0d0ebaa8f8e6945eda37626722a991bb043a3f0055b3077bbb48090fc9ec5ce2b21e4a08fe7ade767d68a0429b24ae1af46fd6bc808750074e324dfb9a870aa3ff152df224", 0x47}], 0x2}}], 0x3, 0xc0)

247.114µs ago: executing program 1 (id=3075):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'pim6reg\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_emit_ethernet(0x4e, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd308", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x8bc, 0x0, 0x0, {[@generic={0x22, 0x2}]}}}}}}}}, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r3, 0x0, 0x30, 0x7a, &(0x7f0000000000)="d2c66771c5bef1caec3d52de96f461dda499d58053f730e9319af5cbce9cdd808670321da9426adf0ab1401ebd52483b", &(0x7f0000000080)=""/122, 0x2, 0x0, 0x14, 0xbe, &(0x7f0000000100)="b342b72369510cebf4f0d467c4848d1259d7a5d4", &(0x7f0000000140)="3bb35f5f436e9f864f605cb83b477fc4d70cec7d2a20f11de9a7f2e0758c6d6a7b08f712b7bb8578c9c7040dc9a420e1f6c9db91e43a884037965bfbc59a0462c61a0f5105b023279e5bf60377d7add0fa3a53084a98c1eb391498be510d958cb0f6409ab3600222c1b039dffdaad8652836caaf4b675a56ce31fa78388b02bf1f66e7c813c1919fcd8e33fb2e51afbd05d0ad8a54b70d3d59e114b29a783843c930f3e7991991a707787640fe16cb88a9d5584ecd1a65a3cc531c1a12d0", 0x2, 0x0, 0x7}, 0x50)
ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
mlock(&(0x7f000020d000/0x3000)=nil, 0x3000)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f000000e000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

0s ago: executing program 2 (id=3076):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000008c0)=r1, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x2}, &(0x7f0000002000)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4000, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r2, 0x48e9, 0x0, 0x2, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

): Enslaving as an active interface with an up link
[  248.545122][T12975] team0: Port device team_slave_0 added
[  248.550769][T12975] team0: Port device team_slave_1 added
[  248.582645][T13018] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  248.582824][T12975] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.587660][T12975] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.595825][T12975] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.600274][T12975] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.602463][T12975] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.611538][T12975] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.653677][T12975] hsr_slave_0: entered promiscuous mode
[  248.655919][T12975] hsr_slave_1: entered promiscuous mode
[  248.658041][T12975] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  248.661414][T12975] Cannot create hsr debugfs directory
[  248.782269][T12975] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.849941][T12975] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.953228][T12975] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.010686][ T5940] Bluetooth: hci4: command tx timeout
[  249.066078][T12975] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.130236][ T5974] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  249.221413][   T46] bridge0: port 3(batadv0) entered disabled state
[  249.225770][   T46] bridge_slave_1: left allmulticast mode
[  249.227590][   T46] bridge_slave_1: left promiscuous mode
[  249.230815][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.234440][   T46] 
@ÿÿ: left allmulticast mode
[  249.235950][   T46] 
@ÿÿ: left promiscuous mode
[  249.237482][   T46] bridge0: port 1(
0
@ÿÿ) entered disabled state
[  249.269810][T13052] FAULT_INJECTION: forcing a failure.
[  249.269810][T13052] name failslab, interval 1, probability 0, space 0, times 0
[  249.280176][T13052] CPU: 3 UID: 0 PID: 13052 Comm: syz.0.2445 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  249.280196][T13052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  249.280203][T13052] Call Trace:
[  249.280208][T13052]  <TASK>
[  249.280214][T13052]  dump_stack_lvl+0x16c/0x1f0
[  249.280251][T13052]  should_fail_ex+0x512/0x640
[  249.280269][T13052]  ? fs_reclaim_acquire+0xae/0x150
[  249.280286][T13052]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  249.280304][T13052]  should_failslab+0xc2/0x120
[  249.280318][T13052]  __kmalloc_noprof+0xd2/0x510
[  249.280332][T13052]  tomoyo_realpath_from_path+0xc2/0x6e0
[  249.280351][T13052]  ? tomoyo_profile+0x47/0x60
[  249.280364][T13052]  tomoyo_path_number_perm+0x245/0x580
[  249.280378][T13052]  ? tomoyo_path_number_perm+0x237/0x580
[  249.280394][T13052]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  249.280411][T13052]  ? find_held_lock+0x2b/0x80
[  249.280451][T13052]  ? find_held_lock+0x2b/0x80
[  249.280470][T13052]  ? hook_file_ioctl_common+0x145/0x410
[  249.280493][T13052]  ? __fget_files+0x20e/0x3c0
[  249.280515][T13052]  security_file_ioctl+0x9b/0x240
[  249.280542][T13052]  __x64_sys_ioctl+0xb7/0x200
[  249.280569][T13052]  do_syscall_64+0xcd/0x260
[  249.280596][T13052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.280614][T13052] RIP: 0033:0x7fdd8f98e969
[  249.280628][T13052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.280645][T13052] RSP: 002b:00007fdd90756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  249.280663][T13052] RAX: ffffffffffffffda RBX: 00007fdd8fbb5fa0 RCX: 00007fdd8f98e969
[  249.280676][T13052] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  249.280686][T13052] RBP: 00007fdd90756090 R08: 0000000000000000 R09: 0000000000000000
[  249.280698][T13052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.280709][T13052] R13: 0000000000000000 R14: 00007fdd8fbb5fa0 R15: 00007ffd004393d8
[  249.280749][T13052]  </TASK>
[  249.280773][T13052] ERROR: Out of memory at tomoyo_realpath_from_path.
[  249.351936][ T5974] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  249.354678][ T5974] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  249.357940][ T5974] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  249.360823][ T5974] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  249.364207][ T5974] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  249.369050][ T5974] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  249.371970][ T5974] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  249.374501][ T5974] usb 7-1: Product: syz
[  249.375924][ T5974] usb 7-1: Manufacturer: syz
[  249.387008][ T5974] cdc_wdm 7-1:1.0: skipping garbage
[  249.388813][ T5974] cdc_wdm 7-1:1.0: skipping garbage
[  249.395887][ T5974] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  249.397776][ T5974] cdc_wdm 7-1:1.0: Unknown control protocol
[  249.424616][   T46] bond6 (unregistering): (slave erspan0): Releasing active interface
[  249.663885][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  249.667266][   T46] bond_slave_0: left promiscuous mode
[  249.672006][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  249.676073][   T46] bond_slave_1: left promiscuous mode
[  249.678560][   T46] bond0 (unregistering): Released all slaves
[  249.686775][   T46] bond1 (unregistering): (slave wireguard0): Releasing backup interface
[  249.691254][   T46] bond1 (unregistering): Released all slaves
[  249.731361][ T1143] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  249.735965][ T1143] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[  249.740597][ T1143] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[  249.744983][ T1143] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  249.834273][   T46] bond2 (unregistering): Released all slaves
[  249.841023][   T46] bond3 (unregistering): Released all slaves
[  249.915127][   T46] bond4 (unregistering): Released all slaves
[  249.997447][   T46] bond5 (unregistering): Released all slaves
[  250.053400][ T5940] Bluetooth: hci3: command tx timeout
[  250.080113][   T46] bond6 (unregistering): Released all slaves
[  250.134910][T13082] FAULT_INJECTION: forcing a failure.
[  250.134910][T13082] name failslab, interval 1, probability 0, space 0, times 0
[  250.139415][T13082] CPU: 2 UID: 0 PID: 13082 Comm: syz.0.2457 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  250.139441][T13082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  250.139453][T13082] Call Trace:
[  250.139460][T13082]  <TASK>
[  250.139469][T13082]  dump_stack_lvl+0x16c/0x1f0
[  250.139498][T13082]  should_fail_ex+0x512/0x640
[  250.139524][T13082]  ? fs_reclaim_acquire+0xae/0x150
[  250.139551][T13082]  ? tomoyo_encode2+0x100/0x3e0
[  250.139576][T13082]  should_failslab+0xc2/0x120
[  250.139598][T13082]  __kmalloc_noprof+0xd2/0x510
[  250.139623][T13082]  tomoyo_encode2+0x100/0x3e0
[  250.139653][T13082]  tomoyo_encode+0x29/0x50
[  250.139676][T13082]  tomoyo_realpath_from_path+0x18f/0x6e0
[  250.139703][T13082]  ? tomoyo_profile+0x47/0x60
[  250.139718][T13082]  tomoyo_path_number_perm+0x245/0x580
[  250.139733][T13082]  ? tomoyo_path_number_perm+0x237/0x580
[  250.139749][T13082]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  250.139764][T13082]  ? find_held_lock+0x2b/0x80
[  250.139791][T13082]  ? find_held_lock+0x2b/0x80
[  250.139804][T13082]  ? hook_file_ioctl_common+0x145/0x410
[  250.139819][T13082]  ? __fget_files+0x20e/0x3c0
[  250.139832][T13082]  security_file_ioctl+0x9b/0x240
[  250.139850][T13082]  __x64_sys_ioctl+0xb7/0x200
[  250.139867][T13082]  do_syscall_64+0xcd/0x260
[  250.139885][T13082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.139897][T13082] RIP: 0033:0x7fdd8f98e969
[  250.139908][T13082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.139919][T13082] RSP: 002b:00007fdd90756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  250.139929][T13082] RAX: ffffffffffffffda RBX: 00007fdd8fbb5fa0 RCX: 00007fdd8f98e969
[  250.139937][T13082] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  250.139944][T13082] RBP: 00007fdd90756090 R08: 0000000000000000 R09: 0000000000000000
[  250.139951][T13082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.139957][T13082] R13: 0000000000000000 R14: 00007fdd8fbb5fa0 R15: 00007ffd004393d8
[  250.139971][T13082]  </TASK>
[  250.139982][T13082] ERROR: Out of memory at tomoyo_realpath_from_path.
[  250.146166][   T58] usb 7-1: USB disconnect, device number 37
[  250.146782][T12975] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  250.221574][T12975] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  250.226255][T12975] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  250.233593][T12975] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  250.261983][   T65] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  250.266477][   T65] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[  250.271104][   T65] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[  250.275648][   T65] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  250.280541][   T46] tipc: Disabling bearer <eth:syzkaller0>
[  250.287876][   T46] tipc: Disabling bearer <udp:syz0>
[  250.290341][   T46] tipc: Left network mode
[  250.314308][T12975] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.346450][T12975] 8021q: adding VLAN 0 to HW filter on device team0
[  250.364874][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.367323][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.375942][T13095] : entered promiscuous mode
[  250.385211][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.387435][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.404598][   T40] audit: type=1400 audit(1747362715.796:25854): avc:  denied  { write } for  pid=13096 comm="syz.1.2463" path="socket:[62934]" dev="sockfs" ino=62934 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  250.496764][T12975] 8021q: adding VLAN 0 to HW filter on device batadv0
[  250.518486][T12975] veth0_vlan: entered promiscuous mode
[  250.535507][   T46] hsr_slave_0: left promiscuous mode
[  250.537743][   T46] hsr_slave_1: left promiscuous mode
[  250.539787][   T46] batman_adv: batadv0: Interface deactivated: dummy0
[  250.542408][   T46] batman_adv: batadv0: Removing interface: dummy0
[  250.544917][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  250.547333][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  250.550156][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  250.552474][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.570204][   T46] veth1_macvtap: left promiscuous mode
[  250.572047][   T46] veth0_macvtap: left promiscuous mode
[  250.625887][   T46] pim6reg (unregistering): left allmulticast mode
[  250.945049][T13114] __nla_validate_parse: 10 callbacks suppressed
[  250.945061][T13114] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2469'.
[  251.528649][T12975] veth1_vlan: entered promiscuous mode
[  251.553910][T12975] veth0_macvtap: entered promiscuous mode
[  251.558180][T12975] veth1_macvtap: entered promiscuous mode
[  251.567833][T12975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.571330][T12975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.574356][T12975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.577653][T12975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.583087][T12975] batman_adv: batadv0: Interface activated: batadv_slave_0
[  251.590605][T12975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.594912][T12975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.598958][T12975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.603409][T12975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.607752][T12975] batman_adv: batadv0: Interface activated: batadv_slave_1
[  251.611779][T12975] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  251.614536][T12975] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  251.617711][T12975] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  251.620798][T12975] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  251.655634][    C3] vcan0: j1939_tp_rxtimer: 0xffff888024e0a400: rx timeout, send abort
[  251.659137][    C2] vcan0: j1939_tp_rxtimer: 0xffff88804f519800: rx timeout, send abort
[  251.686371][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  251.688910][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  251.695161][    C3] vcan0: j1939_tp_rxtimer: 0xffff888024e09400: rx timeout, send abort
[  251.711475][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  251.714054][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  251.802809][T13125] FAULT_INJECTION: forcing a failure.
[  251.802809][T13125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.807260][T13125] CPU: 3 UID: 0 PID: 13125 Comm: syz.2.2472 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  251.807284][T13125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.807295][T13125] Call Trace:
[  251.807302][T13125]  <TASK>
[  251.807310][T13125]  dump_stack_lvl+0x16c/0x1f0
[  251.807344][T13125]  should_fail_ex+0x512/0x640
[  251.807375][T13125]  _copy_from_user+0x2e/0xd0
[  251.807401][T13125]  ? __pfx_do_get_msr+0x10/0x10
[  251.807421][T13125]  msr_io+0x93/0x2a0
[  251.807447][T13125]  ? __pfx_msr_io+0x10/0x10
[  251.807470][T13125]  ? arch_stack_walk+0xa6/0x100
[  251.807498][T13125]  kvm_arch_vcpu_ioctl+0x2cac/0x4f00
[  251.807521][T13125]  ? kvm_arch_vcpu_ioctl+0x2c88/0x4f00
[  251.807543][T13125]  ? stack_trace_save+0x8e/0xc0
[  251.807567][T13125]  ? stack_depot_save_flags+0x28/0xa50
[  251.807590][T13125]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  251.807610][T13125]  ? __lock_acquire+0xaa4/0x1ba0
[  251.807639][T13125]  ? kasan_save_stack+0x42/0x60
[  251.807656][T13125]  ? kasan_save_stack+0x33/0x60
[  251.807671][T13125]  ? kasan_save_track+0x14/0x30
[  251.807686][T13125]  ? kasan_save_free_info+0x3b/0x60
[  251.807709][T13125]  ? __kasan_slab_free+0x51/0x70
[  251.807725][T13125]  ? kfree+0x2b6/0x4d0
[  251.807748][T13125]  ? tomoyo_path_number_perm+0x470/0x580
[  251.807770][T13125]  ? security_file_ioctl+0x9b/0x240
[  251.807795][T13125]  ? __x64_sys_ioctl+0xb7/0x200
[  251.807822][T13125]  ? __lock_acquire+0xaa4/0x1ba0
[  251.807857][T13125]  ? __mutex_trylock_common+0xe9/0x250
[  251.807887][T13125]  ? __pfx___mutex_trylock_common+0x10/0x10
[  251.807915][T13125]  ? __pfx___might_resched+0x10/0x10
[  251.807942][T13125]  ? rcu_is_watching+0x12/0xc0
[  251.807962][T13125]  ? trace_contention_end+0xdd/0x130
[  251.807979][T13125]  ? __mutex_lock+0x1ca/0xb90
[  251.808005][T13125]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  251.808034][T13125]  ? __pfx___mutex_lock+0x10/0x10
[  251.808065][T13125]  ? tomoyo_path_number_perm+0x18d/0x580
[  251.808093][T13125]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  251.808131][T13125]  kvm_vcpu_ioctl+0x1232/0x1680
[  251.808161][T13125]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  251.808196][T13125]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  251.808226][T13125]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  251.808263][T13125]  ? hook_file_ioctl_common+0x145/0x410
[  251.808290][T13125]  ? selinux_file_ioctl+0x180/0x270
[  251.808342][T13125]  ? selinux_file_ioctl+0xb4/0x270
[  251.808371][T13125]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  251.808399][T13125]  __x64_sys_ioctl+0x193/0x200
[  251.808425][T13125]  do_syscall_64+0xcd/0x260
[  251.808454][T13125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.808472][T13125] RIP: 0033:0x7f4e3938e969
[  251.808488][T13125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.808505][T13125] RSP: 002b:00007f4e3a134038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  251.808524][T13125] RAX: ffffffffffffffda RBX: 00007f4e395b5fa0 RCX: 00007f4e3938e969
[  251.808535][T13125] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  251.808546][T13125] RBP: 00007f4e3a134090 R08: 0000000000000000 R09: 0000000000000000
[  251.808558][T13125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.808567][T13125] R13: 0000000000000000 R14: 00007f4e395b5fa0 R15: 00007ffca096a998
[  251.808590][T13125]  </TASK>
[  252.036060][T13135] fuse: Bad value for 'group_id'
[  252.037722][T13135] fuse: Bad value for 'group_id'
[  252.040384][T13136] fuse: Bad value for 'group_id'
[  252.041983][T13136] fuse: Bad value for 'group_id'
[  252.047959][T13135] overlay: filesystem on ./bus not supported as upperdir
[  252.088991][   T46] IPVS: stop unused estimator thread 0...
[  252.130494][ T5940] Bluetooth: hci3: command tx timeout
[  252.159058][    C3] vcan0: j1939_tp_rxtimer: 0xffff888024e0a400: abort rx timeout. Force session deactivation
[  252.161764][    C2] vcan0: j1939_tp_rxtimer: 0xffff88804f519800: abort rx timeout. Force session deactivation
[  252.191023][T13141] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2478'.
[  252.197757][    C3] vcan0: j1939_tp_rxtimer: 0xffff888024e09400: abort rx timeout. Force session deactivation
[  252.216564][   T40] audit: type=1804 audit(1747362717.606:25855): pid=13144 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2480" name="/newroot/114/file0" dev="tmpfs" ino=611 res=1 errno=0
[  252.223908][   T40] audit: type=1800 audit(1747362717.606:25856): pid=13144 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.2480" name="file0" dev="tmpfs" ino=611 res=0 errno=0
[  252.231119][   T40] audit: type=1800 audit(1747362717.606:25857): pid=13145 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.2480" name="file0" dev="tmpfs" ino=611 res=0 errno=0
[  252.314244][T13168] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2487'.
[  252.317136][T13145] netlink: 'syz.0.2480': attribute type 32 has an invalid length.
[  252.319755][T13145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2480'.
[  252.324142][T13158] netlink: 'syz.0.2480': attribute type 32 has an invalid length.
[  252.326674][T13158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2480'.
[  252.329488][T13158] (unnamed net_device) (uninitialized): option coupled_control: invalid value (47)
[  252.334047][T13145] (unnamed net_device) (uninitialized): option coupled_control: invalid value (47)
[  252.384661][T13173] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2489'.
[  252.493831][   T40] audit: type=1400 audit(1747362717.886:25858): avc:  denied  { connect } for  pid=13180 comm="syz.0.2493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  252.666281][T13194] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2497'.
[  252.770722][T13200] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2499'.
[  252.802777][T13202] netlink: 'syz.0.2500': attribute type 12 has an invalid length.
[  253.598270][    C1] vxcan1: j1939_tp_rxtimer: 0xffff8880256e5000: rx timeout, send abort
[  253.662928][T13205] FAULT_INJECTION: forcing a failure.
[  253.662928][T13205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.667073][T13205] CPU: 0 UID: 0 PID: 13205 Comm: syz.0.2501 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  253.667089][T13205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.667096][T13205] Call Trace:
[  253.667100][T13205]  <TASK>
[  253.667105][T13205]  dump_stack_lvl+0x16c/0x1f0
[  253.667125][T13205]  should_fail_ex+0x512/0x640
[  253.667144][T13205]  _copy_from_user+0x2e/0xd0
[  253.667162][T13205]  ? __pfx_do_get_msr+0x10/0x10
[  253.667175][T13205]  memdup_user+0x6b/0xe0
[  253.667189][T13205]  msr_io+0xea/0x2a0
[  253.667205][T13205]  ? __pfx_msr_io+0x10/0x10
[  253.667220][T13205]  ? arch_stack_walk+0xa6/0x100
[  253.667237][T13205]  kvm_arch_vcpu_ioctl+0x2cac/0x4f00
[  253.667252][T13205]  ? kvm_arch_vcpu_ioctl+0x2c88/0x4f00
[  253.667268][T13205]  ? stack_trace_save+0x8e/0xc0
[  253.667284][T13205]  ? stack_depot_save_flags+0x28/0xa50
[  253.667299][T13205]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  253.667313][T13205]  ? __lock_acquire+0xaa4/0x1ba0
[  253.667333][T13205]  ? kasan_save_stack+0x42/0x60
[  253.667343][T13205]  ? kasan_save_stack+0x33/0x60
[  253.667352][T13205]  ? kasan_save_track+0x14/0x30
[  253.667361][T13205]  ? kasan_save_free_info+0x3b/0x60
[  253.667376][T13205]  ? __kasan_slab_free+0x51/0x70
[  253.667385][T13205]  ? kfree+0x2b6/0x4d0
[  253.667400][T13205]  ? tomoyo_path_number_perm+0x470/0x580
[  253.667414][T13205]  ? security_file_ioctl+0x9b/0x240
[  253.667430][T13205]  ? __x64_sys_ioctl+0xb7/0x200
[  253.667446][T13205]  ? __lock_acquire+0xaa4/0x1ba0
[  253.667469][T13205]  ? __mutex_trylock_common+0xe9/0x250
[  253.667487][T13205]  ? __pfx___mutex_trylock_common+0x10/0x10
[  253.667506][T13205]  ? __pfx___might_resched+0x10/0x10
[  253.667523][T13205]  ? rcu_is_watching+0x12/0xc0
[  253.667536][T13205]  ? trace_contention_end+0xdd/0x130
[  253.667547][T13205]  ? __mutex_lock+0x1ca/0xb90
[  253.667564][T13205]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  253.667582][T13205]  ? __pfx___mutex_lock+0x10/0x10
[  253.667603][T13205]  ? tomoyo_path_number_perm+0x18d/0x580
[  253.667620][T13205]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  253.667636][T13205]  kvm_vcpu_ioctl+0x1232/0x1680
[  253.667654][T13205]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  253.667675][T13205]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  253.667695][T13205]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  253.667718][T13205]  ? hook_file_ioctl_common+0x145/0x410
[  253.667733][T13205]  ? selinux_file_ioctl+0x180/0x270
[  253.667750][T13205]  ? selinux_file_ioctl+0xb4/0x270
[  253.667768][T13205]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  253.667785][T13205]  __x64_sys_ioctl+0x193/0x200
[  253.667801][T13205]  do_syscall_64+0xcd/0x260
[  253.667819][T13205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.667831][T13205] RIP: 0033:0x7fdd8f98e969
[  253.667841][T13205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.667852][T13205] RSP: 002b:00007fdd90756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  253.667863][T13205] RAX: ffffffffffffffda RBX: 00007fdd8fbb5fa0 RCX: 00007fdd8f98e969
[  253.667870][T13205] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  253.667877][T13205] RBP: 00007fdd90756090 R08: 0000000000000000 R09: 0000000000000000
[  253.667884][T13205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.667891][T13205] R13: 0000000000000000 R14: 00007fdd8fbb5fa0 R15: 00007ffd004393d8
[  253.667905][T13205]  </TASK>
[  253.774756][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880536f0c00: rx timeout, send abort
[  253.777439][    C0] vcan0: j1939_tp_rxtimer: 0xffff88803355e000: rx timeout, send abort
[  254.043951][T13219] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2508'.
[  254.072452][T13221] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2509'.
[  254.101602][    C1] vxcan1: j1939_tp_rxtimer: 0xffff8880256e5000: abort rx timeout. Force session deactivation
[  254.136718][T13228] FAULT_INJECTION: forcing a failure.
[  254.136718][T13228] name failslab, interval 1, probability 0, space 0, times 0
[  254.141129][T13228] CPU: 2 UID: 0 PID: 13228 Comm: syz.2.2511 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  254.141144][T13228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  254.141152][T13228] Call Trace:
[  254.141156][T13228]  <TASK>
[  254.141160][T13228]  dump_stack_lvl+0x16c/0x1f0
[  254.141181][T13228]  should_fail_ex+0x512/0x640
[  254.141197][T13228]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  254.141216][T13228]  should_failslab+0xc2/0x120
[  254.141228][T13228]  __kmalloc_cache_noprof+0x6a/0x3e0
[  254.141245][T13228]  ? look_up_lock_class+0x59/0x150
[  254.141260][T13228]  ? kvm_hv_vcpu_init+0xa4/0x7a0
[  254.141280][T13228]  kvm_hv_vcpu_init+0xa4/0x7a0
[  254.141297][T13228]  kvm_hv_get_msr_common+0xfe/0x1a90
[  254.141317][T13228]  ? __pfx_kvm_hv_get_msr_common+0x10/0x10
[  254.141339][T13228]  kvm_get_msr_common+0x13bf/0x2300
[  254.141359][T13228]  vmx_get_msr+0x7c0/0x1330
[  254.141376][T13228]  __kvm_get_msr+0x23b/0x310
[  254.141391][T13228]  ? __pfx___kvm_get_msr+0x10/0x10
[  254.141408][T13228]  kvm_get_msr_ignored_check+0x30/0x430
[  254.141423][T13228]  ? __pfx_do_get_msr+0x10/0x10
[  254.141435][T13228]  msr_io+0x181/0x2a0
[  254.141451][T13228]  ? __pfx_msr_io+0x10/0x10
[  254.141465][T13228]  ? arch_stack_walk+0xa6/0x100
[  254.141483][T13228]  kvm_arch_vcpu_ioctl+0x2cac/0x4f00
[  254.141497][T13228]  ? kvm_arch_vcpu_ioctl+0x2c88/0x4f00
[  254.141512][T13228]  ? stack_trace_save+0x8e/0xc0
[  254.141528][T13228]  ? stack_depot_save_flags+0x28/0xa50
[  254.141544][T13228]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  254.141558][T13228]  ? __lock_acquire+0xaa4/0x1ba0
[  254.141578][T13228]  ? kasan_save_stack+0x42/0x60
[  254.141587][T13228]  ? kasan_save_stack+0x33/0x60
[  254.141596][T13228]  ? kasan_save_track+0x14/0x30
[  254.141605][T13228]  ? kasan_save_free_info+0x3b/0x60
[  254.141620][T13228]  ? __kasan_slab_free+0x51/0x70
[  254.141629][T13228]  ? kfree+0x2b6/0x4d0
[  254.141643][T13228]  ? tomoyo_path_number_perm+0x470/0x580
[  254.141658][T13228]  ? security_file_ioctl+0x9b/0x240
[  254.141673][T13228]  ? __x64_sys_ioctl+0xb7/0x200
[  254.141690][T13228]  ? __lock_acquire+0xaa4/0x1ba0
[  254.141711][T13228]  ? __mutex_trylock_common+0xe9/0x250
[  254.141730][T13228]  ? __pfx___mutex_trylock_common+0x10/0x10
[  254.141749][T13228]  ? __pfx___might_resched+0x10/0x10
[  254.141766][T13228]  ? rcu_is_watching+0x12/0xc0
[  254.141779][T13228]  ? trace_contention_end+0xdd/0x130
[  254.141790][T13228]  ? __mutex_lock+0x1ca/0xb90
[  254.141807][T13228]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  254.141825][T13228]  ? __pfx___mutex_lock+0x10/0x10
[  254.141846][T13228]  ? tomoyo_path_number_perm+0x18d/0x580
[  254.141863][T13228]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  254.141878][T13228]  kvm_vcpu_ioctl+0x1232/0x1680
[  254.141897][T13228]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  254.141917][T13228]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  254.141942][T13228]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  254.141965][T13228]  ? hook_file_ioctl_common+0x145/0x410
[  254.141981][T13228]  ? selinux_file_ioctl+0x180/0x270
[  254.141998][T13228]  ? selinux_file_ioctl+0xb4/0x270
[  254.142016][T13228]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  254.142034][T13228]  __x64_sys_ioctl+0x193/0x200
[  254.142050][T13228]  do_syscall_64+0xcd/0x260
[  254.142067][T13228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.142079][T13228] RIP: 0033:0x7f4e3938e969
[  254.142089][T13228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.142100][T13228] RSP: 002b:00007f4e3a134038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  254.142111][T13228] RAX: ffffffffffffffda RBX: 00007f4e395b5fa0 RCX: 00007f4e3938e969
[  254.142118][T13228] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  254.142125][T13228] RBP: 00007f4e3a134090 R08: 0000000000000000 R09: 0000000000000000
[  254.142132][T13228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.142138][T13228] R13: 0000000000000000 R14: 00007f4e395b5fa0 R15: 00007ffca096a998
[  254.142152][T13228]  </TASK>
[  254.277368][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880536f0c00: abort rx timeout. Force session deactivation
[  254.280045][ T5940] Bluetooth: hci3: command tx timeout
[  254.282979][    C0] vcan0: j1939_tp_rxtimer: 0xffff88803355e000: abort rx timeout. Force session deactivation
[  254.333118][   T40] audit: type=1400 audit(1747362719.726:25859): avc:  denied  { create } for  pid=13233 comm="syz.0.2513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  254.339478][   T40] audit: type=1400 audit(1747362719.726:25860): avc:  denied  { getopt } for  pid=13233 comm="syz.0.2513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  254.406600][   T40] audit: type=1400 audit(1747362719.796:25861): avc:  denied  { write } for  pid=13241 comm="syz.1.2517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  254.464443][   T40] audit: type=1400 audit(1747362719.856:25862): avc:  denied  { watch } for  pid=13246 comm="syz.0.2520" path="/138/file1" dev="tmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  254.585047][T13258] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  254.746617][T13264] FAULT_INJECTION: forcing a failure.
[  254.746617][T13264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.750770][T13264] CPU: 2 UID: 0 PID: 13264 Comm: syz.1.2526 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  254.750785][T13264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  254.750792][T13264] Call Trace:
[  254.750797][T13264]  <TASK>
[  254.750802][T13264]  dump_stack_lvl+0x16c/0x1f0
[  254.750821][T13264]  should_fail_ex+0x512/0x640
[  254.750838][T13264]  ? __pfx_do_get_msr+0x10/0x10
[  254.750853][T13264]  _copy_to_user+0x32/0xd0
[  254.750870][T13264]  ? __pfx_do_get_msr+0x10/0x10
[  254.750883][T13264]  msr_io+0x21f/0x2a0
[  254.750899][T13264]  ? __pfx_msr_io+0x10/0x10
[  254.750913][T13264]  ? arch_stack_walk+0xa6/0x100
[  254.750935][T13264]  kvm_arch_vcpu_ioctl+0x2cac/0x4f00
[  254.750949][T13264]  ? kvm_arch_vcpu_ioctl+0x2c88/0x4f00
[  254.750965][T13264]  ? stack_trace_save+0x8e/0xc0
[  254.750981][T13264]  ? stack_depot_save_flags+0x28/0xa50
[  254.750996][T13264]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  254.751010][T13264]  ? __lock_acquire+0xaa4/0x1ba0
[  254.751030][T13264]  ? kasan_save_stack+0x42/0x60
[  254.751040][T13264]  ? kasan_save_stack+0x33/0x60
[  254.751049][T13264]  ? kasan_save_track+0x14/0x30
[  254.751058][T13264]  ? kasan_save_free_info+0x3b/0x60
[  254.751073][T13264]  ? __kasan_slab_free+0x51/0x70
[  254.751083][T13264]  ? kfree+0x2b6/0x4d0
[  254.751097][T13264]  ? tomoyo_path_number_perm+0x470/0x580
[  254.751112][T13264]  ? security_file_ioctl+0x9b/0x240
[  254.751128][T13264]  ? __x64_sys_ioctl+0xb7/0x200
[  254.751145][T13264]  ? __lock_acquire+0xaa4/0x1ba0
[  254.751167][T13264]  ? __mutex_trylock_common+0xe9/0x250
[  254.751186][T13264]  ? __pfx___mutex_trylock_common+0x10/0x10
[  254.751205][T13264]  ? __pfx___might_resched+0x10/0x10
[  254.751222][T13264]  ? rcu_is_watching+0x12/0xc0
[  254.751235][T13264]  ? trace_contention_end+0xdd/0x130
[  254.751246][T13264]  ? __mutex_lock+0x1ca/0xb90
[  254.751263][T13264]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  254.751281][T13264]  ? __pfx___mutex_lock+0x10/0x10
[  254.751302][T13264]  ? tomoyo_path_number_perm+0x18d/0x580
[  254.751319][T13264]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  254.751335][T13264]  kvm_vcpu_ioctl+0x1232/0x1680
[  254.751353][T13264]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  254.751374][T13264]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  254.751393][T13264]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  254.751416][T13264]  ? hook_file_ioctl_common+0x145/0x410
[  254.751432][T13264]  ? selinux_file_ioctl+0x180/0x270
[  254.751449][T13264]  ? selinux_file_ioctl+0xb4/0x270
[  254.751467][T13264]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  254.751484][T13264]  __x64_sys_ioctl+0x193/0x200
[  254.751501][T13264]  do_syscall_64+0xcd/0x260
[  254.751518][T13264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.751530][T13264] RIP: 0033:0x7fd7ef58e969
[  254.751539][T13264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.751550][T13264] RSP: 002b:00007fd7f0409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  254.751561][T13264] RAX: ffffffffffffffda RBX: 00007fd7ef7b5fa0 RCX: 00007fd7ef58e969
[  254.751568][T13264] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  254.751575][T13264] RBP: 00007fd7f0409090 R08: 0000000000000000 R09: 0000000000000000
[  254.751581][T13264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.751588][T13264] R13: 0000000000000000 R14: 00007fd7ef7b5fa0 R15: 00007ffd0cf73d78
[  254.751602][T13264]  </TASK>
[  255.021598][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  255.023582][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  255.081940][ T1143] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  255.084337][ T1143] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  255.109952][   T58] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  255.223513][T13285] FAULT_INJECTION: forcing a failure.
[  255.223513][T13285] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.227600][T13285] CPU: 1 UID: 0 PID: 13285 Comm: syz.3.2535 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  255.227616][T13285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.227623][T13285] Call Trace:
[  255.227628][T13285]  <TASK>
[  255.227633][T13285]  dump_stack_lvl+0x16c/0x1f0
[  255.227653][T13285]  should_fail_ex+0x512/0x640
[  255.227671][T13285]  _copy_to_user+0x32/0xd0
[  255.227689][T13285]  simple_read_from_buffer+0xcb/0x170
[  255.227708][T13285]  proc_fail_nth_read+0x197/0x270
[  255.227726][T13285]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  255.227744][T13285]  ? rw_verify_area+0xcf/0x680
[  255.227760][T13285]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  255.227777][T13285]  vfs_read+0x1e1/0xc70
[  255.227796][T13285]  ? __pfx___mutex_lock+0x10/0x10
[  255.227812][T13285]  ? __pfx_vfs_read+0x10/0x10
[  255.227832][T13285]  ? __fget_files+0x20e/0x3c0
[  255.227847][T13285]  ksys_read+0x12a/0x240
[  255.227863][T13285]  ? __pfx_ksys_read+0x10/0x10
[  255.227884][T13285]  do_syscall_64+0xcd/0x260
[  255.227902][T13285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.227913][T13285] RIP: 0033:0x7ff16f38d37c
[  255.227922][T13285] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  255.227933][T13285] RSP: 002b:00007ff1702de030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  255.227944][T13285] RAX: ffffffffffffffda RBX: 00007ff16f5b5fa0 RCX: 00007ff16f38d37c
[  255.227951][T13285] RDX: 000000000000000f RSI: 00007ff1702de0a0 RDI: 0000000000000007
[  255.227958][T13285] RBP: 00007ff1702de090 R08: 0000000000000000 R09: 0000000000000000
[  255.227964][T13285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.227971][T13285] R13: 0000000000000000 R14: 00007ff16f5b5fa0 R15: 00007fff5129a788
[  255.227985][T13285]  </TASK>
[  255.296549][    C1] vkms_vblank_simulate: vblank timer overrun
[  255.367342][T13287] netlink: 'syz.3.2536': attribute type 1 has an invalid length.
[  255.690541][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880297c7c00: rx timeout, send abort
[  255.693171][    C2] vcan0: j1939_tp_rxtimer: 0xffff88804c6efc00: rx timeout, send abort
[  255.809935][   T58] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  255.862560][    C3] vcan0: j1939_tp_rxtimer: 0xffff88804d1ccc00: rx timeout, send abort
[  255.866152][    C3] vcan0: j1939_tp_rxtimer: 0xffff88804d1cd000: rx timeout, send abort
[  255.971587][   T58] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  255.989327][T13291] mmap: syz.1.2537 (13291): VmData 37466112 exceed data ulimit 4. Update limits or use boot option ignore_rlimit_data.
[  255.995483][T13291] __nla_validate_parse: 2 callbacks suppressed
[  255.995497][T13291] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2537'.
[  256.012163][   T40] audit: type=1400 audit(1747362721.406:25863): avc:  denied  { view } for  pid=13290 comm="syz.1.2537" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  256.193119][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880297c7c00: abort rx timeout. Force session deactivation
[  256.195820][    C2] vcan0: j1939_tp_rxtimer: 0xffff88804c6efc00: abort rx timeout. Force session deactivation
[  256.289991][ T5940] Bluetooth: hci3: command tx timeout
[  256.300518][ T2081] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  256.365974][    C3] vcan0: j1939_tp_rxtimer: 0xffff88804d1ccc00: abort rx timeout. Force session deactivation
[  256.369587][    C3] vcan0: j1939_tp_rxtimer: 0xffff88804d1cd000: abort rx timeout. Force session deactivation
[  256.451337][ T2081] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  256.454189][ T2081] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  256.457935][ T2081] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  256.461277][ T2081] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  256.464851][ T2081] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  256.472070][ T2081] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  256.475904][ T2081] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  256.478368][ T2081] usb 6-1: Product: syz
[  256.479667][ T2081] usb 6-1: Manufacturer: syz
[  256.486535][ T2081] cdc_wdm 6-1:1.0: skipping garbage
[  256.488164][ T2081] cdc_wdm 6-1:1.0: skipping garbage
[  256.492118][ T2081] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  256.494253][ T2081] cdc_wdm 6-1:1.0: Unknown control protocol
[  256.531724][T13307] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2543'.
[  256.707341][T13313] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2546'.
[  256.713820][   T40] audit: type=1326 audit(1747362722.106:25864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13312 comm="syz.0.2546" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdd8f98e969 code=0x0
[  256.793198][T13289] Set syz1 is full, maxelem 65536 reached
[  257.248814][   T24] usb 6-1: USB disconnect, device number 46
[  257.598958][T13324] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2550'.
[  257.624451][T13324] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13324 comm=syz.0.2550
[  257.647411][   T40] audit: type=1400 audit(1747362723.036:25865): avc:  denied  { map } for  pid=13323 comm="syz.0.2550" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  257.656804][   T40] audit: type=1400 audit(1747362723.036:25866): avc:  denied  { execute } for  pid=13323 comm="syz.0.2550" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  257.818362][T13337] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2555'.
[  257.845695][   T40] audit: type=1400 audit(1747362723.237:25867): avc:  denied  { mount } for  pid=13338 comm="syz.1.2557" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  257.847591][T13339] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  257.863220][T13339] evm: overlay not supported
[  257.885454][   T40] audit: type=1400 audit(1747362723.277:25868): avc:  denied  { unmount } for  pid=12725 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  257.895748][   T40] audit: type=1400 audit(1747362723.287:25869): avc:  denied  { append } for  pid=13342 comm="syz.0.2559" name="vbi0" dev="devtmpfs" ino=977 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  257.976644][T13350] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  257.979164][T13350] UDF-fs: Scanning with blocksize 2048 failed
[  257.982207][T13350] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  257.984600][T13350] UDF-fs: Scanning with blocksize 4096 failed
[  258.074364][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802bb1f400: rx timeout, send abort
[  258.249794][ T5972] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  258.411595][ T5972] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  258.415265][ T5972] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  258.419412][ T5972] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  258.423584][ T5972] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  258.428002][ T5972] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  258.433997][ T5972] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  258.436691][ T5972] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  258.440172][ T5972] usb 5-1: Product: syz
[  258.441502][ T5972] usb 5-1: Manufacturer: syz
[  258.449054][ T5972] cdc_wdm 5-1:1.0: skipping garbage
[  258.451341][ T5972] cdc_wdm 5-1:1.0: skipping garbage
[  258.455971][ T5972] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  258.458355][ T5972] cdc_wdm 5-1:1.0: Unknown control protocol
[  258.576956][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802bb1f400: abort rx timeout. Force session deactivation
[  258.797461][T13363] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2568'.
[  258.854989][   T40] audit: type=1400 audit(1747362724.247:25870): avc:  denied  { attach_queue } for  pid=13360 comm="syz.1.2567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  258.913354][T13370] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  258.917253][    C2] vcan0: j1939_tp_rxtimer: 0xffff888033fa3400: rx timeout, send abort
[  258.917533][T13370] Error validating options; rc = [-22]
[  258.920474][    C2] vcan0: j1939_tp_rxtimer: 0xffff888033fa0400: rx timeout, send abort
[  259.203329][   T66] usb 5-1: USB disconnect, device number 16
[  259.420241][    C2] vcan0: j1939_tp_rxtimer: 0xffff888033fa3400: abort rx timeout. Force session deactivation
[  259.426974][    C2] vcan0: j1939_tp_rxtimer: 0xffff888033fa0400: abort rx timeout. Force session deactivation
[  259.462439][   T40] audit: type=1400 audit(1747362724.857:25871): avc:  denied  { getopt } for  pid=13377 comm="syz.2.2573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  259.490086][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  259.491724][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  259.591763][   T40] audit: type=1400 audit(1747362724.987:25872): avc:  denied  { ioctl } for  pid=13388 comm="syz.2.2577" path="pid:[4026532876]" dev="nsfs" ino=4026532876 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  259.626158][T13393] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2578'.
[  259.840020][T13405] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22
[  259.949948][   T24] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  260.058999][T13414] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2588'.
[  260.099745][   T24] usb 7-1: Using ep0 maxpacket: 32
[  260.102574][   T24] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  260.111840][   T24] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  260.114789][   T24] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  260.117389][   T24] usb 7-1: Product: syz
[  260.118743][   T24] usb 7-1: Manufacturer: syz
[  260.121076][   T24] usb 7-1: SerialNumber: syz
[  260.133360][   T24] usb 7-1: config 0 descriptor??
[  260.136419][T13399] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  260.182281][T13420] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2591'.
[  260.347648][ T5992] usb 7-1: USB disconnect, device number 38
[  260.353430][T13399] ptrace attach of "/syz-executor exec"[5937] was attempted by ""[13399]
[  260.698987][T13427] vcan0: tx drop: invalid da for name 0x0000000000000001
[  260.960556][T13429] sp0: Synchronizing with TNC
[  260.992063][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880313de000: rx timeout, send abort
[  260.994720][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880313dd400: rx timeout, send abort
[  261.182728][   T40] audit: type=1400 audit(1747362726.577:25873): avc:  denied  { setattr } for  pid=13435 comm="syz.2.2597" path="/dev/ubi_ctrl" dev="devtmpfs" ino=718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  261.429724][ T5992] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[  261.494607][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880313de000: abort rx timeout. Force session deactivation
[  261.497838][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880313dd400: abort rx timeout. Force session deactivation
[  261.534969][T13438] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2598'.
[  261.584807][ T5992] usb 7-1: config 1 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.588472][ T5992] usb 7-1: config 1 interface 0 has no altsetting 0
[  261.592175][ T5992] usb 7-1: New USB device found, idVendor=046d, idProduct=c215, bcdDevice= 0.40
[  261.594907][ T5992] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.597293][ T5992] usb 7-1: Product: syz
[  261.598552][ T5992] usb 7-1: Manufacturer: syz
[  261.600435][ T5992] usb 7-1: SerialNumber: syz
[  261.806831][T13436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.810150][T13436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.813925][   T40] audit: type=1400 audit(1747362727.207:25874): avc:  denied  { shutdown } for  pid=13435 comm="syz.2.2597" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  261.824372][ T5992] usbhid 7-1:1.0: can't add hid device: -71
[  261.826400][ T5992] usbhid 7-1:1.0: probe with driver usbhid failed with error -71
[  261.830323][ T5992] usb 7-1: USB disconnect, device number 39
[  261.954993][    C2] vcan0: j1939_tp_rxtimer: 0xffff888041cd1000: rx timeout, send abort
[  262.094866][T13464] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2607'.
[  262.351054][T13470] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2610'.
[  262.457521][    C2] vcan0: j1939_tp_rxtimer: 0xffff888041cd1000: abort rx timeout. Force session deactivation
[  262.498404][T13478] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=38 sclass=netlink_tcpdiag_socket pid=13478 comm=syz.2.2614
[  262.504320][T13478] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=33 sclass=netlink_tcpdiag_socket pid=13478 comm=syz.2.2614
[  262.508492][T13478] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=54 sclass=netlink_tcpdiag_socket pid=13478 comm=syz.2.2614
[  262.582231][T13489] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2619'.
[  262.667626][T13498] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  262.670904][T13498] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  262.673623][T13498] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  262.676331][T13498] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  263.411662][    C2] vcan0: j1939_tp_rxtimer: 0xffff88802892f800: rx timeout, send abort
[  263.414430][    C2] vcan0: j1939_tp_rxtimer: 0xffff88802892cc00: rx timeout, send abort
[  263.545505][T13513] netlink: 45 bytes leftover after parsing attributes in process `syz.2.2627'.
[  263.672561][T13521] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2630'.
[  263.709026][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  263.709042][   T40] audit: type=1400 audit(1747362729.097:25876): avc:  denied  { connect } for  pid=13522 comm="syz.1.2631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  263.726983][T13528] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2634'.
[  263.799684][T13536] netlink: 'syz.1.2636': attribute type 3 has an invalid length.
[  263.802114][T13536] netlink: 'syz.1.2636': attribute type 1 has an invalid length.
[  263.804496][T13536] netlink: 216 bytes leftover after parsing attributes in process `syz.1.2636'.
[  263.807618][T13536] NCSI netlink: No device for ifindex 33022
[  263.811898][T13536] overlay: Unknown parameter 'fsname'
[  263.906823][   T40] audit: type=1400 audit(1747362729.297:25877): avc:  denied  { append } for  pid=13546 comm="syz.2.2640" name="pfkey" dev="proc" ino=4026533193 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  263.913670][   T40] audit: type=1400 audit(1747362729.297:25878): avc:  denied  { map } for  pid=13546 comm="syz.2.2640" path="/proc/1485/net/pfkey" dev="proc" ino=4026533193 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  263.914319][    C2] vcan0: j1939_tp_rxtimer: 0xffff88802892f800: abort rx timeout. Force session deactivation
[  263.925771][    C2] vcan0: j1939_tp_rxtimer: 0xffff88802892cc00: abort rx timeout. Force session deactivation
[  263.962133][T13551] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2642'.
[  264.089260][   T40] audit: type=1400 audit(1747362729.477:25879): avc:  denied  { accept } for  pid=13570 comm="syz.1.2649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  264.096973][   T40] audit: type=1400 audit(1747362729.487:25880): avc:  denied  { watch_with_perm watch_reads } for  pid=13570 comm="syz.1.2649" path="/54/bus/bus" dev="tmpfs" ino=309 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  264.281687][T13584] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2653'.
[  264.485571][    C2] vcan0: j1939_tp_rxtimer: 0xffff8880335cd800: rx timeout, send abort
[  264.763072][   T40] audit: type=1400 audit(1747362730.157:25881): avc:  denied  { execute } for  pid=13601 comm="syz.2.2659" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  264.793182][   T40] audit: type=1400 audit(1747362730.187:25882): avc:  denied  { block_suspend } for  pid=13601 comm="syz.2.2659" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  264.988222][    C2] vcan0: j1939_tp_rxtimer: 0xffff8880335cd800: abort rx timeout. Force session deactivation
[  265.020102][ T1140] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  265.023594][ T1140] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  265.049802][   T58] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  265.139741][   T58] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  265.172312][   T40] audit: type=1400 audit(1747362730.567:25883): avc:  denied  { setattr } for  pid=13626 comm="syz.3.2668" name="sr0" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:removable_device_t tclass=blk_file permissive=1
[  265.209997][   T58] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  265.276386][T13595] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  265.323788][T13633] can: request_module (can-proto-0) failed.
[  265.408077][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805efa5000: rx timeout, send abort
[  265.410986][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805efa5800: rx timeout, send abort
[  265.464586][ T5940] Bluetooth: hci3: Dropping invalid advertising data
[  265.467074][ T5940] Bluetooth: hci3: Malformed LE Event: 0x02
[  265.545870][T13661] vlan0: entered promiscuous mode
[  265.547558][T13661] bridge0: entered promiscuous mode
[  265.549337][T13661] vlan0: entered allmulticast mode
[  265.551215][T13661] bridge0: entered allmulticast mode
[  265.583646][   T40] audit: type=1400 audit(1747362730.977:25884): avc:  denied  { read } for  pid=13662 comm="syz.3.2684" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  265.640078][T13670] Attempt to restore checkpoint with obsolete wellknown handles
[  265.643013][T13670] netlink: 'syz.1.2687': attribute type 9 has an invalid length.
[  265.695895][T13676] fuse: Bad value for 'fd'
[  265.778658][T13685] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  265.793010][T13689] syz_tun: vlans aren't supported yet for dev_uc|mc_add()
[  265.910847][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805efa5000: abort rx timeout. Force session deactivation
[  265.915288][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805efa5800: abort rx timeout. Force session deactivation
[  266.197763][T13710] netlink: 'syz.2.2701': attribute type 1 has an invalid length.
[  266.213792][T13710] bond6: entered allmulticast mode
[  266.215872][T13710] 8021q: adding VLAN 0 to HW filter on device bond6
[  266.222646][T13710] loop6: detected capacity change from 0 to 524287999
[  266.505236][ T5940] Bluetooth: hci0: unexpected event for opcode 0x0c7d
[  266.508180][T13726] delete_channel: no stack
[  266.559434][T13729] __nla_validate_parse: 13 callbacks suppressed
[  266.559452][T13729] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2708'.
[  266.688791][T13745] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2713'.
[  266.829475][   T40] audit: type=1400 audit(1747362732.217:25885): avc:  denied  { ioctl } for  pid=13754 comm="syz.0.2717" path="/dev/cpu/1/msr" dev="devtmpfs" ino=89 ioctlcmd=0x63a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  266.949714][ T5992] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  267.069674][T13764] afs: Unknown parameter 'dy'
[  267.074317][ T5940] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  267.074653][ T5940] Bluetooth: hci0: unexpected event for opcode 0x2016
[  267.079763][ T5992] usb 6-1: device descriptor read/64, error -71
[  267.159073][T13770] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2723'.
[  267.330290][ T5992] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[  267.411345][T13785] FAULT_INJECTION: forcing a failure.
[  267.411345][T13785] name failslab, interval 1, probability 0, space 0, times 0
[  267.417061][T13785] CPU: 2 UID: 0 PID: 13785 Comm: syz.0.2729 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  267.417087][T13785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  267.417098][T13785] Call Trace:
[  267.417104][T13785]  <TASK>
[  267.417112][T13785]  dump_stack_lvl+0x16c/0x1f0
[  267.417158][T13785]  should_fail_ex+0x512/0x640
[  267.417187][T13785]  ? fs_reclaim_acquire+0xae/0x150
[  267.417213][T13785]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  267.417240][T13785]  should_failslab+0xc2/0x120
[  267.417261][T13785]  __kmalloc_noprof+0xd2/0x510
[  267.417286][T13785]  tomoyo_realpath_from_path+0xc2/0x6e0
[  267.417315][T13785]  ? tomoyo_profile+0x47/0x60
[  267.417335][T13785]  tomoyo_path_number_perm+0x245/0x580
[  267.417357][T13785]  ? tomoyo_path_number_perm+0x237/0x580
[  267.417382][T13785]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  267.417407][T13785]  ? find_held_lock+0x2b/0x80
[  267.417453][T13785]  ? find_held_lock+0x2b/0x80
[  267.417474][T13785]  ? hook_file_ioctl_common+0x145/0x410
[  267.417499][T13785]  ? __fget_files+0x20e/0x3c0
[  267.417521][T13785]  security_file_ioctl+0x9b/0x240
[  267.417549][T13785]  __x64_sys_ioctl+0xb7/0x200
[  267.417576][T13785]  do_syscall_64+0xcd/0x260
[  267.417604][T13785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.417622][T13785] RIP: 0033:0x7fdd8f98e969
[  267.417637][T13785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.417654][T13785] RSP: 002b:00007fdd90756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  267.417672][T13785] RAX: ffffffffffffffda RBX: 00007fdd8fbb5fa0 RCX: 00007fdd8f98e969
[  267.417685][T13785] RDX: 0000200000000040 RSI: 00000000c00c642d RDI: 0000000000000003
[  267.417696][T13785] RBP: 00007fdd90756090 R08: 0000000000000000 R09: 0000000000000000
[  267.417707][T13785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.417718][T13785] R13: 0000000000000000 R14: 00007fdd8fbb5fa0 R15: 00007ffd004393d8
[  267.417743][T13785]  </TASK>
[  267.417750][T13785] ERROR: Out of memory at tomoyo_realpath_from_path.
[  267.469971][ T5992] usb 6-1: device descriptor read/64, error -71
[  267.572559][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880335fc400: rx timeout, send abort
[  267.575346][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802a815000: rx timeout, send abort
[  267.611390][ T5992] usb usb6-port1: attempt power cycle
[  267.969776][ T5992] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  267.990241][ T5992] usb 6-1: device descriptor read/8, error -71
[  268.075828][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880335fc400: abort rx timeout. Force session deactivation
[  268.078654][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802a815000: abort rx timeout. Force session deactivation
[  268.114137][T13814] xt_hashlimit: size too large, truncated to 1048576
[  268.148360][T13819] FAULT_INJECTION: forcing a failure.
[  268.148360][T13819] name failslab, interval 1, probability 0, space 0, times 0
[  268.152588][T13819] CPU: 3 UID: 0 PID: 13819 Comm: syz.0.2740 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  268.152604][T13819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  268.152610][T13819] Call Trace:
[  268.152615][T13819]  <TASK>
[  268.152641][T13819]  dump_stack_lvl+0x16c/0x1f0
[  268.152678][T13819]  should_fail_ex+0x512/0x640
[  268.152697][T13819]  ? fs_reclaim_acquire+0xae/0x150
[  268.152713][T13819]  ? tomoyo_encode2+0x100/0x3e0
[  268.152729][T13819]  should_failslab+0xc2/0x120
[  268.152742][T13819]  __kmalloc_noprof+0xd2/0x510
[  268.152753][T13819]  ? d_absolute_path+0x136/0x1a0
[  268.152769][T13819]  tomoyo_encode2+0x100/0x3e0
[  268.152788][T13819]  tomoyo_encode+0x29/0x50
[  268.152804][T13819]  tomoyo_realpath_from_path+0x18f/0x6e0
[  268.152825][T13819]  tomoyo_path_number_perm+0x245/0x580
[  268.152839][T13819]  ? tomoyo_path_number_perm+0x237/0x580
[  268.152855][T13819]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  268.152871][T13819]  ? find_held_lock+0x2b/0x80
[  268.152901][T13819]  ? find_held_lock+0x2b/0x80
[  268.152914][T13819]  ? hook_file_ioctl_common+0x145/0x410
[  268.152929][T13819]  ? __fget_files+0x20e/0x3c0
[  268.152942][T13819]  security_file_ioctl+0x9b/0x240
[  268.152959][T13819]  __x64_sys_ioctl+0xb7/0x200
[  268.152976][T13819]  do_syscall_64+0xcd/0x260
[  268.153006][T13819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.153018][T13819] RIP: 0033:0x7fdd8f98e969
[  268.153027][T13819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.153039][T13819] RSP: 002b:00007fdd90756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  268.153051][T13819] RAX: ffffffffffffffda RBX: 00007fdd8fbb5fa0 RCX: 00007fdd8f98e969
[  268.153058][T13819] RDX: 0000200000000040 RSI: 00000000c00c642d RDI: 0000000000000003
[  268.153065][T13819] RBP: 00007fdd90756090 R08: 0000000000000000 R09: 0000000000000000
[  268.153071][T13819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.153078][T13819] R13: 0000000000000000 R14: 00007fdd8fbb5fa0 R15: 00007ffd004393d8
[  268.153092][T13819]  </TASK>
[  268.153131][T13819] ERROR: Out of memory at tomoyo_realpath_from_path.
[  268.165520][T13820] netlink: 'syz.2.2738': attribute type 10 has an invalid length.
[  268.224607][T13820] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2738'.
[  268.229826][ T5992] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  268.234630][T13820] team0: Port device geneve0 added
[  268.252381][ T5992] usb 6-1: device descriptor read/8, error -71
[  268.308043][T13829] tmpfs: Unknown parameter 'usrquota0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.308043][T13829] 0
[  268.312294][T13831] fuse: Unknown parameter '
'
[  268.372985][    C1] vkms_vblank_simulate: vblank timer overrun
[  268.374095][T13833] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2744'.
[  268.378602][ T5992] usb usb6-port1: unable to enumerate USB device
[  268.385708][T13829] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  268.459641][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  268.563690][T13829] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  268.567369][T13829] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  268.569968][T13829] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  268.577398][T13829] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  268.580214][T13829] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  268.582126][T13829] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  268.585734][T13829] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  268.681185][T13845] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2750'.
[  268.709933][T13847] FAULT_INJECTION: forcing a failure.
[  268.709933][T13847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.714847][T13847] CPU: 0 UID: 0 PID: 13847 Comm: syz.2.2751 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  268.714872][T13847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  268.714884][T13847] Call Trace:
[  268.714890][T13847]  <TASK>
[  268.714898][T13847]  dump_stack_lvl+0x16c/0x1f0
[  268.714927][T13847]  should_fail_ex+0x512/0x640
[  268.714956][T13847]  _copy_from_user+0x2e/0xd0
[  268.714984][T13847]  drm_ioctl+0x4fb/0xc30
[  268.715007][T13847]  ? __pfx_drm_prime_handle_to_fd_ioctl+0x10/0x10
[  268.715034][T13847]  ? __pfx_drm_ioctl+0x10/0x10
[  268.715063][T13847]  ? selinux_file_ioctl+0x180/0x270
[  268.715090][T13847]  ? selinux_file_ioctl+0xb4/0x270
[  268.715118][T13847]  ? __pfx_drm_ioctl+0x10/0x10
[  268.715146][T13847]  __x64_sys_ioctl+0x193/0x200
[  268.715174][T13847]  do_syscall_64+0xcd/0x260
[  268.715204][T13847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.715222][T13847] RIP: 0033:0x7f4e3938e969
[  268.715237][T13847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.715253][T13847] RSP: 002b:00007f4e3a134038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  268.715271][T13847] RAX: ffffffffffffffda RBX: 00007f4e395b5fa0 RCX: 00007f4e3938e969
[  268.715283][T13847] RDX: 0000200000000040 RSI: 00000000c00c642d RDI: 0000000000000003
[  268.715294][T13847] RBP: 00007f4e3a134090 R08: 0000000000000000 R09: 0000000000000000
[  268.715305][T13847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.715315][T13847] R13: 0000000000000000 R14: 00007f4e395b5fa0 R15: 00007ffca096a998
[  268.715340][T13847]  </TASK>
[  268.840683][T13851] Bluetooth: MGMT ver 1.23
[  269.009741][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  269.017735][T13867] FAULT_INJECTION: forcing a failure.
[  269.017735][T13867] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.022266][T13867] CPU: 3 UID: 0 PID: 13867 Comm: syz.3.2760 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  269.022290][T13867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.022301][T13867] Call Trace:
[  269.022308][T13867]  <TASK>
[  269.022315][T13867]  dump_stack_lvl+0x16c/0x1f0
[  269.022345][T13867]  should_fail_ex+0x512/0x640
[  269.022374][T13867]  _copy_to_user+0x32/0xd0
[  269.022402][T13867]  drm_ioctl+0x5eb/0xc30
[  269.022426][T13867]  ? __pfx_drm_prime_handle_to_fd_ioctl+0x10/0x10
[  269.022463][T13867]  ? __pfx_drm_ioctl+0x10/0x10
[  269.022481][T13867]  ? selinux_file_ioctl+0x180/0x270
[  269.022499][T13867]  ? selinux_file_ioctl+0xb4/0x270
[  269.022517][T13867]  ? __pfx_drm_ioctl+0x10/0x10
[  269.022529][T13867]  __x64_sys_ioctl+0x193/0x200
[  269.022546][T13867]  do_syscall_64+0xcd/0x260
[  269.022563][T13867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.022575][T13867] RIP: 0033:0x7ff16f38e969
[  269.022585][T13867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.022596][T13867] RSP: 002b:00007ff1702de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  269.022607][T13867] RAX: ffffffffffffffda RBX: 00007ff16f5b5fa0 RCX: 00007ff16f38e969
[  269.022614][T13867] RDX: 0000200000000040 RSI: 00000000c00c642d RDI: 0000000000000003
[  269.022621][T13867] RBP: 00007ff1702de090 R08: 0000000000000000 R09: 0000000000000000
[  269.022628][T13867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.022635][T13867] R13: 0000000000000000 R14: 00007ff16f5b5fa0 R15: 00007fff5129a788
[  269.022649][T13867]  </TASK>
[  269.046528][T13869] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2761'.
[  269.137228][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  269.137238][   T40] audit: type=1400 audit(1747362734.527:25887): avc:  denied  { getopt } for  pid=13874 comm="syz.3.2764" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  269.140115][T13875] tmpfs: Invalid gid '0x00000000ffffffff'
[  269.251696][   T40] audit: type=1400 audit(1747362734.647:25888): avc:  denied  { setopt } for  pid=13880 comm="syz.3.2765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  269.388547][T13887] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3856 sclass=netlink_route_socket pid=13887 comm=syz.3.2768
[  269.447137][   T40] audit: type=1400 audit(1747362734.837:25889): avc:  denied  { lock } for  pid=13891 comm="syz.2.2771" path="/dev/video1" dev="devtmpfs" ino=956 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  269.450686][T13894] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2771'.
[  269.469379][T13896] FAULT_INJECTION: forcing a failure.
[  269.469379][T13896] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.474216][T13896] CPU: 3 UID: 0 PID: 13896 Comm: syz.3.2772 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  269.474234][T13896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.474242][T13896] Call Trace:
[  269.474246][T13896]  <TASK>
[  269.474251][T13896]  dump_stack_lvl+0x16c/0x1f0
[  269.474272][T13896]  should_fail_ex+0x512/0x640
[  269.474292][T13896]  _copy_to_user+0x32/0xd0
[  269.474311][T13896]  simple_read_from_buffer+0xcb/0x170
[  269.474331][T13896]  proc_fail_nth_read+0x197/0x270
[  269.474350][T13896]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  269.474369][T13896]  ? rw_verify_area+0xcf/0x680
[  269.474385][T13896]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  269.474403][T13896]  vfs_read+0x1e1/0xc70
[  269.474423][T13896]  ? __pfx___mutex_lock+0x10/0x10
[  269.474441][T13896]  ? __pfx_vfs_read+0x10/0x10
[  269.474462][T13896]  ? __fget_files+0x20e/0x3c0
[  269.474478][T13896]  ksys_read+0x12a/0x240
[  269.474496][T13896]  ? __pfx_ksys_read+0x10/0x10
[  269.474518][T13896]  do_syscall_64+0xcd/0x260
[  269.474537][T13896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.474549][T13896] RIP: 0033:0x7ff16f38d37c
[  269.474558][T13896] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  269.474570][T13896] RSP: 002b:00007ff1702de030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  269.474582][T13896] RAX: ffffffffffffffda RBX: 00007ff16f5b5fa0 RCX: 00007ff16f38d37c
[  269.474590][T13896] RDX: 000000000000000f RSI: 00007ff1702de0a0 RDI: 0000000000000006
[  269.474597][T13896] RBP: 00007ff1702de090 R08: 0000000000000000 R09: 0000000000000000
[  269.474604][T13896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.474611][T13896] R13: 0000000000000000 R14: 00007ff16f5b5fa0 R15: 00007fff5129a788
[  269.474626][T13896]  </TASK>
[  269.568829][T13901] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2774'.
[  269.611220][T13904] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  269.643019][T13909] overlayfs: missing 'lowerdir'
[  269.648795][   T40] audit: type=1400 audit(1747362735.037:25890): avc:  denied  { getopt } for  pid=13907 comm="syz.3.2778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  269.653397][T13909] input: syz0 as /devices/virtual/input/input43
[  269.676452][T13909] program syz.3.2778 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  269.678827][   T40] audit: type=1400 audit(1747362735.067:25891): avc:  denied  { ioctl } for  pid=13911 comm="syz.2.2780" path="socket:[67467]" dev="sockfs" ino=67467 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  269.688134][   T40] audit: type=1400 audit(1747362735.077:25892): avc:  denied  { ioctl } for  pid=13911 comm="syz.2.2780" path="socket:[67468]" dev="sockfs" ino=67468 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[  269.688416][T13912] netlink: 'syz.2.2780': attribute type 1 has an invalid length.
[  269.713192][T13912] 8021q: adding VLAN 0 to HW filter on device bond7
[  269.722753][    C1] vcan0: j1939_tp_rxtimer: 0xffff888037350c00: rx timeout, send abort
[  269.725421][    C1] vcan0: j1939_tp_rxtimer: 0xffff888025429400: rx timeout, send abort
[  269.735815][T13912] ip6erspan0: entered promiscuous mode
[  269.741719][T13912] bond7: (slave ip6erspan0): making interface the new active one
[  269.746833][T13912] bond7: (slave ip6erspan0): Enslaving as an active interface with an up link
[  269.778205][T13921] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2783'.
[  269.843976][   T40] audit: type=1400 audit(1747362735.237:25893): avc:  denied  { write } for  pid=13931 comm="syz.3.2786" path="socket:[68281]" dev="sockfs" ino=68281 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  269.892336][ T5944] Bluetooth: hci3: unexpected event 0x01 length: 4 > 1
[  269.893394][   T40] audit: type=1400 audit(1747362735.287:25894): avc:  denied  { map } for  pid=13936 comm="syz.3.2788" path="socket:[69772]" dev="sockfs" ino=69772 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  269.915174][   T40] audit: type=1400 audit(1747362735.307:25895): avc:  denied  { unmount } for  pid=5937 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  269.931903][   T40] audit: type=1400 audit(1747362735.327:25896): avc:  denied  { create } for  pid=13938 comm="syz.3.2789" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  269.996546][T13951] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  270.195679][T13965] PKCS7: Unknown OID: [4] 5.25.43183(bad)
[  270.196314][T13955] IPv6: Can't replace route, no match found
[  270.198338][T13965] PKCS7: Only support pkcs7_signedData type
[  270.225310][    C1] vcan0: j1939_tp_rxtimer: 0xffff888037350c00: abort rx timeout. Force session deactivation
[  270.228547][    C1] vcan0: j1939_tp_rxtimer: 0xffff888025429400: abort rx timeout. Force session deactivation
[  270.276915][T13975] tipc: Started in network mode
[  270.278965][T13975] tipc: Node identity 4ecb45aefecd, cluster identity 4711
[  270.282105][T13975] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  270.304456][T13975] tipc: Disabling bearer <eth:syzkaller0>
[  270.596406][T14008] 8021q: VLANs not supported on ip6gre0
[  270.609760][ T5944] Bluetooth: hci3: command 0x0c1a tx timeout
[  270.609839][ T5946] Bluetooth: hci4: command 0x0c1a tx timeout
[  270.710358][T14020] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.713586][T14020] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.759027][T14024] tmpfs: Unknown parameter 'usréÄoTa_inode_hardlimit'
[  270.802702][T14029] netlink: 'syz.0.2824': attribute type 11 has an invalid length.
[  270.802731][T14030] netlink: 'syz.0.2824': attribute type 11 has an invalid length.
[  270.849577][ T5940] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  271.219563][ T5972] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  271.357094][ T5972] usb 6-1: device descriptor read/64, error -71
[  271.599447][T14076] __nla_validate_parse: 11 callbacks suppressed
[  271.601235][ T5972] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  271.606132][T14076] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2845'.
[  271.747757][ T5972] usb 6-1: device descriptor read/64, error -71
[  271.754023][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  271.758708][ T5946] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  271.764250][ T5946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  271.768221][ T5946] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  271.772139][ T5946] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  271.862746][ T5972] usb usb6-port1: attempt power cycle
[  271.873688][T14089] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  271.877383][T14091] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  271.904390][ T1143] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  271.907735][ T1143] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.936919][T14084] chnl_net:caif_netlink_parms(): no params data found
[  272.015712][ T1143] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  272.019047][ T1143] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.045630][T14084] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.048332][T14084] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.051128][T14084] bridge_slave_0: entered allmulticast mode
[  272.053947][T14084] bridge_slave_0: entered promiscuous mode
[  272.060370][T14084] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.062619][T14084] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.064841][T14084] bridge_slave_1: entered allmulticast mode
[  272.067511][T14084] bridge_slave_1: entered promiscuous mode
[  272.107273][T14084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  272.121223][ T1143] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  272.125406][ T1143] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.137006][T14084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  272.175279][ T1143] bond0: (slave netdevsim0): Releasing backup interface
[  272.180355][ T1143] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  272.184185][ T1143] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.197011][T14084] team0: Port device team_slave_0 added
[  272.199661][ T5972] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  272.208180][T14084] team0: Port device team_slave_1 added
[  272.220333][ T5972] usb 6-1: device descriptor read/8, error -71
[  272.247070][T14084] batman_adv: batadv0: Adding interface: batadv_slave_0
[  272.249246][T14084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.257284][T14084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  272.262493][T14084] batman_adv: batadv0: Adding interface: batadv_slave_1
[  272.265004][T14084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.276168][T14084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  272.317663][T14084] hsr_slave_0: entered promiscuous mode
[  272.320907][T14084] hsr_slave_1: entered promiscuous mode
[  272.461335][ T5972] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  272.480200][ T5972] usb 6-1: device descriptor read/8, error -71
[  272.486657][ T1143] bond7 (unregistering): (slave ip6erspan0): Releasing active interface
[  272.534846][ T1143] bond5 (unregistering): (slave erspan0): Releasing active interface
[  272.599778][ T5972] usb usb6-port1: unable to enumerate USB device
[  272.657084][ T1143] team0: Port device geneve0 removed
[  272.689611][ T5946] Bluetooth: hci4: command 0x0c1a tx timeout
[  272.699715][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  272.791542][ T1143] bond0 (unregistering): Released all slaves
[  272.871420][ T1143] bond1 (unregistering): Released all slaves
[  272.953033][ T1143] bond2 (unregistering): Released all slaves
[  273.037703][ T1143] bond3 (unregistering): Released all slaves
[  273.129361][ T1143] bond4 (unregistering): Released all slaves
[  273.212568][ T1143] bond5 (unregistering): Released all slaves
[  273.306095][ T1143] bond6 (unregistering): Released all slaves
[  273.381342][ T1143] bond7 (unregistering): Released all slaves
[  273.729144][T14110] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2852'.
[  273.809627][ T5946] Bluetooth: hci1: command tx timeout
[  273.889589][ T5946] Bluetooth: hci2: command 0x1003 tx timeout
[  273.892939][ T5940] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  273.954070][T14120] tmpfs: Bad value for 'mpol'
[  273.991519][T14084] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  273.995318][T14084] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  274.002841][T14084] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  274.007432][T14084] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  274.056329][T14130] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2855'.
[  274.063616][T14084] 8021q: adding VLAN 0 to HW filter on device bond0
[  274.074544][T14084] 8021q: adding VLAN 0 to HW filter on device team0
[  274.084222][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.086383][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  274.089389][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.091567][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.126065][T14084] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  274.139743][T14135] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2856'.
[  274.172655][T14135] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14135 comm=syz.0.2856
[  274.222967][T14084] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.245297][T14084] veth0_vlan: entered promiscuous mode
[  274.253215][T14084] veth1_vlan: entered promiscuous mode
[  274.273394][T14084] veth0_macvtap: entered promiscuous mode
[  274.278709][T14084] veth1_macvtap: entered promiscuous mode
[  274.287394][T14084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  274.291209][T14084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.294393][T14084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  274.297995][T14084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.302400][T14084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  274.305767][T14084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.310142][T14084] batman_adv: batadv0: Interface activated: batadv_slave_0
[  274.315336][T14084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  274.318655][T14084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.321784][T14084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  274.325031][T14084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.328002][T14084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  274.331999][T14084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.335777][T14084] batman_adv: batadv0: Interface activated: batadv_slave_1
[  274.340511][T14084] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.343162][T14084] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.345779][T14084] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.348478][T14084] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.382266][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.384916][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.397019][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.400123][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.479496][ T5930] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[  274.640800][ T5930] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.644215][ T5930] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.647618][ T5930] usb 6-1: config 0 interface 0 has no altsetting 0
[  274.650532][ T5930] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  274.653371][ T5930] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.654892][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.657412][ T5930] usb 6-1: config 0 descriptor??
[  274.658409][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.665853][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.668902][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.679787][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.682214][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.684555][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.686918][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.689343][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.692156][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.694564][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.696944][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.699305][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.702219][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.704537][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.706874][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.709203][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.711774][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.714136][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.716503][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.718920][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.721885][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.724312][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.726759][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.729218][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.731873][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.734354][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.736805][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.739256][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.741834][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.744269][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.746710][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.749169][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.751654][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.754107][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.756526][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.758969][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.761521][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.763944][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.766388][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.768834][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.769778][ T5940] Bluetooth: hci4: command 0x0c1a tx timeout
[  274.771400][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  274.775064][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.777514][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  274.782045][   T58] hid-generic 0000:007F:FFFFFFFE.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  274.824439][T14156] fido_id[14156]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  274.934941][T14162] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2864'.
[  274.939051][T14162] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.941647][T14162] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.069571][ T5930] usbhid 6-1:0.0: can't add hid device: -71
[  275.072025][ T5930] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  275.078419][ T5930] usb 6-1: USB disconnect, device number 55
[  275.085906][   T40] kauditd_printk_skb: 12 callbacks suppressed
[  275.085917][   T40] audit: type=1400 audit(1747362740.477:25909): avc:  denied  { unmount } for  pid=12000 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  275.095888][ T1143] tipc: Left network mode
[  275.115605][   T40] audit: type=1400 audit(1747362740.507:25910): avc:  denied  { write } for  pid=14173 comm="syz.3.2871" name="/" dev="configfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  275.218008][T14184] netlink: 'syz.3.2873': attribute type 1 has an invalid length.
[  275.240958][T14184] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2873'.
[  275.398611][ T1143] hsr_slave_0: left promiscuous mode
[  275.402306][ T1143] hsr_slave_1: left promiscuous mode
[  275.419191][ T1143] veth1_macvtap: left promiscuous mode
[  275.421293][ T1143] veth0_macvtap: left promiscuous mode
[  275.423026][ T1143] veth1_vlan: left allmulticast mode
[  275.424643][ T1143] veth1_vlan: left promiscuous mode
[  275.457474][T14192] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2875'.
[  275.486360][T14194] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2876'.
[  275.656994][   T40] audit: type=1400 audit(1747362741.047:25911): avc:  denied  { watch } for  pid=14195 comm="syz.1.2877" path="/97/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=531 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  275.674044][   T40] audit: type=1400 audit(1747362741.047:25912): avc:  denied  { watch_sb } for  pid=14195 comm="syz.1.2877" path="/97/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=531 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  275.889568][ T5946] Bluetooth: hci1: command tx timeout
[  276.702949][ T1143] lo (unregistering): left allmulticast mode
[  276.739191][T14211] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2882'.
[  276.943977][T14240] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2893'.
[  276.957901][T14242] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2895'.
[  276.958049][T14244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2894'.
[  277.018380][T14249] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2897'.
[  277.030536][T14249] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.115815][T14249] bridge_slave_1 (unregistering): left allmulticast mode
[  277.118111][T14249] bridge_slave_1 (unregistering): left promiscuous mode
[  277.120717][T14249] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.139357][ T1143] IPVS: stop unused estimator thread 0...
[  277.143844][T14250] syz.3.2899: attempt to access beyond end of device
[  277.143844][T14250] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  277.152354][T14250] exFAT-fs (nbd3): unable to read boot sector
[  277.154636][T14250] exFAT-fs (nbd3): failed to read boot sector
[  277.156616][T14250] exFAT-fs (nbd3): failed to recognize exfat type
[  277.268676][   T40] audit: type=1400 audit(1747362742.657:25913): avc:  denied  { ioctl } for  pid=14262 comm="syz.3.2903" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  277.409514][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  277.581489][   T13] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  277.585453][   T13] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  277.610647][ T5972] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  277.928379][   T40] audit: type=1400 audit(1747362743.317:25914): avc:  denied  { mount } for  pid=14302 comm="syz.3.2916" name="/" dev="rpc_pipefs" ino=70494 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  277.969566][ T5946] Bluetooth: hci1: command tx timeout
[  278.223139][ T5972] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  278.246310][T14313] xt_hashlimit: size too large, truncated to 1048576
[  278.265330][    C1] vcan0: j1939_tp_rxtimer: 0xffff888051b3b800: rx timeout, send abort
[  278.268102][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880256e5000: rx timeout, send abort
[  278.379667][ T5972] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  278.453954][T14325] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2925'.
[  278.457437][T14325] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.473634][T14327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2926'.
[  278.491313][T14329] openvswitch: netlink: EtherType 0 is less than min 600
[  278.533765][T14331] futex_wake_op: syz.2.2928 tries to shift op by 32; fix this program
[  278.562389][T14336] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2930'.
[  278.592264][T14338] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2931'.
[  278.688912][T14354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2936'.
[  278.725971][   T40] audit: type=1400 audit(1747362744.117:25915): avc:  denied  { mounton } for  pid=14355 comm="syz.3.2937" path=2F3132342FE91F7189591E9233614B dev="tmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  278.725999][T14356] 9pnet_virtio: no channels available for device éq‰Y’3aK
[  278.767996][    C1] vcan0: j1939_tp_rxtimer: 0xffff888051b3b800: abort rx timeout. Force session deactivation
[  278.771363][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880256e5000: abort rx timeout. Force session deactivation
[  278.800521][ T5946] Bluetooth: hci4: unexpected event for opcode 0x1405
[  279.177865][T14389] overlayfs: unescaped trailing colons in lowerdir mount option.
[  279.189171][T14389] cgroup: No subsys list or none specified
[  279.429510][ T2081] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[  279.582738][ T2081] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  279.587160][ T2081] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.590356][ T2081] usb 6-1: Product: syz
[  279.592320][ T2081] usb 6-1: Manufacturer: syz
[  279.594334][ T2081] usb 6-1: SerialNumber: syz
[  279.610101][ T2081] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  279.627129][   T40] audit: type=1400 audit(1747362745.017:25916): avc:  denied  { firmware_load } for  pid=2081 comm="kworker/2:2" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  279.637514][ T2081] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  279.653105][T14419] trusted_key: encrypted_key: insufficient parameters specified
[  280.049617][ T5946] Bluetooth: hci1: command tx timeout
[  280.052825][ T5972] usb 6-1: USB disconnect, device number 56
[  280.055221][    C2] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  280.062796][   T40] audit: type=1400 audit(1747362745.457:25917): avc:  denied  { remount } for  pid=14453 comm="syz.2.2974" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  280.066665][T14455] gadgetfs: Unknown parameter '+@^'
[  280.070638][   T40] audit: type=1400 audit(1747362745.457:25918): avc:  denied  { mounton } for  pid=14453 comm="syz.2.2974" path="/28/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  280.290268][    C2] vcan0: j1939_tp_rxtimer: 0xffff888037356c00: rx timeout, send abort
[  280.292996][    C2] vcan0: j1939_tp_rxtimer: 0xffff888050e71800: rx timeout, send abort
[  280.295618][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  280.295626][   T40] audit: type=1400 audit(1747362745.687:25920): avc:  denied  { write } for  pid=14473 comm="syz.2.2978" path="socket:[73906]" dev="sockfs" ino=73906 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  280.396331][T14483] program syz.0.2981 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  280.401271][   T40] audit: type=1400 audit(1747362745.797:25921): avc:  denied  { getopt } for  pid=14484 comm="syz.2.2982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  280.407500][T14483] Unknown options in mask 5
[  280.619541][   T40] audit: type=1400 audit(1747362746.007:25922): avc:  denied  { map } for  pid=14493 comm="syz.2.2985" path="/37/file0/pids.current" dev="9p" ino=35913964 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  280.621931][T14494] netfs: Couldn't get user pages (rc=-14)
[  280.690419][ T2081] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  280.693471][ T2081] ath9k_htc: Failed to initialize the device
[  280.696873][ T5972] usb 6-1: ath9k_htc: USB layer deinitialized
[  280.792911][    C2] vcan0: j1939_tp_rxtimer: 0xffff888037356c00: abort rx timeout. Force session deactivation
[  280.797278][    C2] vcan0: j1939_tp_rxtimer: 0xffff888050e71800: abort rx timeout. Force session deactivation
[  280.978942][T14514] UHID_CREATE from different security context by process 103 (syz.2.2994), this is not allowed.
[  281.310257][ T5972] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  281.344819][T14544] netlink: 'syz.1.3004': attribute type 4 has an invalid length.
[  281.424060][ T5946] Bluetooth: hci0: Unknown advertising packet type: 0x70
[  281.459422][ T5972] usb 7-1: Using ep0 maxpacket: 16
[  281.464838][ T5972] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  281.468816][ T5972] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  281.476103][ T5972] usb 7-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  281.479800][ T5972] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.482440][ T5972] usb 7-1: Product: syz
[  281.483798][ T5972] usb 7-1: Manufacturer: syz
[  281.485233][ T5972] usb 7-1: SerialNumber: syz
[  281.488183][ T5972] usb 7-1: config 0 descriptor??
[  281.489950][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  281.537113][   T40] audit: type=1400 audit(1747362746.927:25923): avc:  denied  { write } for  pid=14562 comm="syz.0.3013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  281.749669][ T5972] appledisplay 7-1:0.0: Error while getting initial brightness: -110
[  281.752815][ T5972] appledisplay 7-1:0.0: probe with driver appledisplay failed with error -110
[  281.758003][T14522] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  281.760167][T14522] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  281.768212][T14522] vhci_hcd vhci_hcd.0: Device attached
[  281.779624][ T2081] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  281.814800][T14565] vhci_hcd: cannot find a urb of seqnum 3 max seqnum 1
[  281.818685][   T75] vhci_hcd: stop threads
[  281.821733][   T75] vhci_hcd: release socket
[  281.823448][ T5972] usb 7-1: USB disconnect, device number 40
[  281.823470][   T75] vhci_hcd: disconnect device
[  281.951437][ T2081] usb 5-1: unable to get BOS descriptor or descriptor too short
[  281.954790][ T2081] usb 5-1: config 5 has an invalid interface number: 1 but max is 0
[  281.957816][ T2081] usb 5-1: config 5 has no interface number 0
[  281.960549][ T2081] usb 5-1: config 5 interface 1 has no altsetting 0
[  281.965179][ T2081] usb 5-1: New USB device found, idVendor=0e41, idProduct=4650, bcdDevice=d4.41
[  281.968962][ T2081] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.972606][ T2081] usb 5-1: Product: syz
[  281.974396][ T2081] usb 5-1: Manufacturer: syz
[  281.976050][ T2081] usb 5-1: SerialNumber: syz
[  282.153416][T14573] openvswitch: netlink: Multiple metadata blocks provided
[  282.186954][ T2081] snd_usb_variax 5-1:5.1: Line 6 PODxt Live found
[  282.189015][ T2081] usb 5-1: selecting invalid altsetting 1
[  282.191209][ T2081] snd_usb_variax 5-1:5.1: set_interface failed
[  282.193252][ T2081] snd_usb_variax 5-1:5.1: Line 6 PODxt Live now disconnected
[  282.195982][ T2081] snd_usb_variax 5-1:5.1: probe with driver snd_usb_variax failed with error -22
[  282.199557][ T2081] usb 5-1: USB disconnect, device number 17
[  282.264349][    C2] vcan0: j1939_tp_rxtimer: 0xffff8880249ea000: rx timeout, send abort
[  282.267142][    C2] vcan0: j1939_tp_rxtimer: 0xffff8880249eac00: rx timeout, send abort
[  282.316863][T14585] FAULT_INJECTION: forcing a failure.
[  282.316863][T14585] name failslab, interval 1, probability 0, space 0, times 0
[  282.321772][T14585] CPU: 2 UID: 0 PID: 14585 Comm: syz.1.3018 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  282.321788][T14585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.321795][T14585] Call Trace:
[  282.321799][T14585]  <TASK>
[  282.321804][T14585]  dump_stack_lvl+0x16c/0x1f0
[  282.321824][T14585]  should_fail_ex+0x512/0x640
[  282.321840][T14585]  ? fs_reclaim_acquire+0xae/0x150
[  282.321857][T14585]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  282.321875][T14585]  should_failslab+0xc2/0x120
[  282.321888][T14585]  __kmalloc_noprof+0xd2/0x510
[  282.321902][T14585]  tomoyo_realpath_from_path+0xc2/0x6e0
[  282.321921][T14585]  ? tomoyo_profile+0x47/0x60
[  282.321933][T14585]  tomoyo_path_number_perm+0x245/0x580
[  282.321948][T14585]  ? tomoyo_path_number_perm+0x237/0x580
[  282.321963][T14585]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  282.321979][T14585]  ? find_held_lock+0x2b/0x80
[  282.322005][T14585]  ? find_held_lock+0x2b/0x80
[  282.322023][T14585]  ? hook_file_ioctl_common+0x145/0x410
[  282.322038][T14585]  ? __fget_files+0x20e/0x3c0
[  282.322051][T14585]  security_file_ioctl+0x9b/0x240
[  282.322068][T14585]  __x64_sys_ioctl+0xb7/0x200
[  282.322085][T14585]  do_syscall_64+0xcd/0x260
[  282.322102][T14585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.322114][T14585] RIP: 0033:0x7fd7ef58e969
[  282.322123][T14585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.322135][T14585] RSP: 002b:00007fd7f0409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  282.322145][T14585] RAX: ffffffffffffffda RBX: 00007fd7ef7b5fa0 RCX: 00007fd7ef58e969
[  282.322153][T14585] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  282.322160][T14585] RBP: 00007fd7f0409090 R08: 0000000000000000 R09: 0000000000000000
[  282.322167][T14585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.322174][T14585] R13: 0000000000000000 R14: 00007fd7ef7b5fa0 R15: 00007ffd0cf73d78
[  282.322188][T14585]  </TASK>
[  282.322192][T14585] ERROR: Out of memory at tomoyo_realpath_from_path.
[  282.618995][T14604] __nla_validate_parse: 24 callbacks suppressed
[  282.619011][T14604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3024'.
[  282.661022][T14606] rtc_cmos 00:05: Alarms can be up to one day in the future
[  282.767067][    C2] vcan0: j1939_tp_rxtimer: 0xffff8880249ea000: abort rx timeout. Force session deactivation
[  282.771366][    C2] vcan0: j1939_tp_rxtimer: 0xffff8880249eac00: abort rx timeout. Force session deactivation
[  282.807900][T14612] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3027'.
[  282.862818][T14615] FAULT_INJECTION: forcing a failure.
[  282.862818][T14615] name failslab, interval 1, probability 0, space 0, times 0
[  282.867108][T14615] CPU: 2 UID: 0 PID: 14615 Comm: syz.1.3030 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  282.867124][T14615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.867131][T14615] Call Trace:
[  282.867135][T14615]  <TASK>
[  282.867140][T14615]  dump_stack_lvl+0x16c/0x1f0
[  282.867162][T14615]  should_fail_ex+0x512/0x640
[  282.867178][T14615]  ? fs_reclaim_acquire+0xae/0x150
[  282.867195][T14615]  ? tomoyo_encode2+0x100/0x3e0
[  282.867211][T14615]  should_failslab+0xc2/0x120
[  282.867224][T14615]  __kmalloc_noprof+0xd2/0x510
[  282.867238][T14615]  tomoyo_encode2+0x100/0x3e0
[  282.867257][T14615]  tomoyo_encode+0x29/0x50
[  282.867273][T14615]  tomoyo_realpath_from_path+0x18f/0x6e0
[  282.867305][T14615]  ? tomoyo_profile+0x47/0x60
[  282.867318][T14615]  tomoyo_path_number_perm+0x245/0x580
[  282.867332][T14615]  ? tomoyo_path_number_perm+0x237/0x580
[  282.867348][T14615]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  282.867364][T14615]  ? find_held_lock+0x2b/0x80
[  282.867391][T14615]  ? find_held_lock+0x2b/0x80
[  282.867404][T14615]  ? hook_file_ioctl_common+0x145/0x410
[  282.867419][T14615]  ? __fget_files+0x20e/0x3c0
[  282.867432][T14615]  security_file_ioctl+0x9b/0x240
[  282.867450][T14615]  __x64_sys_ioctl+0xb7/0x200
[  282.867467][T14615]  do_syscall_64+0xcd/0x260
[  282.867484][T14615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.867496][T14615] RIP: 0033:0x7fd7ef58e969
[  282.867506][T14615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.867517][T14615] RSP: 002b:00007fd7f0409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  282.867528][T14615] RAX: ffffffffffffffda RBX: 00007fd7ef7b5fa0 RCX: 00007fd7ef58e969
[  282.867535][T14615] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  282.867543][T14615] RBP: 00007fd7f0409090 R08: 0000000000000000 R09: 0000000000000000
[  282.867550][T14615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.867556][T14615] R13: 0000000000000000 R14: 00007fd7ef7b5fa0 R15: 00007ffd0cf73d78
[  282.867570][T14615]  </TASK>
[  282.867594][T14615] ERROR: Out of memory at tomoyo_realpath_from_path.
[  282.869435][   T40] audit: type=1400 audit(1747362748.257:25924): avc:  denied  { read } for  pid=14613 comm="syz.3.3029" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  282.953535][   T40] audit: type=1400 audit(1747362748.257:25925): avc:  denied  { open } for  pid=14613 comm="syz.3.3029" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  282.955187][T14628] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3035'.
[  282.970236][T14628] vlan2: entered allmulticast mode
[  282.971914][T14628] bond0: entered allmulticast mode
[  282.973598][T14628] bond_slave_0: entered allmulticast mode
[  282.975441][T14628] bond_slave_1: entered allmulticast mode
[  283.019172][   T40] audit: type=1400 audit(1747362748.407:25926): avc:  denied  { read } for  pid=14627 comm="syz.2.3035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  283.044352][ T5946] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  283.045801][ T5946] Bluetooth: hci4: unexpected event for opcode 0x2016
[  283.091570][T14640] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3039'.
[  283.150612][   T40] audit: type=1400 audit(1747362748.547:25927): avc:  denied  { mount } for  pid=14646 comm="syz.1.3043" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  283.159290][   T40] audit: type=1400 audit(1747362748.547:25928): avc:  denied  { remount } for  pid=14646 comm="syz.1.3043" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  283.268314][T14665] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  283.273734][T14665] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  283.277388][T14665] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  283.280801][T14665] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  283.284733][T14665] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  283.287620][T14665] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  283.291007][T14665] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  283.294716][T14665] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  283.323972][T14670] FAULT_INJECTION: forcing a failure.
[  283.323972][T14670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.327965][T14670] CPU: 0 UID: 0 PID: 14670 Comm: syz.3.3048 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  283.327981][T14670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  283.327988][T14670] Call Trace:
[  283.327993][T14670]  <TASK>
[  283.327998][T14670]  dump_stack_lvl+0x16c/0x1f0
[  283.328020][T14670]  should_fail_ex+0x512/0x640
[  283.328039][T14670]  _copy_from_user+0x2e/0xd0
[  283.328056][T14670]  ? __pfx_do_get_msr+0x10/0x10
[  283.328070][T14670]  msr_io+0x93/0x2a0
[  283.328086][T14670]  ? __pfx_msr_io+0x10/0x10
[  283.328101][T14670]  ? arch_stack_walk+0xa6/0x100
[  283.328119][T14670]  kvm_arch_vcpu_ioctl+0x2cac/0x4f00
[  283.328138][T14670]  ? kvm_arch_vcpu_ioctl+0x2c88/0x4f00
[  283.328163][T14670]  ? stack_trace_save+0x8e/0xc0
[  283.328189][T14670]  ? stack_depot_save_flags+0x28/0xa50
[  283.328214][T14670]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  283.328236][T14670]  ? __lock_acquire+0xaa4/0x1ba0
[  283.328258][T14670]  ? kasan_save_stack+0x42/0x60
[  283.328268][T14670]  ? kasan_save_stack+0x33/0x60
[  283.328277][T14670]  ? kasan_save_track+0x14/0x30
[  283.328286][T14670]  ? kasan_save_free_info+0x3b/0x60
[  283.328301][T14670]  ? __kasan_slab_free+0x51/0x70
[  283.328310][T14670]  ? kfree+0x2b6/0x4d0
[  283.328325][T14670]  ? tomoyo_path_number_perm+0x470/0x580
[  283.328339][T14670]  ? security_file_ioctl+0x9b/0x240
[  283.328355][T14670]  ? __x64_sys_ioctl+0xb7/0x200
[  283.328372][T14670]  ? __lock_acquire+0xaa4/0x1ba0
[  283.328395][T14670]  ? __mutex_trylock_common+0xe9/0x250
[  283.328413][T14670]  ? __pfx___mutex_trylock_common+0x10/0x10
[  283.328432][T14670]  ? __pfx___might_resched+0x10/0x10
[  283.328448][T14670]  ? rcu_is_watching+0x12/0xc0
[  283.328462][T14670]  ? trace_contention_end+0xdd/0x130
[  283.328473][T14670]  ? __mutex_lock+0x1ca/0xb90
[  283.328515][T14670]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  283.328534][T14670]  ? __pfx___mutex_lock+0x10/0x10
[  283.328556][T14670]  ? tomoyo_path_number_perm+0x18d/0x580
[  283.328572][T14670]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  283.328588][T14670]  kvm_vcpu_ioctl+0x1232/0x1680
[  283.328606][T14670]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  283.328627][T14670]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  283.328647][T14670]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  283.328670][T14670]  ? hook_file_ioctl_common+0x145/0x410
[  283.328686][T14670]  ? selinux_file_ioctl+0x180/0x270
[  283.328703][T14670]  ? selinux_file_ioctl+0xb4/0x270
[  283.328721][T14670]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  283.328739][T14670]  __x64_sys_ioctl+0x193/0x200
[  283.328759][T14670]  do_syscall_64+0xcd/0x260
[  283.328777][T14670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.328789][T14670] RIP: 0033:0x7ff16f38e969
[  283.328798][T14670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.328810][T14670] RSP: 002b:00007ff1702de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  283.328821][T14670] RAX: ffffffffffffffda RBX: 00007ff16f5b5fa0 RCX: 00007ff16f38e969
[  283.328828][T14670] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  283.328835][T14670] RBP: 00007ff1702de090 R08: 0000000000000000 R09: 0000000000000000
[  283.328841][T14670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.328848][T14670] R13: 0000000000000000 R14: 00007ff16f5b5fa0 R15: 00007fff5129a788
[  283.328862][T14670]  </TASK>
[  283.533516][   T40] audit: type=1400 audit(1747362748.927:25929): avc:  denied  { getopt } for  pid=14681 comm="syz.3.3049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  283.862410][ T1151] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.958942][ T1151] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.034264][ T1151] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.124348][T14715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3053'.
[  284.128285][ T5940] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  284.138989][ T5940] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  284.142367][ T5940] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  284.146044][ T5940] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  284.148989][ T5940] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  284.154855][ T1151] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.215500][ T5934] udevd[5934]: symlink '../../loop7' '/dev/disk/by-diskseq/117.tmp-b7:7' failed: Read-only file system
[  284.283188][T14716] chnl_net:caif_netlink_parms(): no params data found
[  284.285665][    C1] vcan0: j1939_tp_rxtimer: 0xffff888051009000: rx timeout, send abort
[  284.288283][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805100a000: rx timeout, send abort
[  284.330261][ T1151] bridge_slave_1: left allmulticast mode
[  284.331952][ T1151] bridge_slave_1: left promiscuous mode
[  284.333721][ T1151] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.337739][ T1151] bridge_slave_0: left allmulticast mode
[  284.339685][ T1151] bridge_slave_0: left promiscuous mode
[  284.341431][ T1151] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.359657][T14729] Falling back ldisc for ttyS3.
[  284.402883][ T5934] udevd[5934]: symlink '../../loop7' '/dev/disk/by-diskseq/117.tmp-b7:7' failed: Read-only file system
[  284.416404][ T5934] udevd[5934]: symlink '../../loop7' '/dev/disk/by-diskseq/117.tmp-b7:7' failed: Read-only file system
[  284.434169][ T5934] udevd[5934]: symlink '../../loop7' '/dev/disk/by-diskseq/118.tmp-b7:7' failed: Read-only file system
[  284.467853][ T5940] Bluetooth: hci4: SCO packet for unknown connection handle 201
[  284.592333][T14752] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3064'.
[  284.662276][ T1151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  284.666661][ T1151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  284.673155][ T1151] bond0 (unregistering): Released all slaves
[  284.715591][T14756] binder: 14755:14756 ioctl c0306201 200000000640 returned -22
[  284.753050][ T1151] tipc: Left network mode
[  284.755150][T14716] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.762002][T14716] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.764735][T14716] bridge_slave_0: entered allmulticast mode
[  284.768211][T14716] bridge_slave_0: entered promiscuous mode
[  284.773944][T14716] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.776341][T14716] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.778565][T14716] bridge_slave_1: entered allmulticast mode
[  284.782789][T14716] bridge_slave_1: entered promiscuous mode
[  284.788202][    C1] vcan0: j1939_tp_rxtimer: 0xffff888051009000: abort rx timeout. Force session deactivation
[  284.792163][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805100a000: abort rx timeout. Force session deactivation
[  284.874408][T14716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  284.878417][T14765] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  284.915456][T14716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  284.919254][T14771] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3069'.
[  284.938827][T14765] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3069'.
[  284.999286][T14777] FAULT_INJECTION: forcing a failure.
[  284.999286][T14777] name failslab, interval 1, probability 0, space 0, times 0
[  285.002030][T14716] team0: Port device team_slave_0 added
[  285.003377][T14777] CPU: 1 UID: 0 PID: 14777 Comm: syz.1.3071 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  285.003394][T14777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.003402][T14777] Call Trace:
[  285.003406][T14777]  <TASK>
[  285.003410][T14777]  dump_stack_lvl+0x16c/0x1f0
[  285.003431][T14777]  should_fail_ex+0x512/0x640
[  285.003448][T14777]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  285.003467][T14777]  should_failslab+0xc2/0x120
[  285.003480][T14777]  __kmalloc_cache_noprof+0x6a/0x3e0
[  285.003497][T14777]  ? kvm_hv_vcpu_init+0xa4/0x7a0
[  285.003516][T14777]  kvm_hv_vcpu_init+0xa4/0x7a0
[  285.003534][T14777]  kvm_hv_get_msr_common+0xfe/0x1a90
[  285.003554][T14777]  ? __pfx_kvm_hv_get_msr_common+0x10/0x10
[  285.003576][T14777]  kvm_get_msr_common+0x13bf/0x2300
[  285.003596][T14777]  vmx_get_msr+0x7c0/0x1330
[  285.003613][T14777]  __kvm_get_msr+0x23b/0x310
[  285.003628][T14777]  ? __pfx___kvm_get_msr+0x10/0x10
[  285.003645][T14777]  kvm_get_msr_ignored_check+0x30/0x430
[  285.003660][T14777]  ? __pfx_do_get_msr+0x10/0x10
[  285.003673][T14777]  msr_io+0x181/0x2a0
[  285.003688][T14777]  ? __pfx_msr_io+0x10/0x10
[  285.003703][T14777]  ? arch_stack_walk+0xa6/0x100
[  285.003720][T14777]  kvm_arch_vcpu_ioctl+0x2cac/0x4f00
[  285.003735][T14777]  ? kvm_arch_vcpu_ioctl+0x2c88/0x4f00
[  285.003750][T14777]  ? stack_trace_save+0x8e/0xc0
[  285.003770][T14777]  ? stack_depot_save_flags+0x28/0xa50
[  285.003786][T14777]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  285.003799][T14777]  ? __lock_acquire+0xaa4/0x1ba0
[  285.003819][T14777]  ? kasan_save_stack+0x42/0x60
[  285.003829][T14777]  ? kasan_save_stack+0x33/0x60
[  285.003838][T14777]  ? kasan_save_track+0x14/0x30
[  285.003847][T14777]  ? kasan_save_free_info+0x3b/0x60
[  285.003861][T14777]  ? __kasan_slab_free+0x51/0x70
[  285.003871][T14777]  ? kfree+0x2b6/0x4d0
[  285.003885][T14777]  ? tomoyo_path_number_perm+0x470/0x580
[  285.003899][T14777]  ? security_file_ioctl+0x9b/0x240
[  285.003915][T14777]  ? __x64_sys_ioctl+0xb7/0x200
[  285.003932][T14777]  ? __lock_acquire+0xaa4/0x1ba0
[  285.003954][T14777]  ? __mutex_trylock_common+0xe9/0x250
[  285.003972][T14777]  ? __pfx___mutex_trylock_common+0x10/0x10
[  285.003991][T14777]  ? __pfx___might_resched+0x10/0x10
[  285.004008][T14777]  ? rcu_is_watching+0x12/0xc0
[  285.004023][T14777]  ? trace_contention_end+0xdd/0x130
[  285.004034][T14777]  ? __mutex_lock+0x1ca/0xb90
[  285.004051][T14777]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  285.004069][T14777]  ? __pfx___mutex_lock+0x10/0x10
[  285.004090][T14777]  ? tomoyo_path_number_perm+0x18d/0x580
[  285.004107][T14777]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  285.004122][T14777]  kvm_vcpu_ioctl+0x1232/0x1680
[  285.004141][T14777]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  285.004162][T14777]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  285.004185][T14777]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  285.004219][T14777]  ? hook_file_ioctl_common+0x145/0x410
[  285.004246][T14777]  ? selinux_file_ioctl+0x180/0x270
[  285.004270][T14777]  ? selinux_file_ioctl+0xb4/0x270
[  285.004298][T14777]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  285.004317][T14777]  __x64_sys_ioctl+0x193/0x200
[  285.004333][T14777]  do_syscall_64+0xcd/0x260
[  285.004351][T14777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.004362][T14777] RIP: 0033:0x7fd7ef58e969
[  285.004372][T14777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.004383][T14777] RSP: 002b:00007fd7f0409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  285.004394][T14777] RAX: ffffffffffffffda RBX: 00007fd7ef7b5fa0 RCX: 00007fd7ef58e969
[  285.004402][T14777] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  285.004408][T14777] RBP: 00007fd7f0409090 R08: 0000000000000000 R09: 0000000000000000
[  285.004415][T14777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.004421][T14777] R13: 0000000000000000 R14: 00007fd7ef7b5fa0 R15: 00007ffd0cf73d78
[  285.004436][T14777]  </TASK>
[  285.038671][T14779] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3072'.
[  285.041935][T14716] team0: Port device team_slave_1 added
[  285.180949][T14716] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.183027][T14716] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.189760][ T5992] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  285.199433][T14716] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.215317][ T1151] hsr_slave_0: left promiscuous mode
[  285.217159][T14781] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3073'.
[  285.220331][ T1151] hsr_slave_1: left promiscuous mode
[  285.223025][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.225376][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.233602][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.235639][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.270467][ T1151] veth1_macvtap: left promiscuous mode
[  285.272913][ T1151] veth0_macvtap: left promiscuous mode
[  285.275396][ T1151] veth1_vlan: left promiscuous mode
[  285.277621][ T1151] veth0_vlan: left promiscuous mode
[  285.294355][T14785] xt_hashlimit: size too large, truncated to 1048576
[  285.300567][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  285.300583][   T40] audit: type=1400 audit(1747362750.687:25931): avc:  denied  { read } for  pid=14786 comm="syz.2.3076" path="socket:[75619]" dev="sockfs" ino=75619 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  285.334068][ T1151] 
[  285.335115][ T1151] =============================
[  285.336606][ T1151] WARNING: suspicious RCU usage
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  285.338053][ T1151] 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 Not tainted
[  285.341332][ T1151] -----------------------------
[  285.343533][ T1151] net/ipv6/ip6_fib.c:2023 suspicious rcu_dereference_protected() usage!
[  285.346491][   T40] audit: type=1400 audit(1747362750.727:25932): avc:  denied  { write } for  pid=5916 comm="syz-executor" path="pipe:[2725]" dev="pipefs" ino=2725 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  285.349702][ T5992] usb 5-1: Using ep0 maxpacket: 16
[  285.355048][ T1151] 
[  285.355048][ T1151] other info that might help us debug this:
[  285.355048][ T1151] 
[  285.355097][ T1151] 
[  285.355097][ T1151] rcu_scheduler_active = 2, debug_locks = 1
[  285.355109][ T1151] 6 locks held by kworker/u32:9/1151:
[  285.355120][ T1151]  #0: ffff88801c68d148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  285.355172][ T1151]  #1: ffffc90006797d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  285.355213][ T1151]  #2: ffffffff9010ff90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30
[  285.355261][ T1151]  #3: ffffffff90125e28 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  285.355307][ T1151]  #4: ffffffff8e3bfc00
[  285.373852][ T5992] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 111, changing to 10
[  285.377165][ T1151]  (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  285.389121][ T1151]  #5: ffff8880414cac30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  285.392861][ T1151] 
[  285.392861][ T1151] stack backtrace:
[  285.395137][ T1151] CPU: 0 UID: 0 PID: 1151 Comm: kworker/u32:9 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  285.395159][ T1151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.395171][ T1151] Workqueue: netns cleanup_net
[  285.395194][ T1151] Call Trace:
[  285.395201][ T1151]  <TASK>
[  285.395208][ T1151]  dump_stack_lvl+0x16c/0x1f0
[  285.395230][ T1151]  lockdep_rcu_suspicious+0x166/0x260
[  285.395260][ T1151]  fib6_del+0xcf2/0x1770
[  285.395287][ T1151]  ? __pfx_fib6_del+0x10/0x10
[  285.395305][ T1151]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.395324][ T1151]  ? fib6_ifdown+0xcd/0x8f0
[  285.395343][ T1151]  fib6_clean_node+0x424/0x5b0
[  285.395363][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.395393][ T1151]  fib6_walk_continue+0x44f/0x8d0
[  285.395424][ T1151]  fib6_walk+0x182/0x370
[  285.395441][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.395456][ T1151]  fib6_clean_tree+0xd4/0x110
[  285.395469][ T1151]  ? __pfx_fib6_clean_tree+0x10/0x10
[  285.395491][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.395508][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.395534][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.395551][ T1151]  __fib6_clean_all+0x107/0x2d0
[  285.395572][ T1151]  rt6_disable_ip+0x2ec/0x990
[  285.395593][ T1151]  ? __mutex_trylock_common+0xe9/0x250
[  285.395619][ T1151]  ? __pfx___mutex_trylock_common+0x10/0x10
[  285.395644][ T1151]  ? __pfx_rt6_disable_ip+0x10/0x10
[  285.395664][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.395680][ T1151]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  285.395696][ T1151]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.395715][ T1151]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  285.395728][ T1151]  ? tls_dev_event+0xfd/0x10b0
[  285.395749][ T1151]  addrconf_notify+0x220/0x19e0
[  285.395764][ T1151]  ? ip6mr_device_event+0x1bc/0x230
[  285.395782][ T1151]  notifier_call_chain+0xbc/0x410
[  285.395804][ T1151]  ? __pfx_addrconf_notify+0x10/0x10
[  285.395831][ T1151]  call_netdevice_notifiers_info+0xbe/0x140
[  285.395855][ T1151]  dev_close_many+0x319/0x630
[  285.395878][ T1151]  ? __pfx_dev_close_many+0x10/0x10
[  285.395909][ T1151]  unregister_netdevice_many_notify+0x578/0x26f0
[  285.395935][ T1151]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.395954][ T1151]  ? batadv_tt_local_event+0x455/0x7f0
[  285.395970][ T1151]  ? __local_bh_enable_ip+0xa4/0x120
[  285.395992][ T1151]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  285.396022][ T1151]  ? unregister_netdevice_queue+0x22e/0x3f0
[  285.396043][ T1151]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  285.396061][ T1151]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  285.396092][ T1151]  default_device_exit_batch+0x853/0xaf0
[  285.396120][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.396142][ T1151]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  285.396165][ T1151]  ? __pfx___might_resched+0x10/0x10
[  285.396185][ T1151]  ? __pfx_cfg802154_pernet_exit+0x10/0x10
[  285.396210][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.396232][ T1151]  ops_exit_list+0x128/0x180
[  285.396250][ T1151]  cleanup_net+0x5c1/0xb30
[  285.396271][ T1151]  ? __pfx_cleanup_net+0x10/0x10
[  285.396297][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.396320][ T1151]  process_one_work+0x9cf/0x1b70
[  285.396343][ T1151]  ? __pfx_process_one_work+0x10/0x10
[  285.396367][ T1151]  ? assign_work+0x1a0/0x250
[  285.396387][ T1151]  worker_thread+0x6c8/0xf10
[  285.396414][ T1151]  ? __kthread_parkme+0x19e/0x250
[  285.396435][ T1151]  ? __pfx_worker_thread+0x10/0x10
[  285.396453][ T1151]  kthread+0x3c2/0x780
[  285.396488][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.396502][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.396517][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.396532][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.396547][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.396566][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.396583][ T1151]  ret_from_fork+0x45/0x80
[  285.396599][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.396615][ T1151]  ret_from_fork_asm+0x1a/0x30
[  285.396648][ T1151]  </TASK>
[  285.396656][ T1151] 
[  285.399416][ T5992] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  285.401300][ T1151] =============================
[  285.404610][ T5992] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  285.406426][ T1151] WARNING: suspicious RCU usage
[  285.555945][ T1151] 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 Not tainted
[  285.558613][ T1151] -----------------------------
[  285.560537][ T1151] net/ipv6/ip6_fib.c:2035 suspicious rcu_dereference_protected() usage!
[  285.563707][ T1151] 
[  285.563707][ T1151] other info that might help us debug this:
[  285.563707][ T1151] 
[  285.567638][ T1151] 
[  285.567638][ T1151] rcu_scheduler_active = 2, debug_locks = 1
[  285.570776][ T1151] 6 locks held by kworker/u32:9/1151:
[  285.572846][ T1151]  #0: ffff88801c68d148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  285.576811][ T1151]  #1: ffffc90006797d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  285.580663][ T1151]  #2: ffffffff9010ff90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30
[  285.584171][ T1151]  #3: ffffffff90125e28 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  285.588006][ T1151]  #4: ffffffff8e3bfc00 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  285.591749][ T1151]  #5: ffff8880414cac30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  285.595366][ T1151] 
[  285.595366][ T1151] stack backtrace:
[  285.597619][ T1151] CPU: 0 UID: 0 PID: 1151 Comm: kworker/u32:9 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  285.597640][ T1151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.597653][ T1151] Workqueue: netns cleanup_net
[  285.597675][ T1151] Call Trace:
[  285.597683][ T1151]  <TASK>
[  285.597690][ T1151]  dump_stack_lvl+0x16c/0x1f0
[  285.597711][ T1151]  lockdep_rcu_suspicious+0x166/0x260
[  285.597747][ T1151]  fib6_del+0x2ef/0x1770
[  285.597776][ T1151]  ? __pfx_fib6_del+0x10/0x10
[  285.597794][ T1151]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.597810][ T1151]  ? fib6_ifdown+0xcd/0x8f0
[  285.597833][ T1151]  fib6_clean_node+0x424/0x5b0
[  285.597853][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.597883][ T1151]  fib6_walk_continue+0x44f/0x8d0
[  285.597909][ T1151]  fib6_walk+0x182/0x370
[  285.597926][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.597942][ T1151]  fib6_clean_tree+0xd4/0x110
[  285.597958][ T1151]  ? __pfx_fib6_clean_tree+0x10/0x10
[  285.597979][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.597994][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.598020][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.598038][ T1151]  __fib6_clean_all+0x107/0x2d0
[  285.598061][ T1151]  rt6_disable_ip+0x2ec/0x990
[  285.598083][ T1151]  ? __mutex_trylock_common+0xe9/0x250
[  285.598108][ T1151]  ? __pfx___mutex_trylock_common+0x10/0x10
[  285.598134][ T1151]  ? __pfx_rt6_disable_ip+0x10/0x10
[  285.598159][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.598179][ T1151]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  285.598203][ T1151]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.598230][ T1151]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  285.598250][ T1151]  ? tls_dev_event+0xfd/0x10b0
[  285.598270][ T1151]  addrconf_notify+0x220/0x19e0
[  285.598292][ T1151]  ? ip6mr_device_event+0x1bc/0x230
[  285.598319][ T1151]  notifier_call_chain+0xbc/0x410
[  285.598340][ T1151]  ? __pfx_addrconf_notify+0x10/0x10
[  285.598363][ T1151]  call_netdevice_notifiers_info+0xbe/0x140
[  285.598389][ T1151]  dev_close_many+0x319/0x630
[  285.598414][ T1151]  ? __pfx_dev_close_many+0x10/0x10
[  285.598443][ T1151]  unregister_netdevice_many_notify+0x578/0x26f0
[  285.598465][ T1151]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.598487][ T1151]  ? batadv_tt_local_event+0x455/0x7f0
[  285.598504][ T1151]  ? __local_bh_enable_ip+0xa4/0x120
[  285.598525][ T1151]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  285.598551][ T1151]  ? unregister_netdevice_queue+0x22e/0x3f0
[  285.598571][ T1151]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  285.598593][ T1151]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  285.598619][ T1151]  default_device_exit_batch+0x853/0xaf0
[  285.598647][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.598668][ T1151]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  285.598693][ T1151]  ? __pfx___might_resched+0x10/0x10
[  285.598711][ T1151]  ? __pfx_cfg802154_pernet_exit+0x10/0x10
[  285.598739][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.598762][ T1151]  ops_exit_list+0x128/0x180
[  285.598785][ T1151]  cleanup_net+0x5c1/0xb30
[  285.598803][ T1151]  ? __pfx_cleanup_net+0x10/0x10
[  285.598830][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.598853][ T1151]  process_one_work+0x9cf/0x1b70
[  285.598880][ T1151]  ? __pfx_process_one_work+0x10/0x10
[  285.598896][ T1151]  ? assign_work+0x1a0/0x250
[  285.598908][ T1151]  worker_thread+0x6c8/0xf10
[  285.598925][ T1151]  ? __kthread_parkme+0x19e/0x250
[  285.598942][ T1151]  ? __pfx_worker_thread+0x10/0x10
[  285.598954][ T1151]  kthread+0x3c2/0x780
[  285.598965][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.598975][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.598985][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.598996][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.599006][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.599020][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.599031][ T1151]  ret_from_fork+0x45/0x80
[  285.599043][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.599053][ T1151]  ret_from_fork_asm+0x1a/0x30
[  285.599077][ T1151]  </TASK>
[  285.599084][ T1151] 
[  285.746601][ T1151] =============================
[  285.748454][ T1151] WARNING: suspicious RCU usage
[  285.750442][ T1151] 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 Not tainted
[  285.753149][ T1151] -----------------------------
[  285.755056][ T1151] net/ipv6/ip6_fib.c:1921 suspicious rcu_dereference_protected() usage!
[  285.758225][ T1151] 
[  285.758225][ T1151] other info that might help us debug this:
[  285.758225][ T1151] 
[  285.762115][ T1151] 
[  285.762115][ T1151] rcu_scheduler_active = 2, debug_locks = 1
[  285.765169][ T1151] 6 locks held by kworker/u32:9/1151:
[  285.767223][ T1151]  #0: ffff88801c68d148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  285.771233][ T1151]  #1: ffffc90006797d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  285.774987][ T1151]  #2: ffffffff9010ff90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30
[  285.778526][ T1151]  #3: ffffffff90125e28 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  285.782417][ T1151]  #4: ffffffff8e3bfc00 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  285.786013][ T1151]  #5: ffff8880414cac30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  285.789704][ T1151] 
[  285.789704][ T1151] stack backtrace:
[  285.791963][ T1151] CPU: 0 UID: 0 PID: 1151 Comm: kworker/u32:9 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  285.791984][ T1151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.791995][ T1151] Workqueue: netns cleanup_net
[  285.792014][ T1151] Call Trace:
[  285.792021][ T1151]  <TASK>
[  285.792028][ T1151]  dump_stack_lvl+0x16c/0x1f0
[  285.792055][ T1151]  lockdep_rcu_suspicious+0x166/0x260
[  285.792083][ T1151]  fib6_del+0x1084/0x1770
[  285.792105][ T1151]  ? __pfx_fib6_del+0x10/0x10
[  285.792122][ T1151]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.792142][ T1151]  ? fib6_ifdown+0xcd/0x8f0
[  285.792166][ T1151]  fib6_clean_node+0x424/0x5b0
[  285.792186][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.792215][ T1151]  fib6_walk_continue+0x44f/0x8d0
[  285.792243][ T1151]  fib6_walk+0x182/0x370
[  285.792261][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.792276][ T1151]  fib6_clean_tree+0xd4/0x110
[  285.792292][ T1151]  ? __pfx_fib6_clean_tree+0x10/0x10
[  285.792308][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.792325][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.792350][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.792367][ T1151]  __fib6_clean_all+0x107/0x2d0
[  285.792390][ T1151]  rt6_disable_ip+0x2ec/0x990
[  285.792411][ T1151]  ? __mutex_trylock_common+0xe9/0x250
[  285.792437][ T1151]  ? __pfx___mutex_trylock_common+0x10/0x10
[  285.792479][ T1151]  ? __pfx_rt6_disable_ip+0x10/0x10
[  285.792506][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.792530][ T1151]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  285.792551][ T1151]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.792577][ T1151]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  285.792597][ T1151]  ? tls_dev_event+0xfd/0x10b0
[  285.792624][ T1151]  addrconf_notify+0x220/0x19e0
[  285.792642][ T1151]  ? ip6mr_device_event+0x1bc/0x230
[  285.792670][ T1151]  notifier_call_chain+0xbc/0x410
[  285.792691][ T1151]  ? __pfx_addrconf_notify+0x10/0x10
[  285.792717][ T1151]  call_netdevice_notifiers_info+0xbe/0x140
[  285.792744][ T1151]  dev_close_many+0x319/0x630
[  285.792770][ T1151]  ? __pfx_dev_close_many+0x10/0x10
[  285.792799][ T1151]  unregister_netdevice_many_notify+0x578/0x26f0
[  285.792821][ T1151]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.792842][ T1151]  ? batadv_tt_local_event+0x455/0x7f0
[  285.792861][ T1151]  ? __local_bh_enable_ip+0xa4/0x120
[  285.792882][ T1151]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  285.792906][ T1151]  ? unregister_netdevice_queue+0x22e/0x3f0
[  285.792926][ T1151]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  285.792948][ T1151]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  285.792979][ T1151]  default_device_exit_batch+0x853/0xaf0
[  285.793004][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.793026][ T1151]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  285.793051][ T1151]  ? __pfx___might_resched+0x10/0x10
[  285.793071][ T1151]  ? __pfx_cfg802154_pernet_exit+0x10/0x10
[  285.793093][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.793116][ T1151]  ops_exit_list+0x128/0x180
[  285.793138][ T1151]  cleanup_net+0x5c1/0xb30
[  285.793158][ T1151]  ? __pfx_cleanup_net+0x10/0x10
[  285.793174][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.793190][ T1151]  process_one_work+0x9cf/0x1b70
[  285.793208][ T1151]  ? __pfx_process_one_work+0x10/0x10
[  285.793224][ T1151]  ? assign_work+0x1a0/0x250
[  285.793237][ T1151]  worker_thread+0x6c8/0xf10
[  285.793253][ T1151]  ? __kthread_parkme+0x19e/0x250
[  285.793270][ T1151]  ? __pfx_worker_thread+0x10/0x10
[  285.793282][ T1151]  kthread+0x3c2/0x780
[  285.793294][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.793303][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.793313][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.793324][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.793334][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.793347][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.793358][ T1151]  ret_from_fork+0x45/0x80
[  285.793371][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.793387][ T1151]  ret_from_fork_asm+0x1a/0x30
[  285.793413][ T1151]  </TASK>
[  285.793418][ T1151] 
[  285.940877][ T1151] =============================
[  285.942773][ T1151] WARNING: suspicious RCU usage
[  285.944700][ T1151] 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 Not tainted
[  285.947400][ T1151] -----------------------------
[  285.949283][ T1151] net/ipv6/ip6_fib.c:1930 suspicious rcu_dereference_protected() usage!
[  285.952453][ T1151] 
[  285.952453][ T1151] other info that might help us debug this:
[  285.952453][ T1151] 
[  285.956291][ T1151] 
[  285.956291][ T1151] rcu_scheduler_active = 2, debug_locks = 1
[  285.959328][ T1151] 6 locks held by kworker/u32:9/1151:
[  285.961451][ T1151]  #0: ffff88801c68d148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  285.965358][ T1151]  #1: ffffc90006797d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  285.969097][ T1151]  #2: ffffffff9010ff90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30
[  285.972675][ T1151]  #3: ffffffff90125e28 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  285.976569][ T1151]  #4: ffffffff8e3bfc00 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  285.980215][ T1151]  #5: ffff8880414cac30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  285.983811][ T1151] 
[  285.983811][ T1151] stack backtrace:
[  285.986063][ T1151] CPU: 0 UID: 0 PID: 1151 Comm: kworker/u32:9 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  285.986085][ T1151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.986097][ T1151] Workqueue: netns cleanup_net
[  285.986118][ T1151] Call Trace:
[  285.986125][ T1151]  <TASK>
[  285.986132][ T1151]  dump_stack_lvl+0x16c/0x1f0
[  285.986153][ T1151]  lockdep_rcu_suspicious+0x166/0x260
[  285.986183][ T1151]  fib6_del+0xfef/0x1770
[  285.986211][ T1151]  ? __pfx_fib6_del+0x10/0x10
[  285.986227][ T1151]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.986243][ T1151]  ? fib6_ifdown+0xcd/0x8f0
[  285.986266][ T1151]  fib6_clean_node+0x424/0x5b0
[  285.986287][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.986317][ T1151]  fib6_walk_continue+0x44f/0x8d0
[  285.986345][ T1151]  fib6_walk+0x182/0x370
[  285.986362][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.986378][ T1151]  fib6_clean_tree+0xd4/0x110
[  285.986394][ T1151]  ? __pfx_fib6_clean_tree+0x10/0x10
[  285.986412][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.986427][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.986453][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.986470][ T1151]  __fib6_clean_all+0x107/0x2d0
[  285.986493][ T1151]  rt6_disable_ip+0x2ec/0x990
[  285.986513][ T1151]  ? __mutex_trylock_common+0xe9/0x250
[  285.986540][ T1151]  ? __pfx___mutex_trylock_common+0x10/0x10
[  285.986565][ T1151]  ? __pfx_rt6_disable_ip+0x10/0x10
[  285.986588][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.986610][ T1151]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  285.986633][ T1151]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.986660][ T1151]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  285.986679][ T1151]  ? tls_dev_event+0xfd/0x10b0
[  285.986702][ T1151]  addrconf_notify+0x220/0x19e0
[  285.986723][ T1151]  ? ip6mr_device_event+0x1bc/0x230
[  285.986754][ T1151]  notifier_call_chain+0xbc/0x410
[  285.986776][ T1151]  ? __pfx_addrconf_notify+0x10/0x10
[  285.986803][ T1151]  call_netdevice_notifiers_info+0xbe/0x140
[  285.986824][ T1151]  dev_close_many+0x319/0x630
[  285.986850][ T1151]  ? __pfx_dev_close_many+0x10/0x10
[  285.986880][ T1151]  unregister_netdevice_many_notify+0x578/0x26f0
[  285.986907][ T1151]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.986928][ T1151]  ? batadv_tt_local_event+0x455/0x7f0
[  285.986946][ T1151]  ? __local_bh_enable_ip+0xa4/0x120
[  285.986964][ T1151]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  285.986995][ T1151]  ? unregister_netdevice_queue+0x22e/0x3f0
[  285.987016][ T1151]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  285.987035][ T1151]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  285.987057][ T1151]  default_device_exit_batch+0x853/0xaf0
[  285.987075][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.987090][ T1151]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  285.987108][ T1151]  ? __pfx___might_resched+0x10/0x10
[  285.987123][ T1151]  ? __pfx_cfg802154_pernet_exit+0x10/0x10
[  285.987141][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.987156][ T1151]  ops_exit_list+0x128/0x180
[  285.987171][ T1151]  cleanup_net+0x5c1/0xb30
[  285.987187][ T1151]  ? __pfx_cleanup_net+0x10/0x10
[  285.987204][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.987219][ T1151]  process_one_work+0x9cf/0x1b70
[  285.987237][ T1151]  ? __pfx_process_one_work+0x10/0x10
[  285.987253][ T1151]  ? assign_work+0x1a0/0x250
[  285.987266][ T1151]  worker_thread+0x6c8/0xf10
[  285.987283][ T1151]  ? __kthread_parkme+0x19e/0x250
[  285.987300][ T1151]  ? __pfx_worker_thread+0x10/0x10
[  285.987312][ T1151]  kthread+0x3c2/0x780
[  285.987323][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.987333][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.987343][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.987353][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.987363][ T1151]  ? rcu_is_watching+0x12/0xc0
[  285.987377][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.987388][ T1151]  ret_from_fork+0x45/0x80
[  285.987399][ T1151]  ? __pfx_kthread+0x10/0x10
[  285.987410][ T1151]  ret_from_fork_asm+0x1a/0x30
[  285.987433][ T1151]  </TASK>
[  285.987440][ T1151] 
[  286.134837][ T1151] =============================
[  286.136707][ T1151] WARNING: suspicious RCU usage
[  286.138567][ T1151] 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 Not tainted
[  286.141388][ T1151] -----------------------------
[  286.143230][ T1151] net/ipv6/ip6_fib.c:1975 suspicious rcu_dereference_protected() usage!
[  286.146347][ T1151] 
[  286.146347][ T1151] other info that might help us debug this:
[  286.146347][ T1151] 
[  286.150245][ T1151] 
[  286.150245][ T1151] rcu_scheduler_active = 2, debug_locks = 1
[  286.153249][ T1151] 7 locks held by kworker/u32:9/1151:
[  286.155292][ T1151]  #0: ffff88801c68d148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  286.159299][ T1151]  #1: ffffc90006797d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  286.163083][ T1151]  #2: ffffffff9010ff90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30
[  286.166697][ T1151]  #3: ffffffff90125e28 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  286.170613][ T1151]  #4: ffffffff8e3bfc00 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  286.174214][ T1151]  #5: ffff8880414cac30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  286.177838][ T1151]  #6: ffff88803239cd38 (&net->ipv6.fib6_walker_lock){++..}-{3:3}, at: fib6_del+0x880/0x1770
[  286.181822][ T1151] 
[  286.181822][ T1151] stack backtrace:
[  286.184070][ T1151] CPU: 0 UID: 0 PID: 1151 Comm: kworker/u32:9 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) 
[  286.184091][ T1151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.184113][ T1151] Workqueue: netns cleanup_net
[  286.184136][ T1151] Call Trace:
[  286.184143][ T1151]  <TASK>
[  286.184150][ T1151]  dump_stack_lvl+0x16c/0x1f0
[  286.184176][ T1151]  lockdep_rcu_suspicious+0x166/0x260
[  286.184202][ T1151]  fib6_del+0x1281/0x1770
[  286.184230][ T1151]  ? __pfx_fib6_del+0x10/0x10
[  286.184247][ T1151]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  286.184265][ T1151]  ? fib6_ifdown+0xcd/0x8f0
[  286.184287][ T1151]  fib6_clean_node+0x424/0x5b0
[  286.184308][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  286.184338][ T1151]  fib6_walk_continue+0x44f/0x8d0
[  286.184366][ T1151]  fib6_walk+0x182/0x370
[  286.184384][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  286.184400][ T1151]  fib6_clean_tree+0xd4/0x110
[  286.184417][ T1151]  ? __pfx_fib6_clean_tree+0x10/0x10
[  286.184438][ T1151]  ? __pfx_fib6_clean_node+0x10/0x10
[  286.184473][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  286.184500][ T1151]  ? __pfx_fib6_ifdown+0x10/0x10
[  286.184517][ T1151]  __fib6_clean_all+0x107/0x2d0
[  286.184540][ T1151]  rt6_disable_ip+0x2ec/0x990
[  286.184564][ T1151]  ? __mutex_trylock_common+0xe9/0x250
[  286.184587][ T1151]  ? __pfx___mutex_trylock_common+0x10/0x10
[  286.184614][ T1151]  ? __pfx_rt6_disable_ip+0x10/0x10
[  286.184640][ T1151]  ? rcu_is_watching+0x12/0xc0
[  286.184663][ T1151]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  286.184693][ T1151]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  286.184717][ T1151]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  286.184742][ T1151]  ? tls_dev_event+0xfd/0x10b0
[  286.184770][ T1151]  addrconf_notify+0x220/0x19e0
[  286.184792][ T1151]  ? ip6mr_device_event+0x1bc/0x230
[  286.184813][ T1151]  notifier_call_chain+0xbc/0x410
[  286.184836][ T1151]  ? __pfx_addrconf_notify+0x10/0x10
[  286.184863][ T1151]  call_netdevice_notifiers_info+0xbe/0x140
[  286.184888][ T1151]  dev_close_many+0x319/0x630
[  286.184910][ T1151]  ? __pfx_dev_close_many+0x10/0x10
[  286.184941][ T1151]  unregister_netdevice_many_notify+0x578/0x26f0
[  286.184967][ T1151]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.184987][ T1151]  ? batadv_tt_local_event+0x455/0x7f0
[  286.185003][ T1151]  ? __local_bh_enable_ip+0xa4/0x120
[  286.185025][ T1151]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  286.185056][ T1151]  ? unregister_netdevice_queue+0x22e/0x3f0
[  286.185073][ T1151]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  286.185094][ T1151]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  286.185126][ T1151]  default_device_exit_batch+0x853/0xaf0
[  286.185153][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  286.185171][ T1151]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  286.185196][ T1151]  ? __pfx___might_resched+0x10/0x10
[  286.185219][ T1151]  ? __pfx_cfg802154_pernet_exit+0x10/0x10
[  286.185242][ T1151]  ? __pfx_default_device_exit_batch+0x10/0x10
[  286.185261][ T1151]  ops_exit_list+0x128/0x180
[  286.185283][ T1151]  cleanup_net+0x5c1/0xb30
[  286.185305][ T1151]  ? __pfx_cleanup_net+0x10/0x10
[  286.185328][ T1151]  ? rcu_is_watching+0x12/0xc0
[  286.185348][ T1151]  process_one_work+0x9cf/0x1b70
[  286.185377][ T1151]  ? __pfx_process_one_work+0x10/0x10
[  286.185403][ T1151]  ? assign_work+0x1a0/0x250
[  286.185422][ T1151]  worker_thread+0x6c8/0xf10
[  286.185445][ T1151]  ? __kthread_parkme+0x19e/0x250
[  286.185470][ T1151]  ? __pfx_worker_thread+0x10/0x10
[  286.185487][ T1151]  kthread+0x3c2/0x780
[  286.185504][ T1151]  ? __pfx_kthread+0x10/0x10
[  286.185515][ T1151]  ? __pfx_kthread+0x10/0x10
[  286.185529][ T1151]  ? __pfx_kthread+0x10/0x10
[  286.185545][ T1151]  ? __pfx_kthread+0x10/0x10
[  286.185560][ T1151]  ? rcu_is_watching+0x12/0xc0
[  286.185579][ T1151]  ? __pfx_kthread+0x10/0x10
[  286.185594][ T1151]  ret_from_fork+0x45/0x80
[  286.185607][ T1151]  ? __pfx_kthread+0x10/0x10
[  286.185624][ T1151]  ret_from_fork_asm+0x1a/0x30
[  286.185662][ T1151]  </TASK>
[  286.335173][ T5940] Bluetooth: hci2: command tx timeout
[  286.975844][ T1151] team0 (unregistering): Port device team_slave_1 removed
[  287.049120][ T1151] team0 (unregistering): Port device team_slave_0 removed
[  287.600095][T14716] batman_adv: batadv0: Adding interface: batadv_slave_1
[  287.602316][T14716] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.610202][T14716] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  287.983538][ T5992] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  287.986231][ T5992] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.997186][ T5992] usb 5-1: can't set config #1, error -71
[  288.000638][ T5992] usb 5-1: USB disconnect, device number 18
[  288.380661][ T1151] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.444696][ T1151] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.513513][ T1151] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.590226][ T1151] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.739442][ T1151] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.810824][ T1151] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.913369][ T1151] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.972843][ T1151] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.074875][ T1151] bridge_slave_1: left allmulticast mode
[  289.076690][ T1151] bridge_slave_1: left promiscuous mode
[  289.078561][ T1151] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.082026][ T1151] bridge_slave_0: left allmulticast mode
[  289.083817][ T1151] bridge_slave_0: left promiscuous mode
[  289.085623][ T1151] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.089228][ T1151] bridge_slave_1: left allmulticast mode
[  289.091320][ T1151] bridge_slave_1: left promiscuous mode
[  289.093114][ T1151] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.096303][ T1151] bridge_slave_0: left allmulticast mode
[  289.098016][ T1151] bridge_slave_0: left promiscuous mode
[  289.100069][ T1151] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.103919][ T1151] bridge_slave_0: left allmulticast mode
[  289.105636][ T1151] bridge_slave_0: left promiscuous mode
[  289.107384][ T1151] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.569577][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  289.657966][ T1151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.662302][ T1151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  289.665738][ T1151] bond0 (unregistering): Released all slaves
[  289.674911][ T1151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.679053][ T1151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  289.682794][ T1151] bond0 (unregistering): Released all slaves
[  289.755968][ T1151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.758849][ T1151] bond_slave_0: left allmulticast mode
[  289.762289][ T1151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  289.766206][ T1151] bond_slave_1: left allmulticast mode
[  289.768608][ T1151] bond0 (unregistering): Released all slaves
[  290.232232][ T1151] hsr_slave_0: left promiscuous mode
[  290.234710][ T1151] hsr_slave_1: left promiscuous mode
[  290.236677][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  290.238993][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.243165][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  290.245469][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.248116][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.250973][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.256097][ T1151] hsr_slave_0: left promiscuous mode
[  290.258204][ T1151] hsr_slave_1: left promiscuous mode
[  290.261208][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  290.263573][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.266204][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  290.268510][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.307234][ T1151] veth1_macvtap: left promiscuous mode
[  290.309077][ T1151] veth0_macvtap: left promiscuous mode
[  290.310948][ T1151] veth1_vlan: left promiscuous mode
[  290.313699][ T1151] veth0_vlan: left promiscuous mode
[  290.315979][ T1151] veth1_macvtap: left promiscuous mode
[  290.317758][ T1151] veth0_macvtap: left promiscuous mode
[  290.320277][ T1151] veth1_vlan: left promiscuous mode
[  290.322017][ T1151] veth0_vlan: left promiscuous mode
[  290.988645][ T1151] team0 (unregistering): Port device team_slave_1 removed
[  291.061993][ T1151] team0 (unregistering): Port device team_slave_0 removed
[  291.607455][ T1151] team0 (unregistering): Port device team_slave_1 removed
[  291.657646][ T1151] team0 (unregistering): Port device team_slave_0 removed
[  292.454719][ T1151] team0 (unregistering): Port device team_slave_1 removed
[  292.525240][ T1151] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
02:32:30  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854f7b75 RDI=ffffffff9adf9560 RBP=ffffffff9adf9520 RSP=ffffc90006796be8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9adf9520 R15=ffffffff854f7b10
RIP=ffffffff854f7b9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69df000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00002000000014c0 CR3=0000000049065000 CR4=00352ef0
DR0=0000000000005000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd00439760 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd8fa11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd8fa11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd8fa11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd8fa11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd8fa11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd8fa11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000059379 RCX=ffffffff822c467c RDX=ffff88802a04c880
RSI=ffffffff822c4dfb RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc900063d78f8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000008 R13=0000000000000001 R14=0000000000000001 R15=0000000000000000
RIP=ffffffff81bb4650 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f01a433bc80 ffffffff 00c00000
GS =0000 ffff8880d6adf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f01a443c340 CR3=0000000026034000 CR4=00352ef0
DR0=0000000000005000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ffff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 002b002b002b002c 002b000000004554
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004554
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 002d002b002b002b 002c002b00000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000018
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f01a46a6b20 00007f01a46a7050
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff9126abee RDX=0000000000000001
RSI=0000000000000001 RDI=ffffffff909efdf4 RBP=ffffc9000420f158 RSP=ffffc9000420f0a0
R8 =ffffffff9126abf2 R9 =0000000000000000 R10=0000000000000001 R11=00000000000117f2
R12=ffffc9000420f160 R13=ffffc9000420f110 R14=ffffc9000420f145 R15=0000000000000003
RIP=ffffffff8169dedc RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6bdf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fda500e7d60 CR3=000000002b4ad000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fda4f5836a3 00007fda4f5836a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc28592290 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556dc0f2d0 000055556dc0f1c0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556dc16ded 000055556dc16d90
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8500000000fef20a 6a00000100000004 b7000a0001000004 1700000001000404
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7afffffe00000003 07000000000000a3 bf00000000000002 b70e8e0813800313
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4500000000000064 1e00000008000006 b700000000fff0a4 7119fffff8fff00a
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8500000000fef20a 6a00000100000004 b7000a0001000004 1700000001000404
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0101080013800404 01729a006c6f6f74 68746501ffffffff ffffffffef081380
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=000000000005377d RCX=ffffffff822c3956 RDX=ffff88806532c880
RSI=ffffffff822c3964 RDI=0000000000000006 RBP=0000000000000000 RSP=ffffc90003cff540
R8 =0000000000000006 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000
R12=ffff88801e115710 R13=0000000000000001 R14=0000000000000000 R15=0000000000000165
RIP=ffffffff81bb4681 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6cdf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c2ded41 CR3=0000000043dcd000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb161a11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb161a11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb161a11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb161a11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb161a11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb161a11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000000000000 00000000000002ff bb00000000000000 f5ff0000000080fe
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb1626ed100 00007fb161b83440 00007fb161b80004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb161b83498 00007fb161b83490 00007fb161b83488 00007fb161b83480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000