last executing test programs:

38.599673045s ago: executing program 2 (id=1187):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x209d}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0xb, &(0x7f0000000240)=@framed={{0x18, 0x2}, [@printk={@lx={0x18, 0x1, 0x0, 0xd0}, {0x3, 0x3, 0x6, 0xa, 0x1, 0xfff8, 0x51}, {0x5}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x500}}]}, &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
write(r0, &(0x7f00000000c0)="1800000016005f0214fffffffffffff80700000023000000", 0x18)

38.599408452s ago: executing program 2 (id=1189):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, &(0x7f0000002480)=[{{&(0x7f0000000380)={0xa, 0x0, 0xfff5, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="140000000000003f290000000b000000000091d3000000001400000000000000290000003e000000010000000000000014000000000000002900000034000000000000000000000050"], 0x98}}], 0x1, 0x0)

38.530625914s ago: executing program 2 (id=1190):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
r2 = pidfd_getfd(r0, r0, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="28000000100001ba2f8d6da223cdcc0000000000", @ANYRES32=r5, @ANYBLOB="000000000000000008000300", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x8}, 0x0)

38.529560661s ago: executing program 2 (id=1191):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x2081c80, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x20000, 0x0)
move_mount(r1, &(0x7f0000008080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x160)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r3=>0x0})
ioctl$VFAT_IOCTL_READDIR_SHORT(r1, 0x82307202, &(0x7f0000000740)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000180)={0x3b, 0x0, <r4=>0x0})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000c00)=0xc, 0x6, 0x2)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000000)=0x68f, 0x6, 0x2)
write$UHID_INPUT(r6, &(0x7f0000001040)={0xfc, {"a2e3ad0e090d07f91b5e1a1887f70706d038e7ff7fc6e5539b0d3c0a8b089b3f3b3868030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xffffffffffffff34}}, 0x1006)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r4, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r3, 0x0, <r7=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r2, 0x3ba0, &(0x7f0000000080)={0x48, 0x8, r7, 0x0, 0x7e, 0x5, &(0x7f0000000700)="85653f4534", 0x1})

38.310449578s ago: executing program 2 (id=1192):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

38.240611883s ago: executing program 2 (id=1193):
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000380)={0x1, @pix={0x1, 0x2, 0x32314258, 0x0, 0x0, 0x0, 0x9, 0xfeedcafe, 0x3, 0x0, 0x1, 0x7}})

38.240345603s ago: executing program 32 (id=1193):
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000380)={0x1, @pix={0x1, 0x2, 0x32314258, 0x0, 0x0, 0x0, 0x9, 0xfeedcafe, 0x3, 0x0, 0x1, 0x7}})

11.088351541s ago: executing program 3 (id=2044):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e1e, @empty}], 0x10) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={<r3=>0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000000100)=0x10)
socket$igmp6(0xa, 0x3, 0x2) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x840000000002, 0x3, 0xff) (async)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) (async)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bind$packet(r4, &(0x7f0000000000)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @link_local}, 0x14) (async)
sendto$inet6(r4, &(0x7f0000000280)="02042800ec074802010e0200c52cf7c20675e005b02f0800eb2b2ff0dac8897c6b112002faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57", 0x46, 0x800, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000440)=@assoc_value={r3, 0x80000001}, &(0x7f0000000280)=0xfffffffffffffdf7) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400dd05000000000000000000000000000000000a54000000060a09040000000000000000020000000900020073797a32000000000900010073797a300000000028000480240001800b000100657874686472000414000280080003400000004a0800064000000001140000000500000000000000000a000000000000"], 0x7c}}, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
bind$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfe, 0x10000}, 0xc) (async)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x2)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r10, 0xc0a85352, &(0x7f0000000740)={{0x9, 0x2}, 'port1\x00', 0x10, 0x10, 0xaf, 0x9, 0x8000, 0x8, 0x80000000, 0x0, 0x4, 0x6}) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f000000c000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f00000001c0)="26262e0f01ca360f23e90f20e06635000040000f22e064660f388153020f2114660fae740e0f011a0f01546866b9800000c00f320f30670f01c3", 0x3a}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000280)={0x81, 0x0, 0x1})
syz_usb_connect$printer(0x4, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="12011003000000202505a8a440000102030109021b0001010840090904000b010701030b09050102ff0507040944d39f2c7049bdcc17642b169ce18a67d5d0362415e565e8bf776a5f01f4a9510640f1d24855568e196cd15c980a3e88639b3da550d5352948ded464981feafc67cd7e9141e705e0899e49420f68db9f3a20fddfaad73843803f81547def61e3997df125a67e0921ef17cf7d9a7df960def31d73d5c3ae234dc899f6d93dd4d50fea52808439a8ab2da52c72baedeee337da9f0ef843a1804cb84f9a286d21762eb7ba77726fe7b3c5286e34698b05ecb748b3c699ba359bf3c5008494ee890e645343d57252cb5418c03b0c712f94d609960df4503b8cf4f2490aa536e44dec68de3da0151d209185145e001708315110d0699f5dd31861f5536d9646f2730ee776356c0fc1d84536744ced92ecd95408dad376a66f7295bde100edf599129f247c18d26d966fc863ab254ecdc0f1ab6f77be04a1008c448218da5b6b8c310b07eafc5f17244819f23e1a1110a113939c"], &(0x7f0000000240)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x310, 0x7, 0x2, 0xa, 0x10, 0x7}, 0x5, &(0x7f00000006c0)=ANY=[@ANYBLOB="a1898c65d95fbe900d0bd5b4fd6109fd141b32ce1046f7dadac6c21e621dc79b93b5aead7873947fc12e8327e99c90785331592f87941a4df195121a00d0a10cc4d734b130c0b093d7b076aab8"], 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0xdd86bb98a6bcdf4c}}]})

10.970092882s ago: executing program 3 (id=2048):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0x1, 0x17, 0x1b, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be25070000000000003e472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac5031114016127ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

10.909179792s ago: executing program 3 (id=2049):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000540)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000a60025000000080003ff", @ANYRES32=r2, @ANYBLOB="0800090005ac0f000a0006000802110000010000110007003e633fbd9293ab0300b20546cc00000005000800010000000a000600ffffffffffff0000040034000800350004000000080026"], 0x6c}}, 0x0)

10.908751036s ago: executing program 3 (id=2050):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$unix(0x1, 0x5, 0x0) (async)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
getpid()
r4 = socket$netlink(0x10, 0x3, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) (async)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) (async)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe83, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe83, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r6}, 0x10)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) (async)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f0000000080)='./file0\x00')
sendmsg$nl_route(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000200)=@setlink={0x3c, 0x10, 0x401, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, 0x16122, 0x1104}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FWMARK={0x8, 0x14, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24004040}, 0x20000000)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r8, 0x29, 0x37, &(0x7f0000000240)={0x3c, 0xf, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x6}, @enc_lim, @calipso={0x7, 0x30, {0x2, 0xa, 0xfd, 0x1, [0x5, 0x100000001, 0x7ff, 0xd, 0x1]}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @private1}, @calipso={0x7, 0x28, {0x0, 0x8, 0x0, 0x101, [0x3, 0xffffffffffffffff, 0x7, 0x535]}}]}, 0x88) (async)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r8, 0x29, 0x37, &(0x7f0000000240)={0x3c, 0xf, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x6}, @enc_lim, @calipso={0x7, 0x30, {0x2, 0xa, 0xfd, 0x1, [0x5, 0x100000001, 0x7ff, 0xd, 0x1]}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @private1}, @calipso={0x7, 0x28, {0x0, 0x8, 0x0, 0x101, [0x3, 0xffffffffffffffff, 0x7, 0x535]}}]}, 0x88)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="56000e00800000000802110000000802110000005050505050500000090000002100440064000000040616000000000005030d02b625030000002d1a00000000000000000001000000000000000000060006eeff00000000080026006c09000008000c006400000008000d00000000000d00ad2a7107ff000101008140000000090091"], 0xac}}, 0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000080))
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder1\x00', 0x802, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r10, 0xc018620c, &(0x7f0000000000)) (async)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r10, 0xc018620c, &(0x7f0000000000))

10.83968677s ago: executing program 3 (id=2053):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r1)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ee2d010203010902120001000000000904"], 0x0)
ioctl$EVIOCRMFF(r1, 0x550c, 0x0)
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040))
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x5}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0xe83, 0x40, 0x2000000, 0x0, 0x2004cb], 0x0, 0x202})
ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000240)={[{0x0, 0x0, 0x2, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x55}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x40000000000}], 0x1})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

10.659629439s ago: executing program 3 (id=2060):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f000000a280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f000000a2c0)=@newtaction={0x14, 0x1c, 0x301, 0x70bd2c, 0x0, {0x2}}, 0x14}}, 0x90)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {}, {0xffe0}}}, 0x24}}, 0x4000040)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f00000001c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff2d440100000000009500000000000000050000000000000095000700000000000172dbabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6355cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe6fd599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f712e522aad0f13b0e5b43d837d040f813d011538"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x253, 0x10, &(0x7f0000000000), 0x19f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff3}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'ip6gretap0\x00'}]}}]}, 0x48}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x0, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x5, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_RAW={0x8, 0xc, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
poll(&(0x7f0000000040), 0x55, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x50}}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$BTRFS_IOC_BALANCE(r3, 0x5000940c, 0x0)
r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000480), 0x204000, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r5}, 0x4)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='\x00', 0x101000, 0xae)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f000000a280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f000000a2c0)=@newtaction={0x14, 0x1c, 0x301, 0x70bd2c, 0x0, {0x2}}, 0x14}}, 0x90) (async)
socket(0x2a, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {}, {0xffe0}}}, 0x24}}, 0x4000040) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f00000001c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff2d440100000000009500000000000000050000000000000095000700000000000172dbabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6355cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe6fd599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f712e522aad0f13b0e5b43d837d040f813d011538"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x253, 0x10, &(0x7f0000000000), 0x19f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff3}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'ip6gretap0\x00'}]}}]}, 0x48}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x0, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x5, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_RAW={0x8, 0xc, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
poll(&(0x7f0000000040), 0x55, 0x0) (async)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x50}}, 0x0) (async)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
ioctl$BTRFS_IOC_BALANCE(r3, 0x5000940c, 0x0) (async)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000480), 0x204000, 0x0) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r5}, 0x4) (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='\x00', 0x101000, 0xae) (async)

10.583908308s ago: executing program 33 (id=2060):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f000000a280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f000000a2c0)=@newtaction={0x14, 0x1c, 0x301, 0x70bd2c, 0x0, {0x2}}, 0x14}}, 0x90)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {}, {0xffe0}}}, 0x24}}, 0x4000040)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f00000001c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff2d440100000000009500000000000000050000000000000095000700000000000172dbabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6355cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe6fd599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f712e522aad0f13b0e5b43d837d040f813d011538"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x253, 0x10, &(0x7f0000000000), 0x19f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff3}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'ip6gretap0\x00'}]}}]}, 0x48}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x0, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x5, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_RAW={0x8, 0xc, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
poll(&(0x7f0000000040), 0x55, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x50}}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$BTRFS_IOC_BALANCE(r3, 0x5000940c, 0x0)
r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000480), 0x204000, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r5}, 0x4)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='\x00', 0x101000, 0xae)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f000000a280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f000000a2c0)=@newtaction={0x14, 0x1c, 0x301, 0x70bd2c, 0x0, {0x2}}, 0x14}}, 0x90) (async)
socket(0x2a, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {}, {0xffe0}}}, 0x24}}, 0x4000040) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f00000001c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff2d440100000000009500000000000000050000000000000095000700000000000172dbabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6355cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe6fd599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f712e522aad0f13b0e5b43d837d040f813d011538"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x253, 0x10, &(0x7f0000000000), 0x19f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff3}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'ip6gretap0\x00'}]}}]}, 0x48}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x0, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x5, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_RAW={0x8, 0xc, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
poll(&(0x7f0000000040), 0x55, 0x0) (async)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x50}}, 0x0) (async)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
ioctl$BTRFS_IOC_BALANCE(r3, 0x5000940c, 0x0) (async)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000480), 0x204000, 0x0) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r5}, 0x4) (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='\x00', 0x101000, 0xae) (async)

3.267228997s ago: executing program 5 (id=2242):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x2c, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x12, 0x0, {}, {0xfff0}, {0x0, 0x9}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xe}]}, 0x2c}}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe000000000800000800", 0x1e)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001a00599c6d0e000091d028ef80"], 0xfe33)
listen(r1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000001210400", @ANYRES32, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\f\x00'/23], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r4}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xac8c5750dcce3b28, 0x80010, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
futex(0x0, 0x4, 0xffffffbe, 0x0, 0x0, 0x4000001)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r7, 0xc020aa08, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mprotect(&(0x7f0000976000/0x3000)=nil, 0x3000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)

1.575674189s ago: executing program 1 (id=2248):
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b36, 0x0)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e24, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r4, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x241, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

1.48951415s ago: executing program 1 (id=2262):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="200000001200ff09ff3a150099a283ff07b8008000f0ffff000300060040150024001d0042c411a0b598bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab98eb1d9cc98c2a4f837c", 0x4c}], 0x1}, 0x0)

1.489140816s ago: executing program 5 (id=2263):
r0 = add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="a6457d8511f75e715b494fac36a6c95df9b1087f1a90052493eefaf19e7fa555b1e958d4de", 0x25, 0xffffffffffffffff)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f00000000c0)={r0, 0x17, 0xd3}, &(0x7f0000000100)={'enc=', 'oaep', ' hash=', {'blake2b-512-generic\x00'}}, &(0x7f0000000180)="ad86e83cd750cf3fc0e9c6e9f18f714f602dd6e14f9a16", &(0x7f00000001c0)=""/211) (async)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f00000000c0)={r0, 0x17, 0xd3}, &(0x7f0000000100)={'enc=', 'oaep', ' hash=', {'blake2b-512-generic\x00'}}, &(0x7f0000000180)="ad86e83cd750cf3fc0e9c6e9f18f714f602dd6e14f9a16", &(0x7f00000001c0)=""/211)
keyctl$reject(0x13, r0, 0x0, 0x6, r0) (async)
keyctl$reject(0x13, r0, 0x0, 0x6, r0)
keyctl$KEYCTL_PKEY_QUERY(0x18, r0, 0x0, &(0x7f00000002c0)='oaep', &(0x7f0000000300)) (async)
keyctl$KEYCTL_PKEY_QUERY(0x18, r0, 0x0, &(0x7f00000002c0)='oaep', &(0x7f0000000300))
keyctl$search(0xa, r0, &(0x7f0000000340)='pkcs7_test\x00', &(0x7f0000000380)={'syz', 0x2}, r0)
keyctl$revoke(0x3, r0)
write$yama_ptrace_scope(0xffffffffffffffff, &(0x7f00000003c0)='3\x00', 0x2)
keyctl$unlink(0x9, r0, r0)
keyctl$describe(0x6, 0x0, &(0x7f0000000400)=""/197, 0xc5)
keyctl$revoke(0x3, r0) (async)
keyctl$revoke(0x3, r0)
syz_io_uring_setup(0x1f2, &(0x7f0000000500)={0x0, 0x8044, 0x80, 0x1, 0xaa}, &(0x7f0000000580), &(0x7f00000005c0))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCMSET(r1, 0x5418, &(0x7f0000000600)=0x4)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0) (async)
r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000700)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x2, {}, {0x2, 0x8, 0x6, 0x4, 0x2, 0xd, "35c122d7"}, 0x87be, 0x3, {&(0x7f0000000680)=[{0x1, 0x0, {0xbe1}, 0x6}, {0x4, 0x59a, {0x1}, 0xa}]}, 0x32b})
r3 = request_key(&(0x7f0000000780)='ceph\x00', &(0x7f00000007c0)={'syz', 0x0}, &(0x7f0000000800)='\\\x00', r0)
keyctl$search(0xa, r3, &(0x7f0000000840)='id_resolver\x00', &(0x7f0000000880)={'syz', 0x3}, r0)
r4 = add_key$keyring(&(0x7f00000008c0), &(0x7f0000000900)={'syz', 0x2}, 0x0, 0x0, r0)
keyctl$link(0x8, r3, r4) (async)
keyctl$link(0x8, r3, r4)
keyctl$get_security(0x11, r3, &(0x7f0000000940)=""/21, 0x15) (async)
keyctl$get_security(0x11, r3, &(0x7f0000000940)=""/21, 0x15)
setsockopt$nfc_llcp_NFC_LLCP_MIUX(0xffffffffffffffff, 0x118, 0x1, &(0x7f0000000980)=0x3ca, 0x4)
openat$fb1(0xffffffffffffff9c, &(0x7f00000009c0), 0x400040, 0x0) (async)
openat$fb1(0xffffffffffffff9c, &(0x7f00000009c0), 0x400040, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000a00), 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r5, 0x402c5342, &(0x7f0000000a40)={0x1, 0x7, 0x8, {0x9, 0x6}, 0x0, 0xce79})
request_key(&(0x7f0000000ac0)='trusted\x00', &(0x7f0000000b00)={'syz', 0x0}, &(0x7f0000000b40)=' hash=', r4) (async)
request_key(&(0x7f0000000ac0)='trusted\x00', &(0x7f0000000b00)={'syz', 0x0}, &(0x7f0000000b40)=' hash=', r4)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000b80)={<r6=>0x0, 0xbc, "698d74e358f2604ccc3ad62117df002ae68076882307963be28f8b00e1a82496ae11fdd1d5587d966cd11a4692bc12ed20f9af09f94c10ff648360470ff61531af9056045aad608844cfcc2c8c605919eb40e9381da3bfaef61a293a0e3bb6b61d33790a36611cc3f9e3c62d410365e63b5a0c9e20bfb371da6941ec7c969d89c2bcc763740c4e88e20f1a5eb4450635f8e0e90de4af7f0d590902a1b0a111d73be79c9e716bb6427c5f29d5d7f801afca49689abb249e133a3533e8"}, &(0x7f0000000c80)=0xc4)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000cc0)=@sack_info={r6, 0x0, 0x5b}, 0xc) (async)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000cc0)=@sack_info={r6, 0x0, 0x5b}, 0xc)
ioctl$BTRFS_IOC_SET_FEATURES(r1, 0x40309439, 0xfffffffffffffffe)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000d00)={r6, @in6={{0xa, 0x4e20, 0x9, @local, 0x9}}, 0x5534, 0x3f5f}, 0x90)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000dc0)={0x400, 0x1, 0x3, 0x8, 0x0, [0x6e95, 0xfffffff8, 0x9, 0x5]})

1.486955327s ago: executing program 1 (id=2264):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3800000010000104000000000000000000001fb2", @ANYRES32=r2, @ANYBLOB="0000000000000000180012800b000100697036746e6c000008000280040013"], 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="74000000100001040000000000000000fec00000", @ANYRES32=r2, @ANYBLOB="0000000000000000300012800b000100697036746e6c00002000028014000200fe800000000000000000"], 0x74}}, 0x0)

1.43697229s ago: executing program 1 (id=2265):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x18000000}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.43681874s ago: executing program 1 (id=2266):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000040)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, r1, r1, 0x0, 0x0], 0x5, 0x80000})

1.436376669s ago: executing program 5 (id=2267):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0x1, 0x17, 0x1b, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff55200010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac5031114016127ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

1.382336757s ago: executing program 1 (id=2268):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000003c0)='dctcp-reno\x00', 0xb)
setsockopt$sock_int(r1, 0x1, 0xc, &(0x7f0000000100), 0x4)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r3, &(0x7f0000000440)=""/154, 0x9a)
socket$tipc(0x1e, 0x2, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080), &(0x7f0000000280)=0xc)
write$cgroup_pid(r0, &(0x7f0000000380), 0xfffffffffffffeb6)
read$char_usb(0xffffffffffffffff, &(0x7f0000000200)=""/128, 0x80)
syz_usb_disconnect(r2)
r4 = dup(0xffffffffffffffff)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)=ANY=[])
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_mr_vif\x00')
close_range(r5, 0xffffffffffffffff, 0x0)

1.382087405s ago: executing program 5 (id=2269):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000200)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
r2 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) (async)
listen(r2, 0x3) (async)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r3, &(0x7f0000772000)={0x2, 0x4e23}, 0x10) (async)
r4 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000007940), 0x55, 0x30, 0x0) (async)
sendmmsg(r4, &(0x7f0000007040)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)}, {&(0x7f0000000e40)="232bfa80a6ee0314e5dc52f2c88bd23b2848", 0x12}, {0x0}, {0x0}], 0x4}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x5, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) (async)
connect$inet(r3, &(0x7f00000002c0)={0x2, 0x4e20, @loopback}, 0x10) (async)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_SRC={0x8, 0x2, @loopback}]}, 0x24}}, 0x0) (async)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'veth1_vlan\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{}, [@TCA_NETEM_RATE={0x14, 0x6, {0x5, 0x849d, 0x401, 0xfffffffa}}]}}}]}, 0x60}}, 0x0)
syz_emit_ethernet(0x3f4, &(0x7f00000001c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @dccp_packet={0xd, 0x6, "813663", 0x3be, 0x21, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, {[@srh={0x3a, 0xe, 0x4, 0x7, 0x8, 0x10, 0x2, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00', @remote, @empty, @private0={0xfc, 0x0, '\x00', 0x1}, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02']}, @fragment={0x3c, 0x0, 0x2, 0x0, 0x0, 0x0, 0x68}, @routing={0x2e, 0x2, 0x1, 0x92, 0x0, [@remote]}, @srh={0x2, 0x0, 0x4, 0x0, 0xd, 0x40, 0x100}, @hopopts={0x2c, 0x3e, '\x00', [@generic={0xa, 0x97, "1160ef822b6f352188ce7a64426d104f553546ce877a447f26bea2ae95e4e243a7941551cab1651021ebfb79a1593f632f77f2017f6f6d79329739503fd666b437ec87dd92887742bf6a702c798f1b16f6e94e1d05632d3c6a6f88864757c98be4f5969df4b9dfb65480bf4b2cde74c1904ba3d501005ad25e6abc2820a8ab7a37f3fe7d28bf40970703dfae61cea15dcabf25b8b67074"}, @calipso={0x7, 0x28, {0x0, 0x8, 0x6c, 0xfffd, [0x2, 0x400, 0x2, 0x7fffffffffffffff]}}, @calipso={0x7, 0x30, {0x0, 0xa, 0x7, 0xd5, [0x9, 0x4, 0x2, 0x100000000, 0xb]}}, @generic={0x3, 0xfa, "8ec9bfdf426464011781a438cbbf8b93589c00b1b01e5cf5e945a113d32761cd9acc733e48d10381d2d4eddec8e1c7ec89ef3819a37d51da012a389ab54cf0b64d9d46ea83ff70f703c36a5944ea09982c8ec1f44f63c0f22cbd0be2ce730b59835f38785db978ec7292ece68125e42bbd87851e1a8255222393e647690e3c6d3327c5195a6e2fbf053a8cdfc9d1a9163c020a75610ea73fc0d35b6d6e026035b8c6ff8fa532276613bb1f7eb9e0e7de73fd98415b1bfdba3793db2c9f57be91f52d5f81f95040a08c6e2c0a495775411962c02595edbdfba1f954c256c410b40aae1d11ccc085f2b3c919664223dc668d3bee6a73c325f7c371"}]}, @dstopts={0x16, 0xc, '\x00', [@calipso={0x7, 0x48, {0x3, 0x10, 0x81, 0x3ff, [0x7, 0x3e, 0x0, 0x8, 0x9, 0x3, 0x9, 0x2]}}, @padn={0x1, 0x2, [0x0, 0x0]}, @padn={0x1, 0x2, [0x0, 0x0]}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @remote}}]}, @srh={0x2f, 0x4, 0x4, 0x2, 0xe, 0x20, 0x4, [@mcast2, @local]}, @routing={0x34, 0x8, 0x0, 0xa, 0x0, [@empty, @remote, @local, @private0={0xfc, 0x0, '\x00', 0x1}]}], {{0x4e22, 0x4e20, 0x4, 0x1, 0xf, 0x0, 0x0, 0x0, 0x5, "f4d07b", 0x80, "a44ddc"}, "a969257d2b4cf748fbfdd45d4cb547bf493924a61c6174f6204975eac4fd75b230f6f40d2d773627cc37d2640695"}}}}}}, 0x0)
socket(0x8, 0x1, 0xffffffff)

1.320354751s ago: executing program 5 (id=2270):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0500000000f7ffffff000600000008000300", @ANYRES32=r7, @ANYBLOB="0800050003"], 0x24}}, 0x0)

1.320120456s ago: executing program 5 (id=2271):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
getpeername$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @remote}, &(0x7f0000000080)=0x10)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9ffd48a5823a6d5c1d25ab687303101c000000", @ANYRES16=0x0, @ANYRES64=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000300)=ANY=[@ANYRES16=r0], 0x0)
r2 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0x2}, 0x8)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='block_bio_remap\x00', r4}, 0x10)
sync()
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000100)=<r5=>0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000140)=0xffffffffffffffff)
write$char_usb(r3, &(0x7f0000000000)='8', 0x1)
ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000000)='bridge0\x00')

910.502932ms ago: executing program 4 (id=2275):
syz_emit_ethernet(0x52, &(0x7f00000007c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa89ab9b4c72ca86dd607927f3001c2c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000008"], 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000007000000000000aa11000001"], 0x0)

910.347979ms ago: executing program 4 (id=2276):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000080), &(0x7f00000000c0), 0x0)
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000100), &(0x7f0000000140), 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0)
write(r2, &(0x7f0000000180)="01010101", 0x4)
close(r2)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f00000001c0), &(0x7f0000000200), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000280), &(0x7f00000002c0), 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000340), &(0x7f0000000380), 0xf8ffffffffffffff)

830.263155ms ago: executing program 4 (id=2277):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000540)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000a600250000000800039e", @ANYRES32=r2, @ANYBLOB="0800090005ac0f000a0006000802110000010000110007003e633fbd9293ab0300b20546cc00000005000800010000000a000600ffffffffffff0000040034000800350004000000080026"], 0x6c}}, 0x0)

830.129948ms ago: executing program 4 (id=2278):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x18000000, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

830.018322ms ago: executing program 4 (id=2279):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=ANY=[@ANYBLOB="54010000100001000000000000000000ac1414aa000000080000000000000000ac1e0000e500"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000ffffac1414bb000004d26c000000fe8000000000000000000000000000aa00000000000000000000000000000000fcffffffffffffff000000000000000000000000000000000000000000000000feffffffffffffff000000000000000000000000000000000000000000000000fcffffffffffffff000000000000000000000000000000000000000029bd700000000000020000000000000000000000480003006465666c617465000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c"], 0x154}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000006800010000000000000000000a000000000000000c0008800800030000000000060007000200000008000500", @ANYRES32=r1, @ANYBLOB="140006"], 0x48}, 0x1, 0x0, 0xfc}, 0x0)

828.514933ms ago: executing program 4 (id=2280):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
syz_socket_connect_nvme_tcp()
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f0000000180)={0x2, 0x7, 0xd1, &(0x7f0000000340)=""/209})
ioctl$int_in(r2, 0x5452, &(0x7f0000000040)=0x5)
ppoll(&(0x7f0000000080)=[{r2}], 0x1, &(0x7f0000000240), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @icmpv6}]}, 0x34}}, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110)
setsockopt$inet_group_source_req(r4, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @private}}}, 0x108)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
recvmsg(0xffffffffffffffff, &(0x7f0000002380)={0x0, 0x0, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000340)=""/4096, 0x1000}], 0x2}, 0x0)
r5 = io_uring_setup(0x1d7b, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x14b})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r5, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r5, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000040)=[{0x0, 0xffffffff00000000}], &(0x7f0000000100), 0x7}, 0x20)
io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1000})

366.236509ms ago: executing program 0 (id=2285):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, &(0x7f0000002480)=[{{&(0x7f0000000380)={0xa, 0x0, 0xfff5, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1400000000000000290000000bfffffff50091d3000000001400000000000000290000003e000000010000000000000014000000000000002900000034000000000000000000000050"], 0x98}}], 0x1, 0x0)

300.025171ms ago: executing program 0 (id=2286):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000840000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021840000000c0a0101000000000000d955070000000900020073797a31000000000900010073797a30000000005800038054000080080003400000000248000b80340001"], 0x108}}, 0x0)

299.749248ms ago: executing program 0 (id=2287):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x3, &(0x7f00000005c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair(0x23, 0x3, 0xc, &(0x7f00000001c0)) (async)
socketpair(0x23, 0x3, 0xc, &(0x7f00000001c0))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket(0x2a, 0x2, 0x0) (async)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x12}]}}]}, 0x3c}}, 0x0)
openat$kvm(0xffffff9c, &(0x7f00000003c0), 0x101300, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket(0x2, 0x80805, 0x0)
socket(0x1d, 0x2, 0x6) (async)
r6 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r7=>0x0})
r8 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r8, &(0x7f0000000000)={0x1d, r7, 0x3}, 0x18) (async)
bind$can_j1939(r8, &(0x7f0000000000)={0x1d, r7, 0x3}, 0x18)
sendmsg$L2TP_CMD_TUNNEL_MODIFY(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[], 0x14}}, 0x0)
io_uring_setup(0x396b, &(0x7f0000000140))
sendmsg$TIPC_NL_MON_GET(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x13c}}, 0x0) (async)
sendmsg$TIPC_NL_MON_GET(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x13c}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x4000}}, 0x0) (async)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x4000}}, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0xe0001}) (async)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0xe0001})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="f20f1c0166b864912c870f23c80f21f866350c0080000f23f80f01fc0f20e06635000010000f22e066f30fa7c00f1c9700000f01c566b9a001000066b80400000066ba000000000f30c0dbb6660f3adf932700de", 0x54}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

86.858979ms ago: executing program 0 (id=2288):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0x1, 0x17, 0x1b, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff55370010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac5031114016127ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

167.929µs ago: executing program 0 (id=2289):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000a7ff01000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)

0s ago: executing program 0 (id=2290):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000080), &(0x7f00000000c0), 0x0)
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000100), &(0x7f0000000140), 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0)
write(r2, &(0x7f0000000180)="01010101", 0x4)
close(r2)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f00000001c0), &(0x7f0000000200), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000280), &(0x7f00000002c0), 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000340), &(0x7f0000000380), 0xffdfffffff7f0000)

kernel console output (not intermixed with test programs):

007f9c51135f80 R15: 00007fffb2575578
[   72.063682][ T8729]  </TASK>
[   72.064868][    C0] vkms_vblank_simulate: vblank timer overrun
[   72.136952][ T8731] netlink: 'syz.3.1014': attribute type 1 has an invalid length.
[   72.159968][ T8731] 8021q: adding VLAN 0 to HW filter on device bond8
[   72.166252][ T8737] __nla_validate_parse: 21 callbacks suppressed
[   72.166264][ T8737] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1016'.
[   72.170584][ T8737] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1016'.
[   72.208609][ T8742] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1018'.
[   72.305886][ T8742] team0 (unregistering): Port device team_slave_0 removed
[   72.308650][ T8742] team0 (unregistering): Port device team_slave_1 removed
[   72.319720][ T8744] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1019'.
[   72.342362][ T8755] netlink: 'syz.1.1023': attribute type 9 has an invalid length.
[   72.344552][ T8755] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.1023'.
[   72.704118][ T8802] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1040'.
[   72.706816][ T8802] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1040'.
[   72.743403][ T8804] netlink: 'syz.1.1041': attribute type 1 has an invalid length.
[   72.751101][ T8807] input input10: cannot allocate more than FF_MAX_EFFECTS effects
[   72.760359][ T8804] 8021q: adding VLAN 0 to HW filter on device bond4
[   72.793489][ T8811] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1043'.
[   72.793913][ T8810] netlink: 'syz.1.1044': attribute type 9 has an invalid length.
[   72.798400][ T8810] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.1044'.
[   72.948262][ T8837] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1054'.
[   73.614101][ T8892] FAULT_INJECTION: forcing a failure.
[   73.614101][ T8892] name failslab, interval 1, probability 0, space 0, times 0
[   73.617991][ T8892] CPU: 2 UID: 0 PID: 8892 Comm: syz.2.1074 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[   73.620749][ T8892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.623575][ T8892] Call Trace:
[   73.624470][ T8892]  <TASK>
[   73.625270][ T8892]  dump_stack_lvl+0x16c/0x1f0
[   73.626615][ T8892]  should_fail_ex+0x497/0x5b0
[   73.627944][ T8892]  ? notifier_call_chain+0x364/0x410
[   73.629676][ T8892]  should_failslab+0xc2/0x120
[   73.631045][ T8892]  kmem_cache_alloc_node_noprof+0x71/0x310
[   73.632870][ T8892]  ? __alloc_skb+0x2b1/0x380
[   73.634503][ T8892]  __alloc_skb+0x2b1/0x380
[   73.635973][ T8892]  ? __pfx___alloc_skb+0x10/0x10
[   73.637630][ T8892]  ? __pfx_fdb_create+0x10/0x10
[   73.639015][ T8892]  ? lock_acquire+0x2f/0xb0
[   73.640318][ T8892]  fdb_notify+0xa4/0x1a0
[   73.641468][ T8892]  fdb_add_local+0x221/0x270
[   73.642726][ T8892]  br_fdb_add_local+0x39/0x60
[   73.644315][ T8892]  __vlan_add+0x3b7/0x2dc0
[   73.645558][ T8892]  ? rcu_is_watching+0x12/0xc0
[   73.646834][ T8892]  ? pcpu_alloc_noprof+0x1f5/0x1690
[   73.648213][ T8892]  ? __pfx___vlan_add+0x10/0x10
[   73.649534][ T8892]  br_vlan_add+0x300/0xb40
[   73.650715][ T8892]  br_vlan_info+0x35c/0x3d0
[   73.651908][ T8892]  ? __pfx_br_vlan_info+0x10/0x10
[   73.653174][ T8892]  ? __pfx_mark_lock+0x10/0x10
[   73.654448][ T8892]  br_process_vlan_info+0x436/0xa10
[   73.655843][ T8892]  ? __pfx_br_process_vlan_info+0x10/0x10
[   73.657354][ T8892]  ? __lock_acquire+0xbdd/0x3ce0
[   73.658664][ T8892]  ? hlock_class+0x4e/0x130
[   73.659945][ T8892]  ? __lock_acquire+0xbdd/0x3ce0
[   73.661261][ T8892]  br_afspec+0x575/0x650
[   73.662556][ T8892]  ? __pfx_br_afspec+0x10/0x10
[   73.664092][ T8892]  ? hlock_class+0x4e/0x130
[   73.665438][ T8892]  ? __lock_acquire+0x163e/0x3ce0
[   73.666802][ T8892]  br_setlink+0x373/0x630
[   73.667963][ T8892]  ? __pfx_br_setlink+0x10/0x10
[   73.669282][ T8892]  ? __print_lock_name+0x260/0x260
[   73.670748][ T8892]  ? __mutex_lock+0x1a6/0x9c0
[   73.672082][ T8892]  ? rtnetlink_rcv_msg+0x372/0xea0
[   73.673473][ T8892]  ? find_held_lock+0x2d/0x110
[   73.674741][ T8892]  rtnl_bridge_setlink+0x313/0x740
[   73.676349][ T8892]  ? __pfx_br_setlink+0x10/0x10
[   73.677944][ T8892]  ? __pfx_rtnl_bridge_setlink+0x10/0x10
[   73.679485][ T8892]  ? __pfx_rtnl_bridge_setlink+0x10/0x10
[   73.680882][ T8892]  rtnetlink_rcv_msg+0x3c7/0xea0
[   73.682168][ T8892]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   73.683702][ T8892]  ? __pfx___lock_acquire+0x10/0x10
[   73.685236][ T8892]  ? __pfx___lock_acquire+0x10/0x10
[   73.686706][ T8892]  ? __pfx_avc_has_perm+0x10/0x10
[   73.688066][ T8892]  netlink_rcv_skb+0x16b/0x440
[   73.689341][ T8892]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   73.690806][ T8892]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   73.692256][ T8892]  ? netlink_deliver_tap+0x1ae/0xd90
[   73.693637][ T8892]  netlink_unicast+0x53c/0x7f0
[   73.694830][ T8892]  ? __pfx_netlink_unicast+0x10/0x10
[   73.696223][ T8892]  netlink_sendmsg+0x8b8/0xd70
[   73.697614][ T8892]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.698960][ T8892]  ____sys_sendmsg+0xaaf/0xc90
[   73.700171][ T8892]  ? copy_msghdr_from_user+0x10b/0x160
[   73.701536][ T8892]  ? __pfx_____sys_sendmsg+0x10/0x10
[   73.702862][ T8892]  ? __pfx___lock_acquire+0x10/0x10
[   73.704190][ T8892]  ___sys_sendmsg+0x135/0x1e0
[   73.705415][ T8892]  ? __pfx____sys_sendmsg+0x10/0x10
[   73.706974][ T8892]  ? lock_acquire+0x2f/0xb0
[   73.708197][ T8892]  ? __fget_files+0x40/0x3f0
[   73.709508][ T8892]  ? fdget+0x176/0x210
[   73.710647][ T8892]  __sys_sendmmsg+0x1a1/0x450
[   73.711965][ T8892]  ? __pfx___sys_sendmmsg+0x10/0x10
[   73.713357][ T8892]  ? vfs_write+0x306/0x1150
[   73.714668][ T8892]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   73.716187][ T8892]  ? fput+0x30/0x390
[   73.717161][ T8892]  ? ksys_write+0x1ad/0x260
[   73.718353][ T8892]  ? __pfx_ksys_write+0x10/0x10
[   73.719617][ T8892]  __x64_sys_sendmmsg+0x9c/0x100
[   73.721137][ T8892]  ? lockdep_hardirqs_on+0x7c/0x110
[   73.722954][ T8892]  do_syscall_64+0xcd/0x250
[   73.724196][ T8892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.725686][ T8892] RIP: 0033:0x7fa1a197e719
[   73.726812][ T8892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.732576][ T8892] RSP: 002b:00007fa19fdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   73.734945][ T8892] RAX: ffffffffffffffda RBX: 00007fa1a1b35f80 RCX: 00007fa1a197e719
[   73.736936][ T8892] RDX: 04000000000001f2 RSI: 0000000020000000 RDI: 0000000000000008
[   73.739043][ T8892] RBP: 00007fa19fdf6090 R08: 0000000000000000 R09: 0000000000000000
[   73.741177][ T8892] R10: 000000000000fff0 R11: 0000000000000246 R12: 0000000000000001
[   73.743278][ T8892] R13: 0000000000000000 R14: 00007fa1a1b35f80 R15: 00007ffd591e4ca8
[   73.745299][ T8892]  </TASK>
[   74.145726][ T8915] xt_hashlimit: size too large, truncated to 1048576
[   74.542908][ T8933] FAULT_INJECTION: forcing a failure.
[   74.542908][ T8933] name failslab, interval 1, probability 0, space 0, times 0
[   74.547165][ T8933] CPU: 2 UID: 0 PID: 8933 Comm: syz.3.1087 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[   74.550648][ T8933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.553489][ T8933] Call Trace:
[   74.554351][ T8933]  <TASK>
[   74.555210][ T8933]  dump_stack_lvl+0x16c/0x1f0
[   74.556815][ T8933]  should_fail_ex+0x497/0x5b0
[   74.558432][ T8933]  ? fs_reclaim_acquire+0xae/0x150
[   74.560135][ T8933]  should_failslab+0xc2/0x120
[   74.561830][ T8933]  kmem_cache_alloc_noprof+0x6e/0x2f0
[   74.563670][ T8933]  ? security_file_alloc+0x34/0x2b0
[   74.565444][ T8933]  ? rcu_is_watching+0x12/0xc0
[   74.567150][ T8933]  security_file_alloc+0x34/0x2b0
[   74.568899][ T8933]  init_file+0x93/0x230
[   74.570310][ T8933]  alloc_empty_file+0x91/0x1e0
[   74.571960][ T8933]  dentry_open+0x46/0xd0
[   74.573679][ T8933]  fanotify_read+0x5dc/0x2400
[   74.575495][ T8933]  ? inode_has_perm+0x183/0x1d0
[   74.577823][ T8933]  ? file_has_perm+0x280/0x350
[   74.579785][ T8933]  ? __pfx_fanotify_read+0x10/0x10
[   74.581839][ T8933]  ? __pfx_woken_wake_function+0x10/0x10
[   74.583750][ T8933]  ? bpf_lsm_file_permission+0x9/0x10
[   74.585716][ T8933]  ? security_file_permission+0x71/0x210
[   74.587663][ T8933]  ? __pfx_fanotify_read+0x10/0x10
[   74.589470][ T8933]  vfs_read+0x1df/0xbe0
[   74.590926][ T8933]  ? __fget_files+0x23a/0x3f0
[   74.592577][ T8933]  ? __pfx_lock_release+0x10/0x10
[   74.594333][ T8933]  ? trace_lock_acquire+0x14a/0x1d0
[   74.596287][ T8933]  ? __pfx_vfs_read+0x10/0x10
[   74.598120][ T8933]  ? lock_acquire+0x2f/0xb0
[   74.599822][ T8933]  ? __fget_files+0x40/0x3f0
[   74.601530][ T8933]  ? __fget_files+0x244/0x3f0
[   74.603179][ T8933]  ksys_read+0x12f/0x260
[   74.604790][ T8933]  ? __pfx_ksys_read+0x10/0x10
[   74.606560][ T8933]  do_syscall_64+0xcd/0x250
[   74.608164][ T8933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.610236][ T8933] RIP: 0033:0x7f85c237e719
[   74.611816][ T8933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.619192][ T8933] RSP: 002b:00007f85c3254038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   74.622377][ T8933] RAX: ffffffffffffffda RBX: 00007f85c2535f80 RCX: 00007f85c237e719
[   74.625102][ T8933] RDX: 0000000000002020 RSI: 00000000200057c0 RDI: 0000000000000004
[   74.627819][ T8933] RBP: 00007f85c3254090 R08: 0000000000000000 R09: 0000000000000000
[   74.630610][ T8933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.633268][ T8933] R13: 0000000000000000 R14: 00007f85c2535f80 R15: 00007fff695aa928
[   74.636182][ T8933]  </TASK>
[   74.673591][ T8938] ufs: You didn't specify the type of your ufs filesystem
[   74.673591][ T8938] 
[   74.673591][ T8938] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[   74.673591][ T8938] 
[   74.673591][ T8938] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[   74.677214][ T8939] bond_slave_1: entered allmulticast mode
[   74.682380][ T8938] ufs: ufstype=old is supported read-only
[   74.685222][ T8938] syz.0.1089: attempt to access beyond end of device
[   74.685222][ T8938] loop0: rw=0, sector=16, nr_sectors = 2 limit=0
[   74.735677][ T8944] 8021q: adding VLAN 0 to HW filter on device bond6
[   74.775908][ T8956] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option ""
[   75.079642][ T8985] 8021q: adding VLAN 0 to HW filter on device bond7
[   75.187506][   T39] kauditd_printk_skb: 19 callbacks suppressed
[   75.187517][   T39] audit: type=1400 audit(1730816223.760:1854): avc:  denied  { write } for  pid=9006 comm="syz.0.1114" name="udplite6" dev="proc" ino=4026533259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   75.298711][ T9008] tipc: Started in network mode
[   75.301065][ T9008] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[   75.304492][ T9008] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[   75.307674][ T9008] tipc: Enabled bearer <udp:syz1>, priority 10
[   75.956611][ T6002] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   76.051050][   T39] audit: type=1400 audit(1730816224.620:1855): avc:  denied  { name_bind } for  pid=9060 comm="syz.3.1134" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   76.057723][   T39] audit: type=1400 audit(1730816224.620:1857): avc:  denied  { bind } for  pid=9060 comm="syz.3.1134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   76.063010][   T39] audit: type=1400 audit(1730816224.620:1856): avc:  denied  { bind } for  pid=9060 comm="syz.3.1134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   76.070794][   T39] audit: type=1400 audit(1730816224.640:1858): avc:  denied  { setopt } for  pid=9060 comm="syz.3.1134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   76.078347][   T39] audit: type=1400 audit(1730816224.640:1859): avc:  denied  { ioctl } for  pid=9060 comm="syz.3.1134" path="socket:[21457]" dev="sockfs" ino=21457 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   76.116529][ T6002] usb 6-1: Using ep0 maxpacket: 8
[   76.120337][ T6002] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[   76.123594][ T6002] usb 6-1: config 179 has no interface number 0
[   76.125568][ T6002] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[   76.132294][ T6002] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[   76.135387][ T6002] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   76.139923][ T6002] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   76.144699][ T6002] usb 6-1: config 179 interface 65 has no altsetting 0
[   76.147026][ T6002] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[   76.149517][ T6002] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.155509][ T9078] FAULT_INJECTION: forcing a failure.
[   76.155509][ T9078] name failslab, interval 1, probability 0, space 0, times 0
[   76.155764][ T9059] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   76.165567][ T9078] CPU: 3 UID: 0 PID: 9078 Comm: syz.3.1141 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[   76.168357][ T9078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.170677][ T6002] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input11
[   76.171224][ T9078] Call Trace:
[   76.171232][ T9078]  <TASK>
[   76.171238][ T9078]  dump_stack_lvl+0x16c/0x1f0
[   76.171254][ T9078]  should_fail_ex+0x497/0x5b0
[   76.171267][ T9078]  should_failslab+0xc2/0x120
[   76.171281][ T9078]  kmem_cache_alloc_node_noprof+0x71/0x310
[   76.181131][ T9078]  ? __alloc_skb+0x2b1/0x380
[   76.182353][ T9078]  __alloc_skb+0x2b1/0x380
[   76.183536][ T9078]  ? __pfx___alloc_skb+0x10/0x10
[   76.184102][   T39] audit: type=1400 audit(1730816224.750:1860): avc:  denied  { read } for  pid=5345 comm="acpid" name="js0" dev="devtmpfs" ino=2801 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   76.184914][ T9078]  rtnl_bridge_notify+0xaa/0x300
[   76.191689][   T39] audit: type=1400 audit(1730816224.750:1861): avc:  denied  { open } for  pid=5345 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2801 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   76.192629][ T9078]  rtnl_bridge_setlink+0x5b5/0x740
[   76.199812][ T9078]  ? __pfx_br_setlink+0x10/0x10
[   76.201105][ T9078]  ? __pfx_rtnl_bridge_setlink+0x10/0x10
[   76.202575][ T9078]  ? __pfx_rtnl_bridge_setlink+0x10/0x10
[   76.204049][ T9078]  rtnetlink_rcv_msg+0x3c7/0xea0
[   76.205372][ T9078]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   76.207054][ T9078]  ? __pfx___lock_acquire+0x10/0x10
[   76.208437][ T9078]  ? __pfx___lock_acquire+0x10/0x10
[   76.209858][ T9078]  ? __pfx_avc_has_perm+0x10/0x10
[   76.211193][ T9078]  netlink_rcv_skb+0x16b/0x440
[   76.212458][ T9078]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   76.213909][ T9078]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   76.215295][ T9078]  ? netlink_deliver_tap+0x1ae/0xd90
[   76.216691][ T9078]  netlink_unicast+0x53c/0x7f0
[   76.217870][ T5345] input input11: unable to receive magic message: -110
[   76.217955][ T9078]  ? __pfx_netlink_unicast+0x10/0x10
[   76.220643][   T39] audit: type=1400 audit(1730816224.790:1862): avc:  denied  { ioctl } for  pid=5345 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2801 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   76.221224][ T9078]  netlink_sendmsg+0x8b8/0xd70
[   76.228887][ T9078]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.230295][ T9078]  ____sys_sendmsg+0xaaf/0xc90
[   76.231561][ T9078]  ? copy_msghdr_from_user+0x10b/0x160
[   76.233002][ T9078]  ? __pfx_____sys_sendmsg+0x10/0x10
[   76.234538][ T9078]  ? hlock_class+0x4e/0x130
[   76.235778][ T9078]  ? __lock_acquire+0x163e/0x3ce0
[   76.237253][ T9078]  ___sys_sendmsg+0x135/0x1e0
[   76.238565][ T9078]  ? __pfx____sys_sendmsg+0x10/0x10
[   76.239971][ T9078]  ? __pfx___lock_acquire+0x10/0x10
[   76.241357][ T9078]  ? __pfx___might_resched+0x10/0x10
[   76.242745][ T9078]  ? __might_fault+0xe3/0x190
[   76.243989][ T9078]  __sys_sendmmsg+0x1a1/0x450
[   76.245227][ T9078]  ? __pfx___sys_sendmmsg+0x10/0x10
[   76.246583][ T9078]  ? vfs_write+0x306/0x1150
[   76.247789][ T9078]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   76.249393][ T9078]  ? fput+0x30/0x390
[   76.250432][ T9078]  ? ksys_write+0x1ad/0x260
[   76.251634][ T9078]  ? __pfx_ksys_write+0x10/0x10
[   76.252928][ T9078]  __x64_sys_sendmmsg+0x9c/0x100
[   76.254243][ T9078]  ? lockdep_hardirqs_on+0x7c/0x110
[   76.255590][ T9078]  do_syscall_64+0xcd/0x250
[   76.256768][ T9078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.258336][ T9078] RIP: 0033:0x7f85c237e719
[   76.259505][ T9078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.264494][ T9078] RSP: 002b:00007f85c3254038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   76.266664][ T9078] RAX: ffffffffffffffda RBX: 00007f85c2535f80 RCX: 00007f85c237e719
[   76.268685][ T9078] RDX: 04000000000001f2 RSI: 0000000020000000 RDI: 0000000000000008
[   76.270877][ T9078] RBP: 00007f85c3254090 R08: 0000000000000000 R09: 0000000000000000
[   76.273093][ T9078] R10: 000000000000fff0 R11: 0000000000000246 R12: 0000000000000002
[   76.275237][ T9078] R13: 0000000000000000 R14: 00007f85c2535f80 R15: 00007fff695aa928
[   76.277293][ T9078]  </TASK>
[   76.283481][ T5345] input input11: unable to receive magic message: -32
[   76.289332][ T5345] input input11: unable to receive magic message: -32
[   76.310641][ T5982] tipc: Node number set to 1
[   76.364837][ T5293] usb 6-1: USB disconnect, device number 8
[   76.364883][    C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   76.370437][ T5293] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   76.566275][ T9105] FAULT_INJECTION: forcing a failure.
[   76.566275][ T9105] name failslab, interval 1, probability 0, space 0, times 0
[   76.570652][ T9105] CPU: 3 UID: 0 PID: 9105 Comm: syz.3.1150 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[   76.573445][ T9105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.576282][ T9105] Call Trace:
[   76.577220][ T9105]  <TASK>
[   76.577999][ T9105]  dump_stack_lvl+0x16c/0x1f0
[   76.579230][ T9105]  should_fail_ex+0x497/0x5b0
[   76.580469][ T9105]  ? fs_reclaim_acquire+0xae/0x150
[   76.581808][ T9105]  should_failslab+0xc2/0x120
[   76.583054][ T9105]  kmem_cache_alloc_noprof+0x6e/0x2f0
[   76.584451][ T9105]  ? security_inode_alloc+0x3b/0x2b0
[   76.585841][ T9105]  security_inode_alloc+0x3b/0x2b0
[   76.587175][ T9105]  inode_init_always_gfp+0xc5f/0xfb0
[   76.588553][ T9105]  alloc_inode+0x82/0x230
[   76.589742][ T9105]  path_from_stashed+0x55f/0xec0
[   76.591052][ T9105]  ? __pfx_path_from_stashed+0x10/0x10
[   76.592497][ T9105]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   76.594053][ T9105]  ? lock_acquire+0x2f/0xb0
[   76.595259][ T9105]  pidfs_alloc_file+0xff/0x1f0
[   76.596671][ T9105]  ? __pfx_pidfs_alloc_file+0x10/0x10
[   76.598262][ T9105]  pidfd_prepare+0xa8/0x150
[   76.599650][ T9105]  fanotify_read+0xdea/0x2400
[   76.600978][ T9105]  ? file_has_perm+0x280/0x350
[   76.602290][ T9105]  ? __pfx_fanotify_read+0x10/0x10
[   76.603688][ T9105]  ? __pfx_woken_wake_function+0x10/0x10
[   76.605195][ T9105]  ? bpf_lsm_file_permission+0x9/0x10
[   76.606719][ T9105]  ? security_file_permission+0x71/0x210
[   76.608199][ T9105]  ? __pfx_fanotify_read+0x10/0x10
[   76.609564][ T9105]  vfs_read+0x1df/0xbe0
[   76.610675][ T9105]  ? __fget_files+0x23a/0x3f0
[   76.611922][ T9105]  ? __pfx_lock_release+0x10/0x10
[   76.613265][ T9105]  ? trace_lock_acquire+0x14a/0x1d0
[   76.614636][ T9105]  ? __pfx_vfs_read+0x10/0x10
[   76.616014][ T9105]  ? lock_acquire+0x2f/0xb0
[   76.617283][ T9105]  ? __fget_files+0x40/0x3f0
[   76.618509][ T9105]  ? __fget_files+0x244/0x3f0
[   76.619772][ T9105]  ksys_read+0x12f/0x260
[   76.620908][ T9105]  ? __pfx_ksys_read+0x10/0x10
[   76.622193][ T9105]  do_syscall_64+0xcd/0x250
[   76.623396][ T9105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.624958][ T9105] RIP: 0033:0x7f85c237e719
[   76.626165][ T9105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.631187][ T9105] RSP: 002b:00007f85c3254038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   76.633475][ T9105] RAX: ffffffffffffffda RBX: 00007f85c2535f80 RCX: 00007f85c237e719
[   76.635588][ T9105] RDX: 0000000000002020 RSI: 00000000200057c0 RDI: 0000000000000004
[   76.637834][ T9105] RBP: 00007f85c3254090 R08: 0000000000000000 R09: 0000000000000000
[   76.639887][ T9105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.641945][ T9105] R13: 0000000000000000 R14: 00007f85c2535f80 R15: 00007fff695aa928
[   76.643991][ T9105]  </TASK>
[   76.766600][ T9116] validate_nla: 6 callbacks suppressed
[   76.766643][ T9116] netlink: 'syz.2.1154': attribute type 1 has an invalid length.
[   76.774611][   T39] audit: type=1326 audit(1730816225.340:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9109 comm="syz.3.1152" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f85c237e719 code=0x0
[   76.797595][ T9116] 8021q: adding VLAN 0 to HW filter on device bond8
[   76.894006][ T9110] loop0: detected capacity change from 0 to 7
[   76.903114][ T9110] Dev loop0: unable to read RDB block 7
[   76.904807][ T9110]  loop0: AHDI p4
[   76.906249][ T9110] loop0: partition table partially beyond EOD, truncated
[   77.059323][ T9142] vti0: entered promiscuous mode
[   77.060805][ T9142] vti0: entered allmulticast mode
[   77.063437][ T9142] random: crng reseeded on system resumption
[   77.344832][ T9170] __nla_validate_parse: 20 callbacks suppressed
[   77.344849][ T9170] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1175'.
[   77.388029][ T9176] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1178'.
[   77.422781][ T9183] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1182'.
[   77.425343][ T9183] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1182'.
[   77.541575][ T7847] nci: nci_add_new_protocol: the target found does not have the desired protocol
[   77.542006][ T9209] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1186'.
[   77.888982][ T9221] netlink: 'syz.3.1197': attribute type 9 has an invalid length.
[   77.891150][ T9221] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.1197'.
[   77.949675][ T5940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   77.952391][ T5940] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   77.955336][ T5940] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   77.961333][ T5940] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   77.964174][ T5940] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   77.966919][ T5940] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   78.065286][ T9226] chnl_net:caif_netlink_parms(): no params data found
[   78.155538][ T9226] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.158258][ T9226] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.160213][ T9226] bridge_slave_0: entered allmulticast mode
[   78.162336][ T9226] bridge_slave_0: entered promiscuous mode
[   78.164917][ T9226] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.167440][ T9226] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.169432][ T9226] bridge_slave_1: entered allmulticast mode
[   78.171659][ T9226] bridge_slave_1: entered promiscuous mode
[   78.209627][ T9226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.213221][ T9226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.233418][ T9240] FAULT_INJECTION: forcing a failure.
[   78.233418][ T9240] name failslab, interval 1, probability 0, space 0, times 0
[   78.238797][ T9240] CPU: 1 UID: 0 PID: 9240 Comm: syz.3.1201 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[   78.241972][ T9240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.244746][ T9240] Call Trace:
[   78.245642][ T9240]  <TASK>
[   78.246443][ T9240]  dump_stack_lvl+0x16c/0x1f0
[   78.247711][ T9240]  should_fail_ex+0x497/0x5b0
[   78.249026][ T9240]  should_failslab+0xc2/0x120
[   78.250260][ T9240]  kmem_cache_alloc_noprof+0x6e/0x2f0
[   78.251660][ T9240]  ? xfrm_state_alloc+0x23/0x510
[   78.252958][ T9240]  xfrm_state_alloc+0x23/0x510
[   78.254339][ T9240]  xfrm_add_sa+0xe08/0x4de0
[   78.255570][ T9240]  ? cap_capable+0x1cf/0x240
[   78.256800][ T9240]  ? __pfx_xfrm_add_sa+0x10/0x10
[   78.258135][ T9240]  ? __nla_parse+0x40/0x60
[   78.259368][ T9240]  ? __pfx_xfrm_add_sa+0x10/0x10
[   78.260683][ T9240]  xfrm_user_rcv_msg+0x58c/0xb30
[   78.261998][ T9240]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   78.263436][ T9240]  ? hlock_class+0x4e/0x130
[   78.264649][ T9240]  ? __lock_acquire+0x163e/0x3ce0
[   78.266294][ T9240]  ? __mutex_trylock_common+0xea/0x250
[   78.267745][ T9240]  ? __pfx___mutex_trylock_common+0x10/0x10
[   78.269343][ T9240]  netlink_rcv_skb+0x16b/0x440
[   78.270634][ T9240]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   78.272096][ T9240]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   78.273487][ T9240]  xfrm_netlink_rcv+0x71/0x90
[   78.274764][ T9240]  netlink_unicast+0x53c/0x7f0
[   78.276059][ T9240]  ? __pfx_netlink_unicast+0x10/0x10
[   78.277514][ T9240]  netlink_sendmsg+0x8b8/0xd70
[   78.278805][ T9240]  ? __pfx_netlink_sendmsg+0x10/0x10
[   78.280223][ T9240]  ____sys_sendmsg+0xaaf/0xc90
[   78.281516][ T9240]  ? copy_msghdr_from_user+0x10b/0x160
[   78.282919][ T9240]  ? __pfx_____sys_sendmsg+0x10/0x10
[   78.284409][ T9240]  ? __pfx___lock_acquire+0x10/0x10
[   78.285890][ T9240]  ___sys_sendmsg+0x135/0x1e0
[   78.287350][ T9240]  ? __pfx____sys_sendmsg+0x10/0x10
[   78.288913][ T9240]  ? lock_acquire+0x2f/0xb0
[   78.290279][ T9240]  ? __fget_files+0x40/0x3f0
[   78.291653][ T9240]  ? fdget+0x176/0x210
[   78.292791][ T9240]  __sys_sendmsg+0x117/0x1f0
[   78.294132][ T9240]  ? __pfx___sys_sendmsg+0x10/0x10
[   78.295507][ T9240]  ? __fget_files+0x244/0x3f0
[   78.296794][ T9240]  do_syscall_64+0xcd/0x250
[   78.298036][ T9240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.299596][ T9240] RIP: 0033:0x7f85c237e719
[   78.300831][ T9240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.306045][ T9240] RSP: 002b:00007f85c3254038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.308292][ T9240] RAX: ffffffffffffffda RBX: 00007f85c2535f80 RCX: 00007f85c237e719
[   78.310706][ T9240] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[   78.313477][ T9240] RBP: 00007f85c3254090 R08: 0000000000000000 R09: 0000000000000000
[   78.316047][ T9240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.318344][ T9240] R13: 0000000000000000 R14: 00007f85c2535f80 R15: 00007fff695aa928
[   78.320431][ T9240]  </TASK>
[   78.331283][ T9226] team0: Port device team_slave_0 added
[   78.347178][ T9226] team0: Port device team_slave_1 added
[   78.362946][ T9251] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1206'.
[   78.366204][ T9251] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1206'.
[   78.368593][ T9251] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1206'.
[   78.371745][ T9250] netlink: 'syz.3.1204': attribute type 1 has an invalid length.
[   78.393949][ T9250] 8021q: adding VLAN 0 to HW filter on device bond9
[   78.397515][ T9226] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.400134][ T9226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.407198][ T9226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.410703][ T9226] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.412483][ T9226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.418993][ T9226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.456661][ T9226] hsr_slave_0: entered promiscuous mode
[   78.459230][ T9226] hsr_slave_1: entered promiscuous mode
[   78.461248][ T9226] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.463216][ T9226] Cannot create hsr debugfs directory
[   78.483996][ T9265] netlink: 'syz.3.1212': attribute type 9 has an invalid length.
[   78.486263][ T9265] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.1212'.
[   78.504505][ T9266] netlink: 'syz.0.1210': attribute type 13 has an invalid length.
[   78.507664][ T9266] netlink: 'syz.0.1210': attribute type 14 has an invalid length.
[   78.543934][ T9226] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   78.547887][ T9226] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   78.551240][ T9226] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   78.555815][ T9226] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   78.568675][ T9226] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.570895][ T9226] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.573694][ T9226] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.575552][ T9226] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.597814][ T9226] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.604790][ T7847] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.608540][ T7847] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.627409][ T9226] 8021q: adding VLAN 0 to HW filter on device team0
[   78.636106][ T7835] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.636842][ T5982] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[   78.638063][ T7835] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.646343][ T7835] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.649204][ T7835] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.740271][ T9226] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.799161][ T5982] usb 6-1: Using ep0 maxpacket: 8
[   78.801698][ T5982] usb 6-1: config index 0 descriptor too short (expected 5924, got 36)
[   78.803971][ T5982] usb 6-1: config 250 has an invalid interface number: 228 but max is -1
[   78.806080][ T5982] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0
[   78.809668][ T5982] usb 6-1: config 250 has no interface number 0
[   78.811369][ T5982] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[   78.814336][ T5982] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[   78.818697][ T5982] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[   78.821469][ T5982] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[   78.824005][ T5982] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[   78.827974][ T5982] usb 6-1: config 250 interface 228 has no altsetting 0
[   78.834300][ T5982] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[   78.836855][ T5982] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[   78.839573][ T5982] usb 6-1: Product: syz
[   78.840787][ T5982] usb 6-1: SerialNumber: syz
[   78.840894][ T9226] veth0_vlan: entered promiscuous mode
[   78.845082][ T5982] hub 6-1:250.228: bad descriptor, ignoring hub
[   78.846361][ T9226] veth1_vlan: entered promiscuous mode
[   78.847227][ T5982] hub 6-1:250.228: probe with driver hub failed with error -5
[   78.861357][ T9226] veth0_macvtap: entered promiscuous mode
[   78.866095][ T9226] veth1_macvtap: entered promiscuous mode
[   78.876279][ T9226] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.882679][ T9226] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.887182][ T9226] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.889459][ T9226] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.891711][ T9226] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.894155][ T9226] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.931204][ T7843] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.933379][ T7843] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.948305][ T7843] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.950315][ T7843] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.001822][ T9309] netlink: 'syz.3.1223': attribute type 1 has an invalid length.
[   79.010573][ T9309] 8021q: adding VLAN 0 to HW filter on device bond10
[   79.048422][ T5982] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 9 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[   79.096074][ T9317] FAULT_INJECTION: forcing a failure.
[   79.096074][ T9317] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.099934][ T9317] CPU: 1 UID: 0 PID: 9317 Comm: syz.3.1226 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[   79.102622][ T9317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.105610][ T9317] Call Trace:
[   79.106494][ T9317]  <TASK>
[   79.107274][ T9317]  dump_stack_lvl+0x16c/0x1f0
[   79.108688][ T9317]  should_fail_ex+0x497/0x5b0
[   79.109926][ T9317]  _copy_to_user+0x32/0xd0
[   79.111102][ T9317]  simple_read_from_buffer+0xd0/0x160
[   79.112456][ T9317]  proc_fail_nth_read+0x198/0x270
[   79.113719][ T9317]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   79.115166][ T9317]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   79.116641][ T9317]  vfs_read+0x1df/0xbe0
[   79.117726][ T9317]  ? __fget_files+0x23a/0x3f0
[   79.119089][ T9317]  ? fdget_pos+0x24c/0x360
[   79.120283][ T9317]  ? __pfx_lock_release+0x10/0x10
[   79.121602][ T9317]  ? trace_lock_acquire+0x14a/0x1d0
[   79.122946][ T9317]  ? __pfx_vfs_read+0x10/0x10
[   79.124163][ T9317]  ? __pfx___mutex_lock+0x10/0x10
[   79.125467][ T9317]  ? __fget_files+0x244/0x3f0
[   79.126680][ T9317]  ksys_read+0x12f/0x260
[   79.127773][ T9317]  ? __pfx_ksys_read+0x10/0x10
[   79.129052][ T9317]  do_syscall_64+0xcd/0x250
[   79.130213][ T9317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.131686][ T9317] RIP: 0033:0x7f85c237d15c
[   79.133027][ T9317] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   79.137987][ T9317] RSP: 002b:00007f85c3254030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   79.140111][ T9317] RAX: ffffffffffffffda RBX: 00007f85c2535f80 RCX: 00007f85c237d15c
[   79.142148][ T9317] RDX: 000000000000000f RSI: 00007f85c32540a0 RDI: 0000000000000009
[   79.144277][ T9317] RBP: 00007f85c3254090 R08: 0000000000000000 R09: 0000000000000000
[   79.146641][ T9317] R10: 000000000000fff0 R11: 0000000000000246 R12: 0000000000000002
[   79.149053][ T9317] R13: 0000000000000000 R14: 00007f85c2535f80 R15: 00007fff695aa928
[   79.151653][ T9317]  </TASK>
[   79.289268][ T9327] netlink: 'syz.3.1229': attribute type 9 has an invalid length.
[   79.451451][ T9348] FAULT_INJECTION: forcing a failure.
[   79.451451][ T9348] name failslab, interval 1, probability 0, space 0, times 0
[   79.455633][ T9348] CPU: 3 UID: 0 PID: 9348 Comm: syz.3.1237 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[   79.458462][ T9348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.461679][ T9348] Call Trace:
[   79.462690][ T9348]  <TASK>
[   79.463681][ T9348]  dump_stack_lvl+0x16c/0x1f0
[   79.465474][ T9348]  should_fail_ex+0x497/0x5b0
[   79.466959][ T9348]  ? fs_reclaim_acquire+0xae/0x150
[   79.468576][ T9348]  should_failslab+0xc2/0x120
[   79.470214][ T9348]  __kmalloc_node_noprof+0xd1/0x430
[   79.471911][ T9348]  ? crypto_alloc_tfmmem.isra.0+0x38/0x110
[   79.473961][ T9348]  ? __pfx_crypto_alg_extsize+0x10/0x10
[   79.475399][ T9348]  crypto_alloc_tfmmem.isra.0+0x38/0x110
[   79.476881][ T9348]  crypto_create_tfm_node+0x83/0x320
[   79.478281][ T9348]  crypto_alloc_tfm_node+0x102/0x260
[   79.479664][ T9348]  esp_init_aead.constprop.0+0x108/0x3b0
[   79.481117][ T9348]  ? __pfx_esp_init_aead.constprop.0+0x10/0x10
[   79.482694][ T9348]  ? __pfx_lock_release+0x10/0x10
[   79.484136][ T9348]  ? xfrm_state_get_afinfo+0x49/0x2b0
[   79.485600][ T9348]  esp_init_state+0x86/0x520
[   79.486921][ T9348]  __xfrm_init_state+0x836/0x1a90
[   79.488282][ T9348]  xfrm_add_sa+0x2b17/0x4de0
[   79.489670][ T9348]  ? cap_capable+0x1cf/0x240
[   79.490875][ T9348]  ? __pfx_xfrm_add_sa+0x10/0x10
[   79.492120][ T9348]  ? __nla_parse+0x40/0x60
[   79.493266][ T9348]  ? __pfx_xfrm_add_sa+0x10/0x10
[   79.494546][ T9348]  xfrm_user_rcv_msg+0x58c/0xb30
[   79.495964][ T9348]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   79.497373][ T9348]  ? hlock_class+0x4e/0x130
[   79.498527][ T9348]  ? __lock_acquire+0x163e/0x3ce0
[   79.499833][ T9348]  ? __mutex_trylock_common+0xea/0x250
[   79.501298][ T9348]  ? __pfx___mutex_trylock_common+0x10/0x10
[   79.502831][ T9348]  netlink_rcv_skb+0x16b/0x440
[   79.504133][ T9348]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   79.505616][ T9348]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   79.506959][ T9348]  xfrm_netlink_rcv+0x71/0x90
[   79.508615][ T9348]  netlink_unicast+0x53c/0x7f0
[   79.510057][ T9348]  ? __pfx_netlink_unicast+0x10/0x10
[   79.512072][ T9348]  netlink_sendmsg+0x8b8/0xd70
[   79.513408][ T9348]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.514809][ T9348]  ____sys_sendmsg+0xaaf/0xc90
[   79.516334][ T9348]  ? copy_msghdr_from_user+0x10b/0x160
[   79.518090][ T9348]  ? __pfx_____sys_sendmsg+0x10/0x10
[   79.519481][ T9348]  ? __pfx___lock_acquire+0x10/0x10
[   79.520944][ T9348]  ___sys_sendmsg+0x135/0x1e0
[   79.522549][ T9348]  ? __pfx____sys_sendmsg+0x10/0x10
[   79.524511][ T9348]  ? lock_acquire+0x2f/0xb0
[   79.525980][ T9348]  ? __fget_files+0x40/0x3f0
[   79.527881][ T9348]  ? fdget+0x176/0x210
[   79.529461][ T9348]  __sys_sendmsg+0x117/0x1f0
[   79.530911][ T9348]  ? __pfx___sys_sendmsg+0x10/0x10
[   79.532551][ T9348]  ? __fget_files+0x244/0x3f0
[   79.534240][ T9348]  do_syscall_64+0xcd/0x250
[   79.535742][ T9348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.537579][ T9348] RIP: 0033:0x7f85c237e719
[   79.539042][ T9348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.545239][ T9348] RSP: 002b:00007f85c3254038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.546027][ T9353] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[   79.547590][ T9348] RAX: ffffffffffffffda RBX: 00007f85c2535f80 RCX: 00007f85c237e719
[   79.547633][ T9348] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[   79.547641][ T9348] RBP: 00007f85c3254090 R08: 0000000000000000 R09: 0000000000000000
[   79.547647][ T9348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.547654][ T9348] R13: 0000000000000000 R14: 00007f85c2535f80 R15: 00007fff695aa928
[   79.547671][ T9348]  </TASK>
[   79.568952][ T9353] kernel read not supported for file /policy (pid: 9353 comm: syz.0.1238)
[   79.584838][ T9356] netlink: 'syz.3.1239': attribute type 1 has an invalid length.
[   79.611928][ T9356] 8021q: adding VLAN 0 to HW filter on device bond11
[   79.912176][ T9377] vlan0: entered allmulticast mode
[   79.913781][ T9377] veth0_vlan: entered allmulticast mode
[   79.936612][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   79.967477][ T9381] netlink: 'syz.0.1249': attribute type 9 has an invalid length.
[   79.996679][ T5950] Bluetooth: hci3: command tx timeout
[   80.277858][ T9401] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   80.543896][ T9405] FAULT_INJECTION: forcing a failure.
[   80.543896][ T9405] name failslab, interval 1, probability 0, space 0, times 0
[   80.549066][ T9405] CPU: 3 UID: 0 PID: 9405 Comm: syz.3.1258 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[   80.552391][ T9405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.555394][ T9405] Call Trace:
[   80.556252][ T9405]  <TASK>
[   80.557035][ T9405]  dump_stack_lvl+0x16c/0x1f0
[   80.558234][ T9405]  should_fail_ex+0x497/0x5b0
[   80.560338][ T9405]  ? fs_reclaim_acquire+0xae/0x150
[   80.561688][ T9405]  should_failslab+0xc2/0x120
[   80.563196][ T9405]  __kmalloc_node_noprof+0xd1/0x430
[   80.564639][ T9405]  ? crypto_alloc_tfmmem.isra.0+0x38/0x110
[   80.566506][ T9405]  ? __pfx_crypto_skcipher_extsize+0x10/0x10
[   80.568037][ T9405]  crypto_alloc_tfmmem.isra.0+0x38/0x110
[   80.569487][ T9405]  crypto_create_tfm_node+0x83/0x320
[   80.571009][ T9405]  crypto_alloc_tfm_node+0x102/0x260
[   80.572521][ T9405]  crypto_alloc_sync_skcipher+0x35/0xd0
[   80.574238][ T9405]  crypto_get_default_null_skcipher+0x5f/0x90
[   80.576491][ T9405]  aead_init_geniv+0x16a/0x330
[   80.578029][ T9405]  ? __pfx_aead_init_geniv+0x10/0x10
[   80.579652][ T9405]  crypto_aead_init_tfm+0x149/0x1b0
[   80.581487][ T9405]  crypto_create_tfm_node+0x100/0x320
[   80.583274][ T9405]  crypto_alloc_tfm_node+0x102/0x260
[   80.584899][ T9405]  esp_init_aead.constprop.0+0x108/0x3b0
[   80.586719][ T9405]  ? __pfx_esp_init_aead.constprop.0+0x10/0x10
[   80.588778][ T9405]  ? __pfx_lock_release+0x10/0x10
[   80.590123][ T9405]  ? xfrm_state_get_afinfo+0x49/0x2b0
[   80.591858][ T9405]  esp_init_state+0x86/0x520
[   80.593322][ T9405]  __xfrm_init_state+0x836/0x1a90
[   80.594649][ T9405]  xfrm_add_sa+0x2b17/0x4de0
[   80.595865][ T9405]  ? cap_capable+0x1cf/0x240
[   80.597101][ T9405]  ? __pfx_xfrm_add_sa+0x10/0x10
[   80.598599][ T9405]  ? __nla_parse+0x40/0x60
[   80.600081][ T9405]  ? __pfx_xfrm_add_sa+0x10/0x10
[   80.601417][ T9405]  xfrm_user_rcv_msg+0x58c/0xb30
[   80.602807][ T9405]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   80.604480][ T9405]  ? hlock_class+0x4e/0x130
[   80.606431][ T9405]  ? __lock_acquire+0x163e/0x3ce0
[   80.608399][ T9405]  ? __mutex_trylock_common+0xea/0x250
[   80.610195][ T9405]  ? __pfx___mutex_trylock_common+0x10/0x10
[   80.611957][ T9405]  netlink_rcv_skb+0x16b/0x440
[   80.613209][ T9405]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   80.614643][ T9405]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   80.616454][ T9405]  xfrm_netlink_rcv+0x71/0x90
[   80.618001][ T9405]  netlink_unicast+0x53c/0x7f0
[   80.619511][ T9405]  ? __pfx_netlink_unicast+0x10/0x10
[   80.621502][ T9405]  netlink_sendmsg+0x8b8/0xd70
[   80.623311][ T9405]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.624936][ T9405]  ____sys_sendmsg+0xaaf/0xc90
[   80.626614][ T9405]  ? copy_msghdr_from_user+0x10b/0x160
[   80.628473][ T9405]  ? __pfx_____sys_sendmsg+0x10/0x10
[   80.630254][ T9405]  ? __pfx___lock_acquire+0x10/0x10
[   80.631941][ T9405]  ___sys_sendmsg+0x135/0x1e0
[   80.633657][ T9405]  ? __pfx____sys_sendmsg+0x10/0x10
[   80.635252][ T9405]  ? lock_acquire+0x2f/0xb0
[   80.636472][ T9405]  ? __fget_files+0x40/0x3f0
[   80.637717][ T9405]  ? fdget+0x176/0x210
[   80.638763][ T9405]  __sys_sendmsg+0x117/0x1f0
[   80.640080][ T9405]  ? __pfx___sys_sendmsg+0x10/0x10
[   80.641430][ T9405]  ? __fget_files+0x244/0x3f0
[   80.642682][ T9405]  do_syscall_64+0xcd/0x250
[   80.643839][ T9405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.645363][ T9405] RIP: 0033:0x7f85c237e719
[   80.646523][ T9405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.652205][ T9405] RSP: 002b:00007f85c3254038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.654575][ T9405] RAX: ffffffffffffffda RBX: 00007f85c2535f80 RCX: 00007f85c237e719
[   80.656688][ T9405] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[   80.659148][ T9405] RBP: 00007f85c3254090 R08: 0000000000000000 R09: 0000000000000000
[   80.661312][ T9405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.663414][ T9405] R13: 0000000000000000 R14: 00007f85c2535f80 R15: 00007fff695aa928
[   80.665475][ T9405]  </TASK>
[   80.702735][ T9407] 8021q: adding VLAN 0 to HW filter on device bond12
[   81.234253][ T9417] tipc: Enabled bearer <eth:vlan0>, priority 10
[   81.403540][ T9431] vlan0: entered allmulticast mode
[   81.405002][ T9431] veth0_vlan: entered allmulticast mode
[   81.433935][   T39] kauditd_printk_skb: 18 callbacks suppressed
[   81.433954][   T39] audit: type=1400 audit(1730816230.000:1882): avc:  denied  { append } for  pid=9435 comm="syz.1.1272" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   81.454448][ T9432] syzkaller0: entered promiscuous mode
[   81.457436][ T9432] syzkaller0: entered allmulticast mode
[   81.462034][   T39] audit: type=1400 audit(1730816230.030:1883): avc:  denied  { name_bind } for  pid=9428 comm="syz.0.1269" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   81.464130][ T9432] exFAT-fs (nullb0): invalid boot record signature
[   81.472769][ T9432] exFAT-fs (nullb0): failed to read boot sector
[   81.474381][ T9432] exFAT-fs (nullb0): failed to recognize exfat type
[   81.511308][   T39] audit: type=1400 audit(1730816230.080:1884): avc:  denied  { listen } for  pid=9441 comm="syz.4.1274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   81.526777][ T5982] usb 6-1: USB disconnect, device number 9
[   81.533214][ T5982] usblp0: removed
[   81.593538][ T9447] overlay: ./bus is not a directory
[   81.759198][ T9469] zonefs (loop1) ERROR: Not a zoned block device
[   81.836662][ T9486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   81.891488][ T9486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   81.900711][ T9491] validate_nla: 6 callbacks suppressed
[   81.900722][ T9491] netlink: 'syz.1.1289': attribute type 1 has an invalid length.
[   81.915753][ T9491] 8021q: adding VLAN 0 to HW filter on device bond5
[   81.946361][ T9486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   81.976351][   T39] audit: type=1400 audit(1730816230.540:1885): avc:  denied  { read } for  pid=9499 comm="syz.1.1291" dev="sockfs" ino=26080 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   82.076557][ T5950] Bluetooth: hci3: command tx timeout
[   82.144125][ T9507] pimreg: entered allmulticast mode
[   82.147657][ T9507] pimreg: left allmulticast mode
[   82.436561][ T5293] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[   82.518347][ T9512] netlink: 'syz.3.1296': attribute type 9 has an invalid length.
[   82.523366][ T9512] __nla_validate_parse: 19 callbacks suppressed
[   82.523381][ T9512] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.1296'.
[   82.606651][ T5293] usb 6-1: Using ep0 maxpacket: 16
[   82.610198][ T5293] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[   82.613175][ T5293] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   82.615885][ T5293] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[   82.620270][ T5293] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[   82.622732][ T5293] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.624701][ T5293] usb 6-1: Product: syz
[   82.625772][ T5293] usb 6-1: Manufacturer: syz
[   82.627015][ T5293] usb 6-1: SerialNumber: syz
[   82.635222][ T5293] usb 6-1: config 0 descriptor??
[   82.638210][ T5293] appledisplay 6-1:0.0: Submitting URB failed
[   82.640164][ T5293] appledisplay 6-1:0.0: probe with driver appledisplay failed with error -5
[   83.464405][ T9518] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1298'.
[   83.637959][ T9531] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1303'.
[   83.640236][ T9531] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1303'.
[   83.642591][ T9531] vlan0: entered allmulticast mode
[   83.643909][ T9531] veth0_vlan: entered allmulticast mode
[   83.786540][   T39] audit: type=1400 audit(1730816232.350:1886): avc:  denied  { write } for  pid=9536 comm="syz.3.1306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   84.161043][ T5950] Bluetooth: hci3: command tx timeout
[   84.177153][ T1485] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   84.328443][ T1485] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   84.331452][ T1485] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   84.334326][ T1485] usb 8-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[   84.336620][ T1485] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.339553][ T1485] usb 8-1: config 0 descriptor??
[   84.342335][ T9547] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[   84.581002][ T9558] netlink: 'syz.0.1313': attribute type 29 has an invalid length.
[   84.583149][ T9558] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1313'.
[   84.622747][ T9562] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1314'.
[   84.645094][ T9565] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1315'.
[   84.657030][   T39] audit: type=1400 audit(1730816233.230:1887): avc:  denied  { write } for  pid=5342 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   84.662885][   T39] audit: type=1400 audit(1730816233.230:1888): avc:  denied  { remove_name } for  pid=5342 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   84.669733][   T39] audit: type=1400 audit(1730816233.230:1889): avc:  denied  { add_name } for  pid=5342 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   84.675495][ T9569] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1316'.
[   84.678384][ T9569] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1316'.
[   84.681319][ T9569] tipc: Resetting bearer <eth:vlan0>
[   84.774119][ T9577] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1319'.
[   84.787023][ T1485] usbhid 8-1:0.0: can't add hid device: -71
[   84.788719][ T1485] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[   84.792447][ T1485] usb 8-1: USB disconnect, device number 5
[   84.864521][   T39] audit: type=1400 audit(1730816233.430:1890): avc:  denied  { setopt } for  pid=9583 comm="syz.0.1322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   84.902374][ T9591] netlink: 'syz.0.1323': attribute type 1 has an invalid length.
[   84.912555][ T9591] 8021q: adding VLAN 0 to HW filter on device bond8
[   85.041467][   T39] audit: type=1400 audit(1730816233.610:1891): avc:  denied  { bind } for  pid=9599 comm="syz.0.1326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   85.102976][ T5293] usb 6-1: USB disconnect, device number 10
[   85.267962][ T9624] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[   85.670532][ T9674] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[   85.746880][ T9677] netlink: 'syz.1.1356': attribute type 9 has an invalid length.
[   86.156865][   T25] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[   86.236902][ T5950] Bluetooth: hci3: command tx timeout
[   86.328055][   T25] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[   86.330292][   T25] usb 6-1: config 0 has no interface number 0
[   86.332391][   T25] usb 6-1: config 0 interface 8 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   86.336534][   T25] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[   86.338794][   T25] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[   86.340998][   T25] usb 6-1: Product: syz
[   86.342064][   T25] usb 6-1: SerialNumber: syz
[   86.349604][   T25] usb 6-1: config 0 descriptor??
[   86.355139][   T25] usbhid 6-1:0.8: couldn't find an input interrupt endpoint
[   86.408863][ T9700] tipc: Resetting bearer <eth:vlan0>
[   86.435769][ T9702] tmpfs: Bad value for 'mpol'
[   86.556277][ T9693] batman_adv: batadv0: Adding interface: erspan1
[   86.558008][ T9693] batman_adv: batadv0: Not using interface erspan1 (retrying later): interface not active
[   86.561848][ T5293] usb 6-1: USB disconnect, device number 11
[   86.650354][ T9723] mmap: syz.3.1372 (9723) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   87.136046][   T39] kauditd_printk_skb: 6 callbacks suppressed
[   87.136057][   T39] audit: type=1400 audit(1730816235.700:1898): avc:  denied  { bind } for  pid=9735 comm="syz.1.1375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   87.147265][   T39] audit: type=1400 audit(1730816235.720:1899): avc:  denied  { read } for  pid=9735 comm="syz.1.1375" path="socket:[27772]" dev="sockfs" ino=27772 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   87.154136][   T39] audit: type=1400 audit(1730816235.720:1900): avc:  denied  { mounton } for  pid=9735 comm="syz.1.1375" path="/351/file0" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1
[   87.175730][ T9739] netlink: 'syz.1.1376': attribute type 9 has an invalid length.
[   87.429727][ T9763] netlink: 'syz.4.1386': attribute type 1 has an invalid length.
[   87.450109][ T9770] netlink: 'syz.1.1390': attribute type 9 has an invalid length.
[   87.528475][ T9781] veth0_vlan: left allmulticast mode
[   87.642622][ T9802] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   87.680776][ T9811] __nla_validate_parse: 25 callbacks suppressed
[   87.680787][ T9811] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1406'.
[   87.684687][ T9811] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1406'.
[   87.689599][ T9811] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1406'.
[   87.702119][   T39] audit: type=1400 audit(1730816236.270:1901): avc:  denied  { read } for  pid=9813 comm="syz.4.1407" name="btrfs-control" dev="devtmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   87.711949][   T39] audit: type=1400 audit(1730816236.280:1902): avc:  denied  { ioctl } for  pid=9813 comm="syz.4.1407" path="/dev/btrfs-control" dev="devtmpfs" ino=1335 ioctlcmd=0x9404 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   87.880498][ T9828] xt_hashlimit: size too large, truncated to 1048576
[   87.996608][ T6002] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   88.146576][ T6002] usb 5-1: Using ep0 maxpacket: 32
[   88.150644][ T6002] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   88.156316][ T6002] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   88.160265][ T6002] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   88.163064][ T6002] usb 5-1: Product: syz
[   88.164370][ T6002] usb 5-1: Manufacturer: syz
[   88.165709][ T6002] usb 5-1: SerialNumber: syz
[   88.174604][ T6002] usb 5-1: config 0 descriptor??
[   88.178816][ T9815] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   88.510726][ T6002] usb 5-1: USB disconnect, device number 3
[   88.566120][ T9846] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1416'.
[   88.578041][ T9846] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1416'.
[   88.580347][ T9846] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1416'.
[   88.654329][ T9860] netlink: 'syz.4.1422': attribute type 1 has an invalid length.
[   88.673975][ T9862] tipc: Can't bind to reserved service type 1
[   88.717418][ T9815] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   88.725958][   T39] audit: type=1326 audit(1730816237.290:1903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9867 comm="syz.3.1428" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f85c237e719 code=0x0
[   88.732168][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   88.779890][ T9874] devtmpfs: Cannot change global quota limit on remount
[   88.790914][ T9877] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1430'.
[   88.793465][ T9877] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1430'.
[   88.797817][ T9877] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1430'.
[   88.863169][   T39] audit: type=1400 audit(1730816237.430:1904): avc:  denied  { mounton } for  pid=9884 comm="syz.1.1434" path="/385/file0/bus" dev="9p" ino=36832021 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   88.863723][ T9886] overlay: ./file1 is not a directory
[   88.959828][   T39] audit: type=1400 audit(1730816237.530:1905): avc:  denied  { setopt } for  pid=9900 comm="syz.1.1437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   88.964847][   T39] audit: type=1400 audit(1730816237.530:1906): avc:  denied  { mount } for  pid=9900 comm="syz.1.1437" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[   89.062880][ T9914] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1444'.
[   89.141157][   T39] audit: type=1400 audit(1730816237.710:1907): avc:  denied  { append } for  pid=9926 comm="syz.1.1449" name="pmem0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   89.411983][ T9949] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   89.577206][ T9954] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=28861 sclass=netlink_xfrm_socket pid=9954 comm=syz.1.1458
[   89.605267][ T9960] netlink: 'syz.4.1461': attribute type 39 has an invalid length.
[   89.617873][ T9960] syz.4.1461: attempt to access beyond end of device
[   89.617873][ T9960] loop4: rw=4096, sector=2, nr_sectors = 2 limit=0
[   89.621872][ T9960] EXT4-fs (loop4): unable to read superblock
[   89.693819][ T9983] netlink: 'syz.3.1469': attribute type 9 has an invalid length.
[   89.714611][ T9987] (unnamed net_device) (uninitialized): (slave veth0_to_bond): Device is not bonding slave
[   89.717741][ T9987] (unnamed net_device) (uninitialized): option active_slave: invalid value (veth0_to_bond)
[   89.720967][ T9988] (unnamed net_device) (uninitialized): (slave veth0_to_bond): Device is not bonding slave
[   89.727010][ T9988] (unnamed net_device) (uninitialized): option active_slave: invalid value (veth0_to_bond)
[   89.756527][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   89.957899][T10009] xt_CT: You must specify a L4 protocol and not use inversions on it
[   89.981559][T10023] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=10023 comm=syz.3.1482
[   89.997581][T10023] bridge0: port 3(syz_tun) entered blocking state
[   89.999482][T10023] bridge0: port 3(syz_tun) entered disabled state
[   90.001362][T10023] syz_tun: entered allmulticast mode
[   90.004878][T10023] syz_tun: entered promiscuous mode
[   90.120797][T10030] xt_hashlimit: size too large, truncated to 1048576
[   90.241940][T10054] netlink: 'syz.1.1493': attribute type 1 has an invalid length.
[   90.256139][T10054] 8021q: adding VLAN 0 to HW filter on device bond6
[   90.628291][   T25] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[   90.781897][   T25] usb 6-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=56.a0
[   90.781917][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.781928][   T25] usb 6-1: Product: syz
[   90.781936][   T25] usb 6-1: Manufacturer: syz
[   90.781946][   T25] usb 6-1: SerialNumber: syz
[   90.784790][   T25] usb 6-1: config 0 descriptor??
[   90.791205][   T25] ums_eneub6250 6-1:0.0: USB Mass Storage device detected
[   90.904122][T10125] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   90.904156][T10125] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   90.905418][T10125] vhci_hcd vhci_hcd.0: Device attached
[   90.912602][T10127] netlink: 'syz.0.1519': attribute type 1 has an invalid length.
[   90.917171][T10128] vhci_hcd: connection closed
[   90.920559][ T7843] vhci_hcd: stop threads
[   90.921467][T10127] 8021q: adding VLAN 0 to HW filter on device bond9
[   90.923239][ T7843] vhci_hcd: release socket
[   90.929216][ T7843] vhci_hcd: disconnect device
[   91.023842][ T5987] usb 6-1: USB disconnect, device number 12
[   91.072272][T10150] netlink: 'syz.3.1527': attribute type 9 has an invalid length.
[   91.086060][T10155] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   91.092364][T10155] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   91.101893][T10155] ubi0: attaching mtd0
[   91.105542][T10155] ubi0: scanning is finished
[   91.110182][T10155] ubi0: empty MTD device detected
[   91.176834][T10155] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   91.179092][T10155] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   91.180957][T10155] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   91.183112][T10155] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   91.185207][T10155] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   91.189621][T10155] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   91.192327][T10155] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3829363340
[   91.194903][T10155] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   91.199248][T10170] ubi0: background thread "ubi_bgt0d" started, PID 10170
[   91.199377][T10172] Illegal XDP return value 4294967274 on prog  (id 88) dev syz_tun, expect packet loss!
[   92.196489][T10209] 9pnet_fd: Insufficient options for proto=fd
[   92.221297][T10217] netlink: 'syz.1.1551': attribute type 9 has an invalid length.
[   92.356228][   T39] kauditd_printk_skb: 25 callbacks suppressed
[   92.356239][   T39] audit: type=1400 audit(1730816240.920:1933): avc:  denied  { accept } for  pid=10226 comm="syz.1.1556" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   92.421623][ T5940] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   92.422849][ T5940] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   92.423791][ T5940] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   92.424882][ T5940] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   92.426502][ T5940] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   92.426713][ T5940] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   92.521487][T10250] binder: 10247:10250 ioctl c0306201 200002c0 returned -14
[   92.542126][T10237] chnl_net:caif_netlink_parms(): no params data found
[   92.546347][T10256] netlink: 'syz.4.1565': attribute type 9 has an invalid length.
[   92.563615][T10257] C: renamed from team_slave_0
[   92.572641][T10257] C: entered allmulticast mode
[   92.574358][T10257] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   92.582393][   T39] audit: type=1400 audit(1730816241.150:1934): avc:  denied  { write } for  pid=10258 comm="syz.4.1567" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   92.617671][T10237] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.619737][T10237] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.622063][T10237] bridge_slave_0: entered allmulticast mode
[   92.624780][T10237] bridge_slave_0: entered promiscuous mode
[   92.628560][T10237] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.630577][T10237] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.632641][T10237] bridge_slave_1: entered allmulticast mode
[   92.634782][T10237] bridge_slave_1: entered promiscuous mode
[   92.663448][T10237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.668458][T10237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.694492][T10277] __nla_validate_parse: 28 callbacks suppressed
[   92.694507][T10277] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1572'.
[   92.696319][T10237] team0: Port device team_slave_0 added
[   92.699953][T10277] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1572'.
[   92.702930][T10237] team0: Port device team_slave_1 added
[   92.703968][T10277] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1572'.
[   92.725731][T10237] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.728136][T10237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.735105][T10237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.752175][T10237] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.754236][T10237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.762069][T10237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.789314][T10237] hsr_slave_0: entered promiscuous mode
[   92.791249][T10237] hsr_slave_1: entered promiscuous mode
[   92.793131][T10237] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.795121][T10237] Cannot create hsr debugfs directory
[   92.816117][T10283] netlink: 'syz.3.1575': attribute type 1 has an invalid length.
[   92.826108][T10283] 8021q: adding VLAN 0 to HW filter on device bond13
[   93.243875][T10237] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.248506][T10237] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.252424][T10237] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.257299][T10237] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.319792][T10237] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.339258][T10237] 8021q: adding VLAN 0 to HW filter on device team0
[   93.343875][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.345918][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.352909][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.354853][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.442214][T10237] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.461558][T10237] veth0_vlan: entered promiscuous mode
[   93.465850][T10334] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1586'.
[   93.465940][T10237] veth1_vlan: entered promiscuous mode
[   93.480361][T10237] veth0_macvtap: entered promiscuous mode
[   93.483780][T10237] veth1_macvtap: entered promiscuous mode
[   93.493165][T10237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.496198][T10237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.497803][T10237] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.503953][T10237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   93.503968][T10237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.504522][T10237] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.507591][T10237] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.507657][T10237] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.507681][T10237] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.507713][T10237] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.541576][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.544027][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.565392][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.567984][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.581833][T10340] netlink: 'syz.3.1588': attribute type 1 has an invalid length.
[   93.593767][T10340] 8021q: adding VLAN 0 to HW filter on device bond14
[   93.641787][T10345] loop2: detected capacity change from 0 to 7
[   93.649054][T10345] Dev loop2: unable to read RDB block 7
[   93.650617][T10345]  loop2: unable to read partition table
[   93.652320][T10345] loop2: partition table beyond EOD, truncated
[   93.654526][T10345] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   93.665427][T10345] mkiss: ax0: crc mode is auto.
[   93.963982][T10358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1594'.
[   94.044155][T10362] syz.0.1596: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   94.050399][T10362] CPU: 3 UID: 0 PID: 10362 Comm: syz.0.1596 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[   94.054260][T10362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.058188][T10362] Call Trace:
[   94.059369][T10362]  <TASK>
[   94.060344][T10362]  dump_stack_lvl+0x16c/0x1f0
[   94.061649][T10362]  warn_alloc+0x24d/0x3a0
[   94.062784][T10362]  ? __pfx_warn_alloc+0x10/0x10
[   94.065102][T10362]  ? __pfx_stack_trace_save+0x10/0x10
[   94.066991][T10362]  ? kasan_save_stack+0x42/0x60
[   94.069000][T10362]  ? kasan_save_stack+0x33/0x60
[   94.070752][T10362]  ? kasan_save_track+0x14/0x30
[   94.072750][T10362]  ? __kasan_kmalloc+0xaa/0xb0
[   94.074478][T10362]  ? xskq_create+0x52/0x1d0
[   94.076053][T10362]  ? do_sock_setsockopt+0x222/0x480
[   94.077875][T10362]  ? __sys_setsockopt+0x1a4/0x270
[   94.079629][T10362]  ? __x64_sys_setsockopt+0xbd/0x160
[   94.081560][T10362]  __vmalloc_node_range_noprof+0x11a7/0x15a0
[   94.083810][T10362]  ? xskq_create+0xfb/0x1d0
[   94.085540][T10362]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   94.087259][T10362]  ? xskq_create+0xfb/0x1d0
[   94.088489][T10362]  vmalloc_user_noprof+0x6b/0x90
[   94.089763][T10362]  ? xskq_create+0xfb/0x1d0
[   94.090970][T10362]  xskq_create+0xfb/0x1d0
[   94.092193][T10362]  xsk_setsockopt+0x757/0xa10
[   94.093471][T10362]  ? __pfx_xsk_setsockopt+0x10/0x10
[   94.094880][T10362]  ? selinux_socket_setsockopt+0x6a/0x80
[   94.096324][T10362]  ? __pfx_xsk_setsockopt+0x10/0x10
[   94.097661][T10362]  do_sock_setsockopt+0x222/0x480
[   94.098923][T10362]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   94.100274][T10362]  ? fdget+0x176/0x210
[   94.101303][T10362]  __sys_setsockopt+0x1a4/0x270
[   94.102502][T10362]  ? __pfx___sys_setsockopt+0x10/0x10
[   94.103809][T10362]  ? __pfx___x64_sys_futex+0x10/0x10
[   94.105108][T10362]  ? selinux_file_ioctl+0xb4/0x270
[   94.106364][T10362]  __x64_sys_setsockopt+0xbd/0x160
[   94.107856][T10362]  ? do_syscall_64+0x91/0x250
[   94.109065][T10362]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.110353][T10362]  do_syscall_64+0xcd/0x250
[   94.111467][T10362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.112918][T10362] RIP: 0033:0x7fe3f9b7e719
[   94.114019][T10362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.118717][T10362] RSP: 002b:00007fe3faa31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   94.120873][T10362] RAX: ffffffffffffffda RBX: 00007fe3f9d35f80 RCX: 00007fe3f9b7e719
[   94.122814][T10362] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[   94.125146][T10362] RBP: 00007fe3f9bf139e R08: 0000000000000020 R09: 0000000000000000
[   94.127591][T10362] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[   94.129934][T10362] R13: 0000000000000000 R14: 00007fe3f9d35f80 R15: 00007fff5f5fd1c8
[   94.131991][T10362]  </TASK>
[   94.133751][T10362] Mem-Info:
[   94.134583][T10362] active_anon:5489 inactive_anon:0 isolated_anon:0
[   94.134583][T10362]  active_file:6690 inactive_file:48677 isolated_file:0
[   94.134583][T10362]  unevictable:1768 dirty:245 writeback:0
[   94.134583][T10362]  slab_reclaimable:11677 slab_unreclaimable:78028
[   94.134583][T10362]  mapped:18208 shmem:2436 pagetables:725
[   94.134583][T10362]  sec_pagetables:311 bounce:0
[   94.134583][T10362]  kernel_misc_reclaimable:0
[   94.134583][T10362]  free:461306 free_pcp:6725 free_cma:0
[   94.145921][T10362] Node 0 active_anon:21956kB inactive_anon:0kB active_file:26760kB inactive_file:194632kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:72832kB dirty:972kB writeback:0kB shmem:6208kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:14480kB pagetables:2900kB sec_pagetables:1244kB all_unreclaimable? no
[   94.155355][T10362] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[   94.164863][T10362] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   94.173076][T10362] lowmem_reserve[]: 0 1214 0 0 0
[   94.174684][T10362] Node 0 DMA32 free:257412kB boost:0kB min:27636kB low:34544kB high:41452kB reserved_highatomic:0KB active_anon:21956kB inactive_anon:0kB active_file:26760kB inactive_file:194632kB unevictable:3536kB writepending:972kB present:2080628kB managed:1272192kB mlocked:0kB bounce:0kB free_pcp:9384kB local_pcp:2164kB free_cma:0kB
[   94.184001][T10362] lowmem_reserve[]: 0 0 0 0 0
[   94.185612][T10362] Node 1 Normal free:1572452kB boost:0kB min:39600kB low:49500kB high:59400kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB writepending:8kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:17588kB local_pcp:4268kB free_cma:0kB
[   94.194223][T10362] lowmem_reserve[]: 0 0 0 0 0
[   94.195431][T10362] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   94.198875][T10362] Node 0 DMA32: 125*4kB (UM) 325*8kB (UME) 329*16kB (UME) 127*32kB (M) 83*64kB (UME) 79*128kB (UME) 54*256kB (UME) 33*512kB (UME) 42*1024kB (UM) 12*2048kB (UM) 32*4096kB (UM) = 257228kB
[   94.205122][T10362] Node 1 Normal: 5*4kB (UE) 129*8kB (UE) 83*16kB (UE) 65*32kB (UME) 16*64kB (UE) 6*128kB (UME) 0*256kB 7*512kB (UME) 2*1024kB (UE) 2*2048kB (UM) 380*4096kB (UM) = 1572460kB
[   94.210291][T10362] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   94.213377][T10362] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   94.216345][T10362] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   94.219369][T10362] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   94.222583][T10362] 57803 total pagecache pages
[   94.224197][T10362] 0 pages in swap cache
[   94.225702][T10362] Free swap  = 123944kB
[   94.227059][T10362] Total swap = 124996kB
[   94.228378][T10362] 1048443 pages RAM
[   94.229613][T10362] 0 pages HighMem/MovableOnly
[   94.231024][T10362] 281074 pages reserved
[   94.232253][T10362] 0 pages cma reserved
[   94.379843][T10377] netlink: 'syz.0.1601': attribute type 9 has an invalid length.
[   94.382791][T10377] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.1601'.
[   94.476713][ T5940] Bluetooth: hci2: command tx timeout
[   94.550657][T10402] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1610'.
[   94.553243][T10402] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1610'.
[   94.555685][T10402] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1610'.
[   94.615798][   T39] audit: type=1400 audit(1730816243.180:1935): avc:  denied  { read } for  pid=10406 comm="syz.0.1612" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   94.630594][   T39] audit: type=1400 audit(1730816243.180:1936): avc:  denied  { open } for  pid=10406 comm="syz.0.1612" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   94.646659][ T5293] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[   94.652396][T10409] netlink: 'syz.3.1609': attribute type 16 has an invalid length.
[   94.678413][T10407] sd 0:0:0:0: PR command failed: 1026
[   94.680205][T10407] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[   94.681948][T10407] sd 0:0:0:0: Add. Sense: Invalid command operation code
[   94.684443][   T39] audit: type=1400 audit(1730816243.250:1937): avc:  denied  { getopt } for  pid=10406 comm="syz.0.1612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   94.696303][T10410] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.702739][T10410] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.796584][ T5293] usb 6-1: Using ep0 maxpacket: 16
[   94.809690][ T5293] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[   94.812010][ T5293] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[   94.814059][ T5293] usb 6-1: Product: syz
[   94.815118][ T5293] usb 6-1: Manufacturer: syz
[   94.816617][ T5293] usb 6-1: SerialNumber: syz
[   94.818730][ T5293] usb 6-1: config 0 descriptor??
[   94.910337][   T39] audit: type=1400 audit(1730816243.480:1938): avc:  denied  { connect } for  pid=10417 comm="syz.3.1615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   94.936818][ T1485] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   95.027447][ T5983] usb 6-1: USB disconnect, device number 13
[   95.096557][ T1485] usb 5-1: Using ep0 maxpacket: 16
[   95.102136][ T1485] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   95.105321][ T1485] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.109388][ T1485] usb 5-1: Product: syz
[   95.111290][ T1485] usb 5-1: Manufacturer: syz
[   95.113012][ T1485] usb 5-1: SerialNumber: syz
[   95.119708][ T1485] r8152-cfgselector 5-1: Unknown version 0x0000
[   95.122189][ T1485] r8152-cfgselector 5-1: config 0 descriptor??
[   95.206564][ T5293] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   95.356565][ T5293] usb 8-1: Using ep0 maxpacket: 8
[   95.362199][ T5293] usb 8-1: config 0 has no interfaces?
[   95.363574][ T5293] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   95.365978][ T5293] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.369435][ T5293] usb 8-1: config 0 descriptor??
[   95.568709][T10423] netlink: 'syz.1.1616': attribute type 9 has an invalid length.
[   95.571015][T10423] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.1616'.
[   95.574677][   T39] audit: type=1400 audit(1730816244.140:1939): avc:  denied  { write } for  pid=10417 comm="syz.3.1615" path="socket:[30547]" dev="sockfs" ino=30547 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   95.660314][ T5983] usb 8-1: USB disconnect, device number 6
[   95.747509][T10447] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   95.790612][T10453] netlink: 'syz.1.1627': attribute type 1 has an invalid length.
[   95.800510][T10453] 8021q: adding VLAN 0 to HW filter on device bond7
[   95.825978][T10456] netlink: 'syz.4.1629': attribute type 9 has an invalid length.
[   96.131351][T10493] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[   96.133934][T10493] overlayfs: missing 'lowerdir'
[   96.377682][T10515] netlink: 'syz.3.1654': attribute type 9 has an invalid length.
[   96.477669][   T39] audit: type=1400 audit(1730816245.050:1940): avc:  denied  { connect } for  pid=10526 comm="syz.3.1658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   96.525650][   T39] audit: type=1400 audit(1730816245.090:1941): avc:  denied  { create } for  pid=10530 comm="syz.3.1660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   96.556607][ T5940] Bluetooth: hci2: command tx timeout
[   96.643797][T10540] cifs: Unknown parameter 'Ü[—Íñ¦bšÿÿÿITäŒ&¬æ:ÅèÙ"‚Õë�ï1:ºÃÃÓ­'Ä4,�Zz-#FÇ<æõ]%gCžÊ
[   96.643797][T10540] SÃȘØÈžZ§6ŸÂ'
[   96.915939][   T39] audit: type=1400 audit(1730816245.480:1942): avc:  denied  { mount } for  pid=10568 comm="syz.1.1674" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   96.947896][T10571] 8021q: adding VLAN 0 to HW filter on device bond15
[   96.983519][T10576] loop7: detected capacity change from 0 to 16384
[   97.161121][T10587] binder: 10586:10587 ioctl 400c620e 20000140 returned -22
[   97.219044][T10584] loop7: detected capacity change from 16384 to 0
[   97.339037][ T5940] Bluetooth: Frame is too long (len 12, expected len 10)
[   97.353323][ T5940] Bluetooth: Unexpected continuation frame (len 18)
[   97.553203][T10609] bond0: entered promiscuous mode
[   97.554523][T10609] bond_slave_0: entered promiscuous mode
[   97.556071][T10609] bond_slave_1: entered promiscuous mode
[   97.607069][T10615] validate_nla: 3 callbacks suppressed
[   97.607082][T10615] netlink: 'syz.4.1692': attribute type 1 has an invalid length.
[   97.627041][T10615] 8021q: adding VLAN 0 to HW filter on device bond1
[   97.631637][ T1485] r8152-cfgselector 5-1: Unknown version 0x0000
[   97.633505][ T1485] r8152-cfgselector 5-1: bad CDC descriptors
[   97.643389][ T1485] r8152-cfgselector 5-1: USB disconnect, device number 5
[   97.653971][T10615] bond1: (slave ip6gretap1): making interface the new active one
[   97.659915][T10615] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[   97.720864][T10624] __nla_validate_parse: 24 callbacks suppressed
[   97.720882][T10624] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1695'.
[   97.726604][T10624] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1695'.
[   97.729851][T10624] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1695'.
[   97.981761][T10652] netlink: 'syz.4.1705': attribute type 9 has an invalid length.
[   97.983762][T10652] netlink: 134660 bytes leftover after parsing attributes in process `syz.4.1705'.
[   98.021057][T10658] netlink: 'syz.0.1708': attribute type 2 has an invalid length.
[   98.029638][T10658] vlan2: entered allmulticast mode
[   98.031658][T10658] bond0: entered allmulticast mode
[   98.033181][T10658] bond_slave_0: entered allmulticast mode
[   98.035469][T10658] bond_slave_1: entered allmulticast mode
[   98.040094][T10658] bond0: left allmulticast mode
[   98.041617][T10658] bond_slave_0: left allmulticast mode
[   98.043117][T10658] bond_slave_1: left allmulticast mode
[   98.060780][   T39] kauditd_printk_skb: 1 callbacks suppressed
[   98.060797][   T39] audit: type=1400 audit(1730816246.630:1944): avc:  denied  { shutdown } for  pid=10655 comm="syz.4.1707" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   98.082014][T10665] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1711'.
[   98.084424][T10665] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1711'.
[   98.087461][T10665] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1711'.
[   98.182061][T10678] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1717'.
[   98.184872][T10678] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1717'.
[   98.209794][T10684] netlink: 'syz.0.1720': attribute type 9 has an invalid length.
[   98.213750][T10684] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.1720'.
[   98.314467][T10700] netlink: 'syz.4.1728': attribute type 1 has an invalid length.
[   98.342524][T10700] 8021q: adding VLAN 0 to HW filter on device bond2
[   98.397548][   T39] audit: type=1326 audit(1730816246.970:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10716 comm="syz.4.1732" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f20c737e719 code=0x7fc00000
[   98.454239][T10730] Malformed UNC in devname
[   98.454239][T10730] 
[   98.456234][T10730] CIFS: VFS: Malformed UNC in devname
[   98.459484][T10731] Malformed UNC in devname
[   98.459484][T10731] 
[   98.461547][T10731] CIFS: VFS: Malformed UNC in devname
[   98.552217][   T39] audit: type=1326 audit(1730816247.120:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.3.1744" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c237e719 code=0x7ffc0000
[   98.556702][    C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   98.559878][   T39] audit: type=1326 audit(1730816247.120:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.3.1744" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c237e719 code=0x7ffc0000
[   98.575648][   T39] audit: type=1326 audit(1730816247.120:1948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.3.1744" exe="/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f85c237e719 code=0x7ffc0000
[   98.586487][   T39] audit: type=1326 audit(1730816247.120:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.3.1744" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c237e719 code=0x7ffc0000
[   98.602649][   T39] audit: type=1326 audit(1730816247.120:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.3.1744" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c237e719 code=0x7ffc0000
[   98.610622][   T39] audit: type=1326 audit(1730816247.120:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.3.1744" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f85c237e719 code=0x7ffc0000
[   98.625304][   T39] audit: type=1326 audit(1730816247.120:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.3.1744" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c237e719 code=0x7ffc0000
[   98.632688][   T39] audit: type=1326 audit(1730816247.120:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz.3.1744" exe="/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f85c237e719 code=0x7ffc0000
[   98.636648][ T5940] Bluetooth: hci2: command tx timeout
[   98.756548][T10787] tipc: Started in network mode
[   98.758614][T10787] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[   98.760829][T10787] tipc: Enabled bearer <eth:vlan0>, priority 10
[   98.817597][T10795] overlayfs: conflicting lowerdir path
[   98.853906][T10807] netlink: 'syz.1.1764': attribute type 2 has an invalid length.
[   98.867088][T10807] : entered promiscuous mode
[   98.947312][T10819] tipc: Enabled bearer <eth:vlan0>, priority 10
[   98.987427][T10833] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[   99.202735][ T5940] Bluetooth: hci2: Malformed LE Event: 0x1d
[   99.203718][T10881] tmpfs: Bad value for 'mpol'
[   99.297045][T10906] netlink: 'syz.1.1801': attribute type 1 has an invalid length.
[   99.316067][T10906] 8021q: adding VLAN 0 to HW filter on device bond8
[   99.366815][ T5940] Bluetooth: hci3: command tx timeout
[   99.549585][T10949] netlink: 'syz.4.1817': attribute type 1 has an invalid length.
[   99.562723][T10949] 8021q: adding VLAN 0 to HW filter on device bond3
[   99.887469][   T25] tipc: Node number set to 10005162
[   99.893616][T11002] netlink: 'syz.0.1835': attribute type 1 has an invalid length.
[   99.911651][T11002] 8021q: adding VLAN 0 to HW filter on device bond1
[   99.920359][T11002] bond1: (slave ip6gretap1): making interface the new active one
[   99.922925][T11002] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[   99.960360][T11007] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   99.966365][T11007] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  100.251821][ T1485] IPVS: starting estimator thread 0...
[  100.337761][T11038] IPVS: using max 34 ests per chain, 81600 per kthread
[  100.716660][ T5940] Bluetooth: hci2: command tx timeout
[  100.752712][T11062] netlink: 'syz.0.1858': attribute type 1 has an invalid length.
[  100.783453][T11062] 8021q: adding VLAN 0 to HW filter on device bond2
[  101.040109][ T5940] Bluetooth: hci0: command tx timeout
[  101.089526][T11074] bond0: entered promiscuous mode
[  101.091216][T11074] bond_slave_0: entered promiscuous mode
[  101.093406][T11074] bond_slave_1: entered promiscuous mode
[  101.208813][T11084] rtc_cmos 00:05: Alarms can be up to one day in the future
[  101.216064][T11084] rtc_cmos 00:05: Alarms can be up to one day in the future
[  101.298172][T11092] IPVS: Error connecting to the multicast addr
[  101.717476][ T5293] rtc_cmos 00:05: Alarms can be up to one day in the future
[  101.720727][ T5293] rtc_cmos 00:05: Alarms can be up to one day in the future
[  101.723911][ T5293] rtc_cmos 00:05: Alarms can be up to one day in the future
[  101.731103][ T5293] rtc_cmos 00:05: Alarms can be up to one day in the future
[  101.733451][ T5293] rtc rtc0: __rtc_set_alarm: err=-22
[  101.899093][T11193] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.902368][T11193] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.905149][T11193] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.909374][T11193] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.912477][T11193] geneve2: entered promiscuous mode
[  101.913869][T11193] geneve2: entered allmulticast mode
[  101.918136][T11193] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  101.920613][T11193] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  101.922856][T11193] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  101.925364][T11193] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.191376][T11228] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.195622][T11228] batadv_slave_0: entered promiscuous mode
[  102.200432][T11228] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.318834][T11240] 8021q: adding VLAN 0 to HW filter on device bond4
[  102.730813][T11290] validate_nla: 3 callbacks suppressed
[  102.730837][T11290] netlink: 'syz.1.1941': attribute type 1 has an invalid length.
[  102.752615][T11290] 8021q: adding VLAN 0 to HW filter on device bond10
[  102.874471][T11307] af_packet: tpacket_rcv: packet too big, clamped from 74 to 4294967286. macoff=82
[  102.934762][T11314] __nla_validate_parse: 117 callbacks suppressed
[  102.934774][T11314] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1949'.
[  102.983454][T11311] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1948'.
[  103.069223][T11330] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1953'.
[  103.072243][T11330] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1953'.
[  103.075325][T11330] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1953'.
[  103.106071][T11334] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  103.242910][T11348] netlink: 'syz.0.1960': attribute type 1 has an invalid length.
[  103.255483][T11348] 8021q: adding VLAN 0 to HW filter on device bond3
[  103.335297][T11371] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1968'.
[  103.338335][T11371] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1968'.
[  103.341449][T11371] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1968'.
[  103.381414][T11380] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1971'.
[  103.384577][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1971'.
[  103.508499][T11377] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input12
[  103.672303][T11405] lo speed is unknown, defaulting to 1000
[  103.681224][T11405] lo speed is unknown, defaulting to 1000
[  103.683015][T11405] lo speed is unknown, defaulting to 1000
[  103.735216][T11405] infiniband syz1: set active
[  103.738316][ T1485] lo speed is unknown, defaulting to 1000
[  103.739114][T11405] infiniband syz1: added lo
[  103.763568][T11405] RDS/IB: syz1: added
[  103.765344][T11405] smc: adding ib device syz1 with port count 1
[  103.768426][ T5940] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  103.770609][T11405] smc:    ib device syz1 port 1 has pnetid 
[  103.771800][ T5940] Bluetooth: hci3: Injecting HCI hardware error event
[  103.775278][ T1485] lo speed is unknown, defaulting to 1000
[  103.776900][ T5950] Bluetooth: hci3: hardware error 0x00
[  103.779095][T11405] lo speed is unknown, defaulting to 1000
[  103.844852][T11405] lo speed is unknown, defaulting to 1000
[  103.883980][T11405] lo speed is unknown, defaulting to 1000
[  103.921763][T11405] lo speed is unknown, defaulting to 1000
[  103.928006][   T39] kauditd_printk_skb: 72 callbacks suppressed
[  103.928015][   T39] audit: type=1400 audit(1730816252.500:2026): avc:  denied  { read } for  pid=11434 comm="syz.4.1988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  103.940373][   T39] audit: type=1400 audit(1730816252.510:2027): avc:  denied  { connect } for  pid=11434 comm="syz.4.1988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  103.960546][T11405] lo speed is unknown, defaulting to 1000
[  103.996825][T11405] lo speed is unknown, defaulting to 1000
[  104.243180][   T39] audit: type=1400 audit(1730816252.810:2028): avc:  denied  { append } for  pid=11494 comm="syz.3.2006" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  104.253295][T11495] ip6t_srh: unknown srh match flags  4000
[  104.492659][   T39] audit: type=1400 audit(1730816253.060:2029): avc:  denied  { ioctl } for  pid=11536 comm="syz.4.2023" path="/dev/uhid" dev="devtmpfs" ino=1296 ioctlcmd=0x943e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  104.601455][T11545] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  104.924157][T11583] netlink: 'syz.3.2039': attribute type 1 has an invalid length.
[  104.934181][T11583] 8021q: adding VLAN 0 to HW filter on device bond16
[  105.209714][   T39] audit: type=1400 audit(1730816253.780:2030): avc:  denied  { mounton } for  pid=11609 comm="syz.3.2050" path="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  105.357674][ T6516] syz_tun (unregistering): left allmulticast mode
[  105.359524][ T6516] syz_tun (unregistering): left promiscuous mode
[  105.361304][ T6516] bridge0: port 3(syz_tun) entered disabled state
[  105.414512][   T39] audit: type=1400 audit(1730816253.980:2031): avc:  denied  { accept } for  pid=11628 comm="syz.4.2058" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  105.479471][T11635] netlink: 'syz.1.2061': attribute type 1 has an invalid length.
[  105.490067][T11635] 8021q: adding VLAN 0 to HW filter on device bond11
[  105.615653][ T5298] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  105.619982][ T5298] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  105.623116][ T5298] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  105.626347][ T5298] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  105.632649][ T5298] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  105.635512][ T5298] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  105.663568][T11643] lo speed is unknown, defaulting to 1000
[  105.781549][ T7845] bond0: (slave netdevsim0): Releasing backup interface
[  105.834188][T11643] chnl_net:caif_netlink_parms(): no params data found
[  105.846740][ T5950] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  105.900926][   T39] audit: type=1400 audit(1730816254.470:2032): avc:  denied  { create } for  pid=11676 comm="syz.1.2074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  105.910266][   T39] audit: type=1400 audit(1730816254.480:2033): avc:  denied  { write } for  pid=11676 comm="syz.1.2074" path="socket:[37004]" dev="sockfs" ino=37004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  105.917305][   T39] audit: type=1400 audit(1730816254.480:2034): avc:  denied  { nlmsg_read } for  pid=11676 comm="syz.1.2074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  105.947175][ T5982] hid (null): unknown global tag 0xd
[  105.949642][ T5982] hid (null): bogus close delimiter
[  105.951252][ T5982] hid (null): report_id 950 is invalid
[  105.958619][ T5982] hid-generic 0000:0004:FFFF.0003: unknown global tag 0xd
[  105.959339][T11643] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.961170][ T5982] hid-generic 0000:0004:FFFF.0003: item 0 1 1 13 parsing failed
[  105.963577][T11643] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.966801][ T5982] hid-generic 0000:0004:FFFF.0003: probe with driver hid-generic failed with error -22
[  105.970912][T11643] bridge_slave_0: entered allmulticast mode
[  105.973592][T11643] bridge_slave_0: entered promiscuous mode
[  105.979429][T11683] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  105.984154][T11643] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.988086][T11684] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  105.993145][T11643] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.996107][T11643] bridge_slave_1: entered allmulticast mode
[  106.002766][T11643] bridge_slave_1: entered promiscuous mode
[  106.047626][T11691] netlink: 'syz.1.2077': attribute type 1 has an invalid length.
[  106.061233][T11691] 8021q: adding VLAN 0 to HW filter on device bond12
[  106.082742][T11643] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.088569][ T7845] bridge_slave_1: left allmulticast mode
[  106.090277][ T7845] bridge_slave_1: left promiscuous mode
[  106.093213][ T7845] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.100655][ T7845] bridge_slave_0: left allmulticast mode
[  106.102338][ T7845] bridge_slave_0: left promiscuous mode
[  106.104283][ T7845] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.155838][ T7845] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[  106.398309][ T7845] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  106.402828][ T7845] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  106.405850][ T7845] bond0 (unregistering): Released all slaves
[  106.504524][ T7845] bond1 (unregistering): Released all slaves
[  106.601035][T11405] syz.0.1979 (11405) used greatest stack depth: 21120 bytes left
[  106.602642][ T7845] bond2 (unregistering): Released all slaves
[  106.735973][ T7845] bond3 (unregistering): Released all slaves
[  106.863341][ T7845] bond4 (unregistering): Released all slaves
[  106.877003][    C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  106.980842][ T7845] bond5 (unregistering): Released all slaves
[  107.068839][ T7845] bond6 (unregistering): Released all slaves
[  107.155153][ T7845] bond7 (unregistering): Released all slaves
[  107.236373][ T7845] bond8 (unregistering): Released all slaves
[  107.321798][ T7845] bond9 (unregistering): Released all slaves
[  107.399080][ T7845] bond10 (unregistering): Released all slaves
[  107.476093][ T7845] bond11 (unregistering): Released all slaves
[  107.556865][ T7845] bond12 (unregistering): Released all slaves
[  107.651722][ T7845] bond13 (unregistering): Released all slaves
[  107.678369][ T5950] Bluetooth: hci0: command tx timeout
[  107.750124][ T7845] bond14 (unregistering): Released all slaves
[  107.820580][ T7845] bond15 (unregistering): Released all slaves
[  107.899676][ T7845] bond16 (unregistering): Released all slaves
[  107.907502][T11643] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.962638][T11721] __nla_validate_parse: 30 callbacks suppressed
[  107.962650][T11721] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2088'.
[  107.967164][T11721] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2088'.
[  107.970396][T11721] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2088'.
[  107.992267][T11643] team0: Port device team_slave_0 added
[  107.996272][T11643] team0: Port device team_slave_1 added
[  108.044625][ T7845] tipc: Disabling bearer <eth:vlan0>
[  108.067044][ T7845] tipc: Left network mode
[  108.067147][T11733] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2092'.
[  108.107053][T11643] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.109077][T11643] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.115544][T11643] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.150674][T11742] netlink: 304 bytes leftover after parsing attributes in process `syz.0.2095'.
[  108.224801][T11643] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.228493][T11643] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.246591][T11643] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.341698][T11643] hsr_slave_0: entered promiscuous mode
[  108.367775][T11643] hsr_slave_1: entered promiscuous mode
[  108.370982][T11643] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  108.373110][T11643] Cannot create hsr debugfs directory
[  108.428304][T11775] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2105'.
[  108.430706][T11775] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2105'.
[  108.433068][T11775] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2105'.
[  108.447136][T11777] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2106'.
[  108.516491][   T39] audit: type=1400 audit(1730816257.080:2035): avc:  denied  { write } for  pid=11754 comm="syz.4.2100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  108.551333][T11786] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2109'.
[  108.554316][T11755] netlink: 'syz.4.2100': attribute type 10 has an invalid length.
[  108.568754][T11755] team0: Device hsr_slave_1 failed to register rx_handler
[  108.582144][ T7845] hsr_slave_0: left promiscuous mode
[  108.585385][ T7845] hsr_slave_1: left promiscuous mode
[  108.598039][ T7845] batman_adv: batadv0: Removing interface: batadv_slave_0
[  108.601033][ T7845] batman_adv: batadv0: Removing interface: batadv_slave_1
[  108.604817][ T7845] veth0_vlan: left allmulticast mode
[  109.756613][ T5950] Bluetooth: hci0: command tx timeout
[  110.069020][T11643] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  110.082063][T11643] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  110.096040][T11643] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  110.113227][T11643] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  110.189356][T11643] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.211633][T11643] 8021q: adding VLAN 0 to HW filter on device team0
[  110.215623][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.217553][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.223446][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.225294][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.285835][T11643] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  110.300052][T11851] xt_hashlimit: overflow, try lower: 3/0
[  110.407539][ T7845] IPVS: stop unused estimator thread 0...
[  110.425709][T11643] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.542070][T11894] netlink: 'syz.4.2140': attribute type 1 has an invalid length.
[  110.571921][T11894] 8021q: adding VLAN 0 to HW filter on device bond5
[  110.610649][T11643] veth0_vlan: entered promiscuous mode
[  110.615676][T11643] veth1_vlan: entered promiscuous mode
[  110.652450][T11643] veth0_macvtap: entered promiscuous mode
[  110.657245][T11643] veth1_macvtap: entered promiscuous mode
[  110.668267][T11643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.671587][T11643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.676305][T11643] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.687341][T11643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.690196][T11643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.697632][T11643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.701437][T11643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.706306][T11643] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.712544][T11643] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.714951][T11643] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.717827][T11643] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.720120][T11643] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.754206][ T7842] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.777139][ T7842] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.788381][ T7842] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.790604][ T7842] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.935477][T11940] x_tables: (null)_tables: DNAT target: only valid in nat table, not syz0
[  111.052539][T11958] 9pnet_virtio: no channels available for device syz
[  111.058306][   T39] audit: type=1400 audit(1730816259.630:2036): avc:  denied  { sys_chroot } for  pid=11960 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  111.063974][   T39] audit: type=1400 audit(1730816259.630:2037): avc:  denied  { setgid } for  pid=11960 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  111.070130][   T39] audit: type=1400 audit(1730816259.630:2038): avc:  denied  { setrlimit } for  pid=11960 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  111.234184][T11991] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.237006][T11991] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.239268][T11991] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.241850][T11991] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.244178][T11991] geneve2: entered promiscuous mode
[  111.245616][T11991] geneve2: entered allmulticast mode
[  111.432495][T12025] netlink: 'syz.5.2175': attribute type 1 has an invalid length.
[  111.478279][T12031] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  111.560488][   T39] audit: type=1400 audit(1730816260.130:2039): avc:  denied  { ioctl } for  pid=12040 comm="syz.1.2181" path="socket:[39376]" dev="sockfs" ino=39376 ioctlcmd=0x6721 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  111.631653][T12054] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  111.635227][T12054] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.637253][T12054] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.648851][T12054] bridge0: entered allmulticast mode
[  111.672085][   T39] audit: type=1400 audit(1730816260.240:2040): avc:  denied  { create } for  pid=12053 comm="syz.0.2188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[  111.836708][ T5950] Bluetooth: hci0: command tx timeout
[  111.959573][T12083] netlink: 'syz.5.2198': attribute type 1 has an invalid length.
[  112.245188][T12117] FAULT_INJECTION: forcing a failure.
[  112.245188][T12117] name failslab, interval 1, probability 0, space 0, times 0
[  112.251849][T12117] CPU: 1 UID: 0 PID: 12117 Comm: syz.4.2209 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[  112.254659][T12117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.257833][T12117] Call Trace:
[  112.258753][T12117]  <TASK>
[  112.259570][T12117]  dump_stack_lvl+0x16c/0x1f0
[  112.260958][T12117]  should_fail_ex+0x497/0x5b0
[  112.262166][T12117]  ? fs_reclaim_acquire+0xae/0x150
[  112.263450][T12117]  should_failslab+0xc2/0x120
[  112.264888][T12117]  kmem_cache_alloc_node_noprof+0x71/0x310
[  112.266523][T12117]  ? __alloc_skb+0x2b1/0x380
[  112.268119][T12117]  __alloc_skb+0x2b1/0x380
[  112.269760][T12117]  ? __pfx___alloc_skb+0x10/0x10
[  112.271458][T12117]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  112.273332][T12117]  netlink_alloc_large_skb+0x69/0x130
[  112.274968][T12117]  netlink_sendmsg+0x689/0xd70
[  112.276406][T12117]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.277874][T12117]  ____sys_sendmsg+0xaaf/0xc90
[  112.279494][T12117]  ? copy_msghdr_from_user+0x10b/0x160
[  112.281051][T12117]  ? __pfx_____sys_sendmsg+0x10/0x10
[  112.282683][T12117]  ? __pfx___lock_acquire+0x10/0x10
[  112.284202][T12117]  ___sys_sendmsg+0x135/0x1e0
[  112.285466][T12117]  ? __pfx____sys_sendmsg+0x10/0x10
[  112.287502][T12117]  ? lock_acquire+0x2f/0xb0
[  112.289007][T12117]  ? __fget_files+0x40/0x3f0
[  112.290604][T12117]  ? fdget+0x176/0x210
[  112.291871][T12117]  __sys_sendmsg+0x117/0x1f0
[  112.293347][T12117]  ? __pfx___sys_sendmsg+0x10/0x10
[  112.294914][T12117]  ? __fget_files+0x244/0x3f0
[  112.296246][T12117]  do_syscall_64+0xcd/0x250
[  112.297519][T12117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.299230][T12117] RIP: 0033:0x7f20c737e719
[  112.300502][T12117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.306447][T12117] RSP: 002b:00007f20c8133038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.308796][T12117] RAX: ffffffffffffffda RBX: 00007f20c7535f80 RCX: 00007f20c737e719
[  112.311161][T12117] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  112.313426][T12117] RBP: 00007f20c8133090 R08: 0000000000000000 R09: 0000000000000000
[  112.316336][T12117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.318874][T12117] R13: 0000000000000000 R14: 00007f20c7535f80 R15: 00007fffa164c8c8
[  112.321497][T12117]  </TASK>
[  112.476230][T12140] xt_l2tp: invalid flags combination: 0
[  112.478733][   T39] audit: type=1400 audit(1730816261.050:2041): avc:  denied  { map } for  pid=12139 comm="syz.5.2219" path="socket:[37376]" dev="sockfs" ino=37376 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  112.500824][T12140] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.505853][T12145] netlink: 'syz.1.2222': attribute type 4 has an invalid length.
[  112.511191][T12140] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.513081][T12140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.561776][T12159] binder: Bad value for 'max'
[  112.561778][   T39] audit: type=1400 audit(1730816261.130:2042): avc:  denied  { mounton } for  pid=12158 comm="syz.5.2227" path="/30/file0" dev="tmpfs" ino=173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  112.583519][T12164] netlink: 'syz.1.2228': attribute type 29 has an invalid length.
[  112.651478][   T39] audit: type=1400 audit(1730816261.220:2043): avc:  denied  { bind } for  pid=12181 comm="syz.0.2235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  112.999039][ T5298] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  113.003279][ T5298] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  113.005924][ T5298] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  113.029298][ T5298] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  113.034725][ T5298] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  113.036532][   T39] audit: type=1400 audit(1730816261.600:2044): avc:  denied  { write } for  pid=12221 comm="syz.0.2247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  113.037980][ T5298] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  113.071608][T12227] lo speed is unknown, defaulting to 1000
[  113.186617][ T5983] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  113.186966][T12227] chnl_net:caif_netlink_parms(): no params data found
[  113.272504][T12227] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.274587][T12227] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.278971][T12227] bridge_slave_0: entered allmulticast mode
[  113.282092][T12227] bridge_slave_0: entered promiscuous mode
[  113.287428][T12227] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.289430][T12227] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.291488][T12227] bridge_slave_1: entered allmulticast mode
[  113.293990][T12227] bridge_slave_1: entered promiscuous mode
[  113.332240][T12227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.336611][ T5983] usb 9-1: Using ep0 maxpacket: 32
[  113.338317][T12227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  113.339835][ T5983] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  113.345521][ T5983] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  113.348847][ T5983] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  113.351417][ T5983] usb 9-1: Product: syz
[  113.352751][ T5983] usb 9-1: Manufacturer: syz
[  113.354514][ T5983] usb 9-1: SerialNumber: syz
[  113.358034][ T5983] usb 9-1: config 0 descriptor??
[  113.360214][T12220] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  113.393433][T12227] team0: Port device team_slave_0 added
[  113.401803][T12227] team0: Port device team_slave_1 added
[  113.446025][T12227] batman_adv: batadv0: Adding interface: batadv_slave_0
[  113.448265][T12227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.454669][T12227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  113.458465][T12227] batman_adv: batadv0: Adding interface: batadv_slave_1
[  113.460906][T12227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.468748][T12227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.530327][T12227] hsr_slave_0: entered promiscuous mode
[  113.534521][T12227] hsr_slave_1: entered promiscuous mode
[  113.537149][T12227] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  113.541075][T12227] Cannot create hsr debugfs directory
[  113.623251][ T5982] usb 9-1: USB disconnect, device number 2
[  113.643254][T12227] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.725121][T12227] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.827170][T12227] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.900648][T12227] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.916612][ T5298] Bluetooth: hci0: command tx timeout
[  113.918526][T12241] __nla_validate_parse: 25 callbacks suppressed
[  113.918535][T12241] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2251'.
[  113.954156][T12243] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2252'.
[  113.956589][T12243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2252'.
[  113.996254][T12227] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  114.004614][T12227] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  114.008891][T12227] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  114.011991][   T39] audit: type=1400 audit(1730816262.580:2045): avc:  denied  { ioctl } for  pid=12244 comm="syz.0.2253" path="socket:[40435]" dev="sockfs" ino=40435 ioctlcmd=0x540d scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  114.012296][T12227] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  114.042864][T12227] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.044839][T12227] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.046951][T12227] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.049027][T12227] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.075810][T12227] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.084758][ T7847] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.089500][ T7847] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.121258][T12227] 8021q: adding VLAN 0 to HW filter on device team0
[  114.128823][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.130676][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.136472][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.138475][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.281571][T12227] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.311515][T12260] xt_recent: Unsupported userspace flags (00000042)
[  114.333113][T12227] veth0_vlan: entered promiscuous mode
[  114.337820][T12227] veth1_vlan: entered promiscuous mode
[  114.376804][T12227] veth0_macvtap: entered promiscuous mode
[  114.385341][T12227] veth1_macvtap: entered promiscuous mode
[  114.395445][T12227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.398269][T12227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.400848][T12227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.403572][T12227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.407287][T12227] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.410548][T12227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.413176][T12227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.415591][T12227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.419185][T12227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.421669][T12227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.424216][T12227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.427971][T12227] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.434802][T12227] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.437649][T12227] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.439977][T12227] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.442323][T12227] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.478596][ T7847] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.480588][ T7847] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.499491][ T7845] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.501897][ T7845] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.602688][T12277] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2264'.
[  114.605077][T12277] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2264'.
[  114.741018][T12298] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2270'.
[  114.936532][ T5293] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  115.006561][   T57] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  115.096630][ T5293] usb 6-1: Using ep0 maxpacket: 32
[  115.099505][ T5293] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  115.104129][ T5293] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  115.106386][ T5293] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  115.108693][ T5293] usb 6-1: Product: syz
[  115.109823][ T5293] usb 6-1: Manufacturer: syz
[  115.111078][ T5293] usb 6-1: SerialNumber: syz
[  115.113590][ T5293] usb 6-1: config 0 descriptor??
[  115.115617][T12290] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  115.126781][ T5298] Bluetooth: hci4: command tx timeout
[  115.141349][   T57] usb 10-1: device descriptor read/64, error -71
[  115.376635][   T57] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  115.383457][   T25] usb 6-1: USB disconnect, device number 14
[  115.506778][   T57] usb 10-1: device descriptor read/64, error -71
[  115.547361][T12336] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=12336 comm=syz.0.2282
[  115.607329][T12338] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2283'.
[  115.610057][T12338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2283'.
[  115.627709][   T57] usb usb10-port1: attempt power cycle
[  115.649545][ T1485] IPVS: starting estimator thread 0...
[  115.757247][T12341] IPVS: using max 34 ests per chain, 81600 per kthread
[  115.765178][T12345] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2286'.
[  115.768449][T12345] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2286'.
[  115.976618][   T57] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  115.997330][   T57] usb 10-1: device descriptor read/8, error -71
[  116.103153][ T7845] ------------[ cut here ]------------
[  116.104587][ T7845] WARNING: CPU: 0 PID: 7845 at net/mac80211/offchannel.c:404 ieee80211_start_next_roc+0x24c/0x2c0
[  116.107593][ T7845] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  116.108658][ T7845] CPU: 0 UID: 0 PID: 7845 Comm: kworker/u32:18 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[  116.114551][ T7845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.117598][ T7845] Workqueue: events_unbound cfg80211_wiphy_work
[  116.119540][ T7845] RIP: 0010:ieee80211_start_next_roc+0x24c/0x2c0
[  116.121793][ T7845] Code: 7b 40 e8 67 bf dc ff 48 83 c4 10 5b 5d e9 8c d5 fe f6 e8 87 d5 fe f6 48 89 df e8 0f 60 ff ff e9 40 ff ff ff e8 75 d5 fe f6 90 <0f> 0b 90 e9 32 ff ff ff 48 c7 c7 18 8c 5f 90 e8 40 5f 60 f7 e9 db
[  116.129260][ T7845] RSP: 0018:ffffc9000421fad0 EFLAGS: 00010293
[  116.131307][ T7845] RAX: 0000000000000000 RBX: ffff8880502d8e40 RCX: ffffffff8a8ea4a6
[  116.134119][ T7845] RDX: ffff88804a200000 RSI: ffffffff8a8ea5db RDI: 0000000000000001
[  116.136956][ T7845] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  116.139659][ T7845] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
[  116.142331][ T7845] R13: ffff8880502da8c0 R14: ffff8880502d8e40 R15: dffffc0000000000
[  116.145020][ T7845] FS:  0000000000000000(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000
[  116.148107][ T7845] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  116.150352][ T7845] CR2: 00007fe3f9d2e058 CR3: 0000000044e04000 CR4: 0000000000352ef0
[  116.153048][ T7845] DR0: 0000000000000621 DR1: 0000000000000000 DR2: 0000000000000000
[  116.155771][ T7845] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  116.158571][ T7845] Call Trace:
[  116.159696][ T7845]  <TASK>
[  116.160748][ T7845]  ? __warn+0xea/0x3d0
[  116.162143][ T7845]  ? ieee80211_start_next_roc+0x24c/0x2c0
[  116.164083][ T7845]  ? report_bug+0x3c0/0x580
[  116.165662][ T7845]  ? handle_bug+0x54/0xa0
[  116.167203][ T7845]  ? exc_invalid_op+0x17/0x50
[  116.168831][ T7845]  ? asm_exc_invalid_op+0x1a/0x20
[  116.170562][ T7845]  ? ieee80211_start_next_roc+0x116/0x2c0
[  116.172545][ T7845]  ? ieee80211_start_next_roc+0x24b/0x2c0
[  116.174481][ T7845]  ? ieee80211_start_next_roc+0x24c/0x2c0
[  116.176475][ T7845]  __ieee80211_scan_completed+0x4fe/0xe50
[  116.178399][ T7845]  ieee80211_scan_work+0x440/0x2080
[  116.180067][ T7845]  ? cfg80211_wiphy_work+0x3a3/0x550
[  116.181462][ T7845]  ? __pfx_lock_release+0x10/0x10
[  116.182785][ T7845]  ? __pfx_ieee80211_scan_work+0x10/0x10
[  116.184264][ T7845]  ? mark_held_locks+0x9f/0xe0
[  116.185587][ T7845]  ? rcu_is_watching+0x12/0xc0
[  116.186977][ T7845]  cfg80211_wiphy_work+0x3d9/0x550
[  116.188365][ T7845]  process_one_work+0x9c5/0x1ba0
[  116.190022][ T7845]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  116.191839][ T7845]  ? __pfx_process_one_work+0x10/0x10
[  116.193916][ T7845]  ? assign_work+0x1a0/0x250
[  116.195499][ T7845]  worker_thread+0x6c8/0xf00
[  116.197264][ T7845]  ? __pfx_worker_thread+0x10/0x10
[  116.199008][ T7845]  kthread+0x2c1/0x3a0
[  116.200382][ T7845]  ? _raw_spin_unlock_irq+0x23/0x50
[  116.201919][ T7845]  ? __pfx_kthread+0x10/0x10
[  116.203158][ T7845]  ret_from_fork+0x45/0x80
[  116.204915][ T7845]  ? __pfx_kthread+0x10/0x10
[  116.206699][ T7845]  ret_from_fork_asm+0x1a/0x30
[  116.208287][ T7845]  </TASK>
[  116.209397][ T7845] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  116.211948][ T7845] CPU: 0 UID: 0 PID: 7845 Comm: kworker/u32:18 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0
[  116.216077][ T7845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.219775][ T7845] Workqueue: events_unbound cfg80211_wiphy_work
[  116.221542][ T7845] Call Trace:
[  116.222463][ T7845]  <TASK>
[  116.223271][ T7845]  dump_stack_lvl+0x3d/0x1f0
[  116.224522][ T7845]  panic+0x71d/0x800
[  116.225592][ T7845]  ? __pfx_panic+0x10/0x10
[  116.227939][ T7845]  ? show_trace_log_lvl+0x29d/0x3d0
[  116.229386][ T7845]  ? check_panic_on_warn+0x1f/0xb0
[  116.230771][ T7845]  ? ieee80211_start_next_roc+0x24c/0x2c0
[  116.232275][ T7845]  check_panic_on_warn+0xab/0xb0
[  116.233795][ T7845]  __warn+0xf6/0x3d0
[  116.234833][ T7845]  ? ieee80211_start_next_roc+0x24c/0x2c0
[  116.236330][ T7845]  report_bug+0x3c0/0x580
[  116.237500][ T7845]  handle_bug+0x54/0xa0
[  116.238554][ T7845]  exc_invalid_op+0x17/0x50
[  116.239686][ T7845]  asm_exc_invalid_op+0x1a/0x20
[  116.240956][ T7845] RIP: 0010:ieee80211_start_next_roc+0x24c/0x2c0
[  116.242611][ T7845] Code: 7b 40 e8 67 bf dc ff 48 83 c4 10 5b 5d e9 8c d5 fe f6 e8 87 d5 fe f6 48 89 df e8 0f 60 ff ff e9 40 ff ff ff e8 75 d5 fe f6 90 <0f> 0b 90 e9 32 ff ff ff 48 c7 c7 18 8c 5f 90 e8 40 5f 60 f7 e9 db
[  116.247525][ T7845] RSP: 0018:ffffc9000421fad0 EFLAGS: 00010293
[  116.249062][ T7845] RAX: 0000000000000000 RBX: ffff8880502d8e40 RCX: ffffffff8a8ea4a6
[  116.251016][ T7845] RDX: ffff88804a200000 RSI: ffffffff8a8ea5db RDI: 0000000000000001
[  116.253085][ T7845] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  116.255228][ T7845] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
[  116.257309][ T7845] R13: ffff8880502da8c0 R14: ffff8880502d8e40 R15: dffffc0000000000
[  116.259348][ T7845]  ? ieee80211_start_next_roc+0x116/0x2c0
[  116.260847][ T7845]  ? ieee80211_start_next_roc+0x24b/0x2c0
[  116.262340][ T7845]  __ieee80211_scan_completed+0x4fe/0xe50
[  116.263898][ T7845]  ieee80211_scan_work+0x440/0x2080
[  116.265323][ T7845]  ? cfg80211_wiphy_work+0x3a3/0x550
[  116.266751][ T7845]  ? __pfx_lock_release+0x10/0x10
[  116.268087][ T7845]  ? __pfx_ieee80211_scan_work+0x10/0x10
[  116.269564][ T7845]  ? mark_held_locks+0x9f/0xe0
[  116.271042][ T7845]  ? rcu_is_watching+0x12/0xc0
[  116.272313][ T7845]  cfg80211_wiphy_work+0x3d9/0x550
[  116.273680][ T7845]  process_one_work+0x9c5/0x1ba0
[  116.274993][ T7845]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  116.276457][ T7845]  ? __pfx_process_one_work+0x10/0x10
[  116.277999][ T7845]  ? assign_work+0x1a0/0x250
[  116.279304][ T7845]  worker_thread+0x6c8/0xf00
[  116.280559][ T7845]  ? __pfx_worker_thread+0x10/0x10
[  116.281858][ T7845]  kthread+0x2c1/0x3a0
[  116.282890][ T7845]  ? _raw_spin_unlock_irq+0x23/0x50
[  116.284229][ T7845]  ? __pfx_kthread+0x10/0x10
[  116.285450][ T7845]  ret_from_fork+0x45/0x80
[  116.286640][ T7845]  ? __pfx_kthread+0x10/0x10
[  116.287857][ T7845]  ret_from_fork_asm+0x1a/0x30
[  116.289159][ T7845]  </TASK>
[  116.290688][ T7845] Kernel Offset: disabled
[  116.291853][ T7845] Rebooting in 86400 seconds..

VM DIAGNOSIS:
14:17:44  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000006b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850b84c5 RDI=ffffffff9aaeac40 RBP=ffffffff9aaeac00 RSP=ffffc9000421f438
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000006b R14=ffffffff850b8460 R15=0000000000000000
RIP=ffffffff850b84ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fe3f9d2e058 CR3=0000000044e04000 CR4=00352ef0
DR0=0000000000000621 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 006e6f6974617a69 6c6974755f756372
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f223b
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f2248
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f2242
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f2256
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f22dc
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f23ba
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0200000001000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000001e3313 RBX=0000000000000001 RCX=ffffffff8b235439 RDX=0000000000000000
RSI=ffffffff8b6cd040 RDI=ffffffff8bd1b2c0 RBP=ffffed1003b58910 RSP=ffffc90000187e08
R8 =0000000000000001 R9 =ffffed100d4e7025 R10=ffff88806a73812b R11=0000000000000000
R12=0000000000000001 R13=ffff88801dac4880 R14=ffffffff905f5908 R15=0000000000000000
RIP=ffffffff8b23681f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c44b0d7 CR3=0000000044e04000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 006e6f6974617a69 6c6974755f756372
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f223b
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f2248
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f2242
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f2256
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f22dc
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20c73f23ba
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0200000001000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000012e433 RBX=0000000000000002 RCX=ffffffff8b235439 RDX=0000000000000000
RSI=ffffffff8b6cd040 RDI=ffffffff8bd1b2c0 RBP=ffffed1003b5b000 RSP=ffffc90000197e08
R8 =0000000000000001 R9 =ffffed100d507025 R10=ffff88806a83812b R11=0000000000000000
R12=0000000000000002 R13=ffff88801dad8000 R14=ffffffff905f5908 R15=0000000000000000
RIP=ffffffff8b23681f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c38a25f CR3=000000000df7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcacccc2b0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f834bff223b
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f834bff2248
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f834bff2242
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f834bff2256
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f834bff22dc
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f834bff23ba
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e776f6e6b6e7500 6f6c6c3332302500 657a697320740004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b524a4b4e4b5000 4a49491617150000 405f4c560551464a 5751560541444700
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000048 0000000000000001 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff888028568000 RCX=ffffffff814fde7a RDX=ffff888028568000
RSI=ffffffff814febc9 RDI=0000000000000001 RBP=0000000000000000 RSP=ffffc9000673fdb0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffff888028568901 R13=ffff888028568000 R14=ffff888028b96028 R15=0000000000000337
RIP=ffffffff818d7b5c RFL=00000296 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f911f267d60 CR3=000000000df7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f911e70c6a3 00007f911e70c6a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd9835daa0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555577c61490
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555577c6f95c 0000555577c6f850
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000032373835 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0104820010000b 80030010000a8003 0100000608060201 02ec000400018408
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01208080808887ff ff10000e80040d80 0400000000100601 c708000a01048200
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 10000e8003001000 0d800307fe10000c 800401c708000601 04ac0030656c6966
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2e01ffffffffff ffffffef080c8003 0010000b80040a80 0400000000100601
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c708000a01048200 10000b8003001000 0a80030100000608 06020102ec000400
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000