last executing test programs:

5m18.282208674s ago: executing program 3 (id=90):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000300)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x3}, 0x18)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, 0x0, 0x0)

5m18.172252654s ago: executing program 3 (id=93):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x4, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x2c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r5, r7, 0x25, 0x0, @val=@perf_event}, 0x18)
syz_emit_ethernet(0xd41, &(0x7f0000002cc0)=ANY=[@ANYBLOB="0180c2000003ffffffffffff86dd620658b10d0b3a01ff010000000000000000000000000001000000000000000000000000000000005c00032068000000860090780000faff02000000090000000207b4581b4af659ff93de1a61762b9bbacea16f8d2c7894ead6e3aafccc419fafc3eed97e7aa7f4e9f3502ca7211d14fc9695cfe5f235a4f0661f17e13a803d7b0a7062d0bf5e67818178a823514649e2bc66cd425ea91351e7a11e4f324d073b3de9121c85574ea364ffe1fc1ab981ad17d0a9aa823a135d9feb360ab18bf47038a0381b8c378defd36194e2e49f36b5a11a8ade187322226b536ebdd99f3f34670cc1e85d9635b53042823e2d2e7cd3a8a766fdad0017f5cad2f97dee77423b3582191add21c51eac1b60c474ed455620e52b34789427e5866fe80cd193b20d3b6d656301a9ae58b4bbf5ca61ab8c47e5843e338be9037f2b61acb1e5f91e4741899c022dd038bdf6afa36685db9c7c7a351db0e20cb5e157ed0a9ed7a5c5fb733a28f390ab64142b8474182cead6f051cb20fb1e140a2eadb11f686d4f0c01c480ace19ad88f2de44a28e5f89ff2dafcab96a131951dd4c0b6183e1139dba48da1d8d39f21aa27b134ecf95555624c5b7cbfe593ac6e71d09465bbbb1fd9cbabfd916317fc6d3b7a7bded25b07746a9cb5d2e53ad52886e0b6ac520b7829d2f52c80782be51a42551d68e221a64566ee21bc988ed7d6aaa979cb92cb6ad5a7ac73dc06e1d9a07650d7e2522e8385e0425e3e615cf8395289e69f39c219577348c5ada1d6f3a78679e83360d95f93ca89f3e32042d2b06bbb8710be1fb4afad667e880a68c876092359dd80598d5f1cf441a091cc00c9b5ab6ef1df9b08f4b65a9bfa3c5cfe6d7956453360bfbcd0fa7407620d7aff9470e5be36815499503af1fa7a78afda09d58f583e664df18d3f8dae1d2ca24c24a7b73b34cc27094ebe3ed8236f2e558bfe59b3fd3b8b45bf43d4b56532ab7bbaa9314926ee361b75258caa4f146c6451e9d9a3b4642fbf56b768b310552b448f8e56a20e8cdda7940b76c4207437965c2a46047eefd3b172ec906755768799c8aebfc14545b0832bde7bd7e8266650e47c35e6ba4377ad22820b686abb5f21bd80853d40b422a8b95bbc063a4fce019e6fc160e7a700c44f258c3f6f1a14f6f77ea5794d73d8fdef0b72d09a1ad89d49dc2f12149181aadbcb3cc8fb62c9e2fd956ac871905c8f4e8448f8feae9414d8246175f76bfef3c482d60c9f8c4e0093b676017d7869aa2c50ba72dee04f27e17c426e76de6f19a2388d4732ff6d7ad034363c0a23606c39cfc829b04bfcda091b575aa1b9a7c486c9f45b88057ce337e2ec6452d4e05141327dfca8f5de108fe52ea66152d80d0bc6f0aca56e287792ff9bf90b22b33bc01b381495ab2dba7274e87e88062bcf8290b60d665109546b1de05f438f28af56ff8e683bf59831c07ae3abba9a9a13cf865b3bbd7cd2d5c1b5109ba275635179ce809dcc81b7cc5d3702640f9bbb961256118eec7424f7887e266db2f31f299645520cb79bff2e384c9c0e5c6f191e64de2d2e6829f1ae48f356faa4e0fb5752883f18cfdd3b69584e6c4c1b9f13e27090e386595ba6cd66610b00aeb98456670d4784ae7580f6860c9fa96256d8fc75b5439e9221b2ff929d03532d96931ec708b616529ac8e484f38e14bd63b0c0892e1169bb7c4cc690b58948393dc19b7ae064ee97e404e95d8d271fc51191b14bb63adf0a22f5728175a46427b6ec2948fdc16a255548314c2257d95f5913417b4dc9554038f8526129b01d4aaf0f7a8ec069d97c95a79553c4d0dd9aced5e8f22ab4f39be67152dbf2c30a99f1b610395b31ab4f2ae024bf9b58c5ffd134b909e18191f2f7c6476bb3d910f0ed4350a2891a3103230a8121cf82a45c86a4921526aca7823e34c8ddf80ee2530df244fddfb61654cf79d62b7dda103e1b8e1ed95ef1a9d32ffef8f0de8cad003d48cc3e2c971dd5285c443d28c1f3a7ae7ed47cf44cb79ec26b77752c86ed1c3a54c808e785deb86abffcdbc2af18e4ae406fea03d1b1781c7cc679efbcffa41af3ff44d1270f17509024ebf12a81b43831861e51ec047be6e597a0d38fa5982ebcbe01062819c0594ad7eec3e41b4397cf8e61d645f36a92d01866825f61fdc0c54d10447779a13d13016db88451d6f2739543831cf1dff979de783f2922b27b20171a6f275de979f700380998255c72ffc1d62a08d61977a173245a9464e7b30df5d541f6173c20b238bc533161161cbdc5e0599781830d78759e022ec5338535fb91a38ee89d1a70f542c1a3c97cee21c2cb581a739227a43b8c3b197c85a16d07ec59fbbd2b8bfb5b30f2429b48bcd45b224fba8392fa20e4c3639674e6c7d71419ce0003539ef1a4c4113ae25c3658b8a63616ee07a91907ef31bd53f8e00593f7291ba08fb486d514e63bd79fb7fd63902757816abe1df786f7f2d83a398e999366d59b79fbdd6ca3407df1fc702b317445a4bb3a7258dd74f21611b1d7b5969617ec978d3276540cf5961dc5ae804e7c22ad33f5ed04a3b6f701be8f988eee76a872b3d6e3e2d66ca05eee33432c6ccd554f3180dfec7875dd6ec0db489b47bf97942e2c61a9ed957b34f4bdfbf489439e96374f347213626c717c1126974c864a3313162aa2cb3a6edfc894096d272546972acf0e6d4be706cb3dba33fe5a1dfc03699d734c64d7e501184eba5b76e96eeaedb5f1d2660e090233898b0c76e53d81bea79d7b42b34607f2fa8b59ed3bc67683418867cf9cd3f38df04f7a55975c4c6bbe81804585c942fb6f86fedff1e8d2eecf8dac76b3a0933c14e8843b9027452da9c7035b1f47ea9987b80d0b8ddf1d745de5735298292d9a2c50383418fa235c25f96f349f240afbc0f2469f9967c964b309f9f043c8f53b37b9adc41fa332c4838611ef95e078b5f6c11eac3f63aced9abb7b83aafb45f61df0022d72f66e0f8acbb6db3c5af8b257aad6fd1d048bffc0fc7a1070f5dd31b4834905cdba1837756236e0cce6be476e85bcdacfa23b120d8f091a0a64919143b52188974ca480a3c60fa655802b27b0baf4d58426d31de13fe670be6c49e8cb5baf30b7df85270d672a8fba406b19504651edcf7cbf04cb1f131944e20c3b783086eb91caae149eb27ea990409c707c111146aeb2d0df9262bd0c809e46c89ddc8eea39eca6fd79cbe9dc68f63cdbf8e844a78a4babd727c9acc6bfb5bcd1615fcd27d98de371124e8a3864d30c89d08409df6b2ee82b063f015e665c7703dbc6853ec9b508591839df0dd67f9f95f2351d3dec77249d82a17d97e687b9b3ee855ab21215fe26e977271ec327ec41674921767217b1a882e3a82bcd526baa890d416d150a9b1832375186050612a3df35d2c5277bed0e257906ecd8cea44de0fc733282415612f6ef6675bb6952c5d57021eedde77e255f903f8583c34107704b02b46c1954ff7e8b2c7becf26007e4c0e5f2cf4e17d55c807b8cfb2bbc7d40e792d7370290d52f6deb4e8823aaa145e658ac3228f47e220bfd66af5c7e56a37a6c2f42b21b6e52dfc794f282b69482f952775924da5bef4c32f8e66b2ac567055f29e50c095275a20b600dc7a8b65cbb4d09ed501125fa791d260b5761fcd84bdaa03cb89aa6ac87848628a858e789daa576279ba4d8e6c5af92ae69bbb47d7770ae6531a4ce6485fc9ddfd021416cfc90e79230895b0b5ccac048f0c119929f7d3a709673d7a2f118484fd74d2b9cd0addbd4df6e4e222b27954ffb424a5d8cf9f169593f719437689bcd50849b0fffa9b3952f2ef0ce72731070006070b5d79e94e54bf708f0166b7bdf7c7699b1474920b8f81915fbf99b9d71ca24158a2dc5b2ade7868c3792614872b9732a02fcc1627973159d653888f5b219b5ee57666eeff9d7a9984432b252e6db842e11984ff05515cffdad385085003c6b82f032290957df4ce8c31adbec3852857a0cb8f32fa5a410d47288bc50421a0221e7e3a7ded39c64afd77823ae67a7c8dd0eea9189530c972c096a9405246e70f5c318c5df63cd991da3d0a21889eb45b49dc21efbf91009cc98114cbb529ba282a13923697575a29caa95952e94557a929e9b7ee96959c17a17a3507ea5c7da29f1220e7790dd3887880139fd14ef90347f7acae6698df6c21211cf4f238703732069b1bbc894551868f69037385d42c7b9d64e10ab97f479ec994238ce4a26ffa6f3b45e2a53104c4c4c80a1a4836e034a5cf2ec2d9bf5ab053e7f391617075327760f44a3d0860c8dcbad435f05de8b5f78554bd777fd092883b7351627e2f47a134cbc0aaa144d88dab43c7861434f42d524f9576eb4a8683fa6d718f4cfc5619f8f2b31357a40425dd64473edbb48073f90d907c81a87bbd4ded30ae5fe6b577a19d33b6f7bea0cd0fe8688db03f3ee168f1e033d29896ad6c88884b3b1acbafceb040702637e6fa4715a82fb52ff3dee4211ba869a9c16c8bca085f55253dd783cbba103006e019c2a7827fdae64039799351234b51f4c3794e867d0a30eacf0282f180e5c5b480eaeaf2044c96f6fb05144ec52ef617432b7d927fa76d4663711bea71f6e976b04e2910f1b76c3d054ce883e98a2327774e2cf9ce6cecb90444e5b456d0c89e26ed94d899ab21653d02ac473d2c1547e00dc1e44bf759463fd0d3a97ce80ee1f93ff97b18cc0943bc33304b424bf1047247826aef4d2fb21079c76ce7c0788d2e0defbec3bc98719908b1fd2c12201"], 0x0)
r8 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000080)={0x8, 0xfffffffd, 0x25, 0xfffffffd}, 0x8)
write(r8, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f0b2ad1eb9769d74e4f1feff374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724190000006f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0ed9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab778c50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b28448692686ac80d81a89f9c29e276800"/2574], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
socket$kcm(0x29, 0x2, 0x0)

5m17.253072232s ago: executing program 3 (id=94):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x236, &(0x7f0000000400)={0x0, 0xf691, 0x10100, 0x0, 0x2b5}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
lseek(r5, 0x1000, 0x1)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)=""/209, 0x1a, 0xd1, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x108400, &(0x7f00000007c0)={{}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {}, 0x2c, {[], [{@obj_type={'obj_type', 0x3d, 'syzkaller1\x00'}}]}})
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000100)={0x1d, 0x0, 0x0, {0x0, 0x0, 0x4}, 0x1}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r8 = socket$igmp6(0xa, 0x3, 0x2)
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r8, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @empty=0xe0000001}, {0x0, 0x17c1, 0x8}}}}}, 0x0)
close(r10)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$cgroup_subtree(r6, &(0x7f0000000100)=ANY=[], 0x36)

5m14.82357525s ago: executing program 3 (id=101):
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040f0400"], 0x7)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet_udp(0x2, 0x2, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000010000", @ANYRES32, @ANYBLOB="0000000000009b1c3d3059000900000000576349fa61", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x34)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
r2 = syz_open_dev$loop(&(0x7f0000000380), 0x75f, 0x800)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, 0xffffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, 0x0, 0x0)
r4 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001020010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f5c0000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00cb8028000180230001001196e1da69279e989c73000065399ef8cd8d8000140000001000010000000000000000000000000a40dd8486bb6d6201f7ab34228c38413b355fb0d99719ea4bf7e493bc5ca053db332f602cc96959adf009dfac0f0e7b1b3a487fc3e94a5525f5cf9455f74a57cc97cfa646a34c12e55dbfd1d2168013704dfa6504a127c9fd5eeb233c87b9a1a8c77ff3e555f3b89040aad9262024332d9e6d5912153af0f95ffe6f9f91ba1b00"/351], 0xe0}}, 0x0)
ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f00000000c0)=0x3)

5m13.747975491s ago: executing program 3 (id=107):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x0, 0x5, 0x4a, 0x0, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", "0400", "a2d1d4a2", ["1af0b1ba1cb8fd54c9c9b587", "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]})
r4 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_TRANSMIT(r4, 0xc0386105, &(0x7f0000000d40)={0x2, 0x3, 0x3, 0xfffffffc, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059", 0x0, 0x0, 0x0, 0xfd, 0x5, 0x1})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x6c}}, 0x0)
r5 = add_key(&(0x7f0000000240)='cifs.spnego\x00', &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
setreuid(0xffffffffffffffff, 0xee00)
keyctl$setperm(0x5, r5, 0x220c)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

5m11.623105061s ago: executing program 3 (id=120):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup3(r0, r1, 0x80000)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYRESHEX=r2, @ANYRES16=r3, @ANYBLOB="0100fefffffffedbdf256700000008000100020065665a09893700000c0099000100"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0xc814)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x81, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x7)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r8, 0x4068aea3, &(0x7f0000000680))
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000084000040"])
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0xc01, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r9, 0x0)
r10 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000280)={'vxcan1\x00'})
bind$can_raw(r10, &(0x7f00000005c0), 0x10)
read(0xffffffffffffffff, &(0x7f0000001600)=""/4081, 0xff1)
mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getpid()
setns(0xffffffffffffffff, 0x24020000)
r11 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r11, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)

4m56.622916675s ago: executing program 32 (id=120):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup3(r0, r1, 0x80000)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYRESHEX=r2, @ANYRES16=r3, @ANYBLOB="0100fefffffffedbdf256700000008000100020065665a09893700000c0099000100"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0xc814)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x81, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x7)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r8, 0x4068aea3, &(0x7f0000000680))
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000084000040"])
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0xc01, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r9, 0x0)
r10 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000280)={'vxcan1\x00'})
bind$can_raw(r10, &(0x7f00000005c0), 0x10)
read(0xffffffffffffffff, &(0x7f0000001600)=""/4081, 0xff1)
mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getpid()
setns(0xffffffffffffffff, 0x24020000)
r11 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r11, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)

54.884561018s ago: executing program 4 (id=1167):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x14, 0x10}}, 0x7c}}, 0x0)

47.586265669s ago: executing program 4 (id=1167):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x14, 0x10}}, 0x7c}}, 0x0)

40.037731805s ago: executing program 4 (id=1167):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x14, 0x10}}, 0x7c}}, 0x0)

31.988061054s ago: executing program 4 (id=1167):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x14, 0x10}}, 0x7c}}, 0x0)

24.750584599s ago: executing program 4 (id=1167):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x14, 0x10}}, 0x7c}}, 0x0)

17.850449645s ago: executing program 2 (id=1600):
syz_io_uring_setup(0x4e9f, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x18)
r2 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r2, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
bpf$BPF_GET_MAP_INFO(0x3, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$loop(0x0, 0x47ffffa, 0x122c42)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x5, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x18, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4, 0x0, 0x60}, [@nested={0x4, 0xe}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)

17.59066392s ago: executing program 2 (id=1601):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1100780a}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)=@gettaction={0x5c, 0x32, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x48, 0x1, [{0x10, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x10, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x201c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x800}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000010)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000700)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))

17.539497862s ago: executing program 2 (id=1603):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80) (fail_nth: 7)
mount(0x0, &(0x7f0000000500)='./bus\x00', &(0x7f0000000540)='virtiofs\x00', 0x80c000, &(0x7f0000000580)='dax=always')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

17.338111684s ago: executing program 4 (id=1167):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x14, 0x10}}, 0x7c}}, 0x0)

16.448945264s ago: executing program 2 (id=1606):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x121d, &(0x7f0000000480)={0x0, 0xfffffffd, 0x80, 0x3, 0x34e}, &(0x7f0000000980)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket(0x2a, 0x2, 0xfffffffe)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x5c, 0x0, 0x0, 0x0, 0x23457})
io_uring_enter(r0, 0x47bc, 0xa8be, 0x0, 0x0, 0x0) (fail_nth: 7)

15.890479571s ago: executing program 2 (id=1607):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=@newtaction={0x6f8, 0x30, 0x2, 0x0, 0x25dfdbfb, {}, [{0x6e4, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}, @m_mirred={0x1d8, 0x1c, 0x0, 0x0, {{0xb}, {0xe4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x1000, 0x7, 0x6, 0x4}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x7ff, 0x7, 0x20000000, 0xa8b, 0xff}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x7, 0x2, 0xa, 0xa}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0xc2d8, 0x20000000, 0x8, 0x3}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1000, 0xcce, 0x5, 0xec9, 0x54}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xb, 0x5, 0x7, 0x10, 0x2}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x9, 0xffffffffffffffff, 0x8, 0x7a1}, 0x1}}]}, {0xc9, 0x6, "7ccba2f06e3efe0af8bd7db59146f318b7d480bef3c7e269ec01a655400ca42f23e808d303cee6d1e56c28eed4fb74681f948fdedb228fc7f324e7d5b5370ebc1203c164c2b4fcc77abff345f039ccbbbd256a48014907103aed176dc7ee81012ba8c632f6fb781a97557f551cd2b111c06dc50afc1de7348ec40c9a0d2551805e1a3d819b1a4ea6918b240488b6fdeb042d2e2cd5b2846940666320e247d7be567e1e705d12ddbd292aed060ccfcaa3cabf4205a847ab5c93723e20ad5169ad256b7c773f"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_skbedit={0xe4, 0x1b, 0x0, 0x0, {{0xc}, {0x44, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x1ff, 0x6, 0x0, 0xffffffff, 0x10001}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x4}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xfffffffb, 0xfffffffa, 0xffffffffffffffff, 0x7, 0xe}}]}, {0x75, 0x6, "57bd2ad2025cb7fa609f427c6be68f56bdbcb1dbd226b015fbdcfa6f340ce8747e9e01bf85a4e177728f349c9b171d933523e0a37c1d857b972c0fb73b0183cbfd7be932b36f2d6a65d25d71cc7649ce3f5085f43ba4ed068193b7583a92ce0cdef2222d34aac0f67b9103e9a9ba0de923"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_csum={0xa4, 0x1a, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x8, 0x9, 0x10000000, 0x7f, 0x2}, 0x6a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x3, 0x100, 0x7, 0x8000, 0x668}, 0xa}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x6, 0x5, 0xffffffffffffffff, 0xff, 0x4}, 0x43}}]}, {0x21, 0x6, "6cc0983af45798456a58a69b17293f4827273d4670bc54d3885ea14910"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_mpls={0x60, 0x11, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_MPLS_TTL={0x5, 0x7, 0x6}, @TCA_MPLS_LABEL={0x8, 0x5, 0x98eb9}, @TCA_MPLS_TC={0x5, 0x6, 0x2}]}, {0x19, 0x6, "21b67d81796be302d009ca01c351a0a7f72407c071"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_vlan={0x6c, 0x11, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x4, 0x2, 0x3, 0x9, 0x93}, 0x1}}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0x1a, 0x6, "e56d46f6775af8bac8713dd8bec211d91d9a71455be8"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_bpf={0x120, 0x9, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x2}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x4571, 0x7fff, 0x5, 0xf, 0x2}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x248, 0x0, 0x5, 0x4, 0xba8}}, @TCA_ACT_BPF_OPS_LEN={0x6}]}, {0xa1, 0x6, "682d2f9c9acb82cf47465d12bdaa07adddf10bb0342b4bae42f08149fd4307976898f3da71d77c6d5c591f4f7fc6edf1ae64486315bd85c5f8834345aefa414ae74f37451f2ab9524d0312e065d292f032d8fc1e8d66fccb140d76af56f29f08f5c027e8e8923a7e4352c4e9b28c7101eae2da408016f964ba0478d17416f25d9c077e3659338bdbb1b484db6e125a09e2bbe14872936318dd2a82b22e"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_connmark={0x14c, 0x12, 0x0, 0x0, {{0xd}, {0x100, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x130, 0x1da, 0xffffffffffffffff, 0x6, 0x6}, 0xfff}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9, 0x7, 0xffffffffffffffff, 0x6, 0x1}, 0x2a}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7f, 0x6, 0x1, 0x4, 0x20000000}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xffffffff, 0x5, 0x2, 0x5, 0x9}, 0x7}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x6, 0x7f, 0x9}, 0x64}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9, 0x9, 0xffffffffffffffff, 0x3, 0x3}, 0xa}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x1, 0x10000000, 0x3, 0x1}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0x16a640e2, 0xffffffffffffffff, 0xb, 0x7}, 0x3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x6b5, 0x5, 0x2, 0x82d, 0x100}, 0xd}}]}, {0x1f, 0x6, "e296cdf50f12865111b3dad3bd04e36c3c8a38e1164b5288d33a9a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x6f8}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/15, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0xc8080)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000000)=0x639)
readv(r5, &(0x7f0000000180)=[{&(0x7f0000000200)=""/147, 0x48}, {0x0, 0x2}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)

15.500284046s ago: executing program 1 (id=1609):
syz_io_uring_setup(0x4e9f, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x18)
r2 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r2, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000300)}, 0x10)
io_uring_setup(0x70f8, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000440)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78d09843d601010000000000080d0ec0c1b4e9b1c4369d03740250ceaac594b1b3c741dd17c18e8438ef2a565e04603323695c58d66500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x5, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x18, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4, 0x0, 0x300}, [@nested={0x4, 0xe}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)

15.410651454s ago: executing program 0 (id=1610):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x4, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x2c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r5, r7, 0x25, 0x0, @val=@perf_event}, 0x18)
syz_emit_ethernet(0xd41, &(0x7f0000002cc0)=ANY=[@ANYBLOB="0180c2000003ffffffffffff86dd620658b10d0b3a01ff010000000000000000000000000001000000000000000000000000000000005c00032068000000860090780000faff02000000090000000207b4581b4af659ff93de1a61762b9bbacea16f8d2c7894ead6e3aafccc419fafc3eed97e7aa7f4e9f3502ca7211d14fc9695cfe5f235a4f0661f17e13a803d7b0a7062d0bf5e67818178a823514649e2bc66cd425ea91351e7a11e4f324d073b3de9121c85574ea364ffe1fc1ab981ad17d0a9aa823a135d9feb360ab18bf47038a0381b8c378defd36194e2e49f36b5a11a8ade187322226b536ebdd99f3f34670cc1e85d9635b53042823e2d2e7cd3a8a766fdad0017f5cad2f97dee77423b3582191add21c51eac1b60c474ed455620e52b34789427e5866fe80cd193b20d3b6d656301a9ae58b4bbf5ca61ab8c47e5843e338be9037f2b61acb1e5f91e4741899c022dd038bdf6afa36685db9c7c7a351db0e20cb5e157ed0a9ed7a5c5fb733a28f390ab64142b8474182cead6f051cb20fb1e140a2eadb11f686d4f0c01c480ace19ad88f2de44a28e5f89ff2dafcab96a131951dd4c0b6183e1139dba48da1d8d39f21aa27b134ecf95555624c5b7cbfe593ac6e71d09465bbbb1fd9cbabfd916317fc6d3b7a7bded25b07746a9cb5d2e53ad52886e0b6ac520b7829d2f52c80782be51a42551d68e221a64566ee21bc988ed7d6aaa979cb92cb6ad5a7ac73dc06e1d9a07650d7e2522e8385e0425e3e615cf8395289e69f39c219577348c5ada1d6f3a78679e83360d95f93ca89f3e32042d2b06bbb8710be1fb4afad667e880a68c876092359dd80598d5f1cf441a091cc00c9b5ab6ef1df9b08f4b65a9bfa3c5cfe6d7956453360bfbcd0fa7407620d7aff9470e5be36815499503af1fa7a78afda09d58f583e664df18d3f8dae1d2ca24c24a7b73b34cc27094ebe3ed8236f2e558bfe59b3fd3b8b45bf43d4b56532ab7bbaa9314926ee361b75258caa4f146c6451e9d9a3b4642fbf56b768b310552b448f8e56a20e8cdda7940b76c4207437965c2a46047eefd3b172ec906755768799c8aebfc14545b0832bde7bd7e8266650e47c35e6ba4377ad22820b686abb5f21bd80853d40b422a8b95bbc063a4fce019e6fc160e7a700c44f258c3f6f1a14f6f77ea5794d73d8fdef0b72d09a1ad89d49dc2f12149181aadbcb3cc8fb62c9e2fd956ac871905c8f4e8448f8feae9414d8246175f76bfef3c482d60c9f8c4e0093b676017d7869aa2c50ba72dee04f27e17c426e76de6f19a2388d4732ff6d7ad034363c0a23606c39cfc829b04bfcda091b575aa1b9a7c486c9f45b88057ce337e2ec6452d4e05141327dfca8f5de108fe52ea66152d80d0bc6f0aca56e287792ff9bf90b22b33bc01b381495ab2dba7274e87e88062bcf8290b60d665109546b1de05f438f28af56ff8e683bf59831c07ae3abba9a9a13cf865b3bbd7cd2d5c1b5109ba275635179ce809dcc81b7cc5d3702640f9bbb961256118eec7424f7887e266db2f31f299645520cb79bff2e384c9c0e5c6f191e64de2d2e6829f1ae48f356faa4e0fb5752883f18cfdd3b69584e6c4c1b9f13e27090e386595ba6cd66610b00aeb98456670d4784ae7580f6860c9fa96256d8fc75b5439e9221b2ff929d03532d96931ec708b616529ac8e484f38e14bd63b0c0892e1169bb7c4cc690b58948393dc19b7ae064ee97e404e95d8d271fc51191b14bb63adf0a22f5728175a46427b6ec2948fdc16a255548314c2257d95f5913417b4dc9554038f8526129b01d4aaf0f7a8ec069d97c95a79553c4d0dd9aced5e8f22ab4f39be67152dbf2c30a99f1b610395b31ab4f2ae024bf9b58c5ffd134b909e18191f2f7c6476bb3d910f0ed4350a2891a3103230a8121cf82a45c86a4921526aca7823e34c8ddf80ee2530df244fddfb61654cf79d62b7dda103e1b8e1ed95ef1a9d32ffef8f0de8cad003d48cc3e2c971dd5285c443d28c1f3a7ae7ed47cf44cb79ec26b77752c86ed1c3a54c808e785deb86abffcdbc2af18e4ae406fea03d1b1781c7cc679efbcffa41af3ff44d1270f17509024ebf12a81b43831861e51ec047be6e597a0d38fa5982ebcbe01062819c0594ad7eec3e41b4397cf8e61d645f36a92d01866825f61fdc0c54d10447779a13d13016db88451d6f2739543831cf1dff979de783f2922b27b20171a6f275de979f700380998255c72ffc1d62a08d61977a173245a9464e7b30df5d541f6173c20b238bc533161161cbdc5e0599781830d78759e022ec5338535fb91a38ee89d1a70f542c1a3c97cee21c2cb581a739227a43b8c3b197c85a16d07ec59fbbd2b8bfb5b30f2429b48bcd45b224fba83"], 0x0)
r8 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000080)={0x8, 0xfffffffd, 0x25, 0xfffffffd}, 0x8)
write(r8, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f0b2ad1eb9769d74e4f1feff374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724190000006f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0ed9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab778c50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b28448692686ac80d81a89f9c29e276800"/2574], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
socket$kcm(0x29, 0x2, 0x0)

15.020131964s ago: executing program 2 (id=1611):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = socket(0x10, 0x3, 0x0)
r1 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
r2 = shmat(r1, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
shmat(r1, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
shmdt(r2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x45c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x9, 0x45, 0x3ff, 0x10000, 0x3, 0x8, 0x4, 0xa0000, 0x5, 0xa0000001, 0x59bc9fd6, 0x2, 0x2, 0x8000, 0x8, 0x4, 0x8, 0x6, 0x114b6000, 0xfffffffe, 0x2a70, 0xffff73cc, 0x80081, 0x5, 0x0, 0x100a, 0x400045, 0x20, 0x8, 0x5, 0x9, 0x3, 0xe, 0xa, 0x2, 0x4, 0x5, 0x3, 0xffff, 0x3, 0xffffdff8, 0x4, 0x8, 0x1a0055ee, 0x401, 0x1, 0xffff4226, 0x200000, 0x0, 0x22cc, 0x101, 0x4, 0x1, 0x1, 0x800, 0xf9, 0x9, 0x8, 0x2, 0x8, 0x2f, 0x4000006, 0x0, 0x1, 0x9, 0x7, 0xc5, 0x4, 0x2, 0xffffffff, 0x6, 0x5, 0x5, 0x5, 0x2, 0x9b58, 0x0, 0xb, 0x4be, 0x4, 0x100, 0xa, 0xca6, 0x9fa7, 0x7, 0x38, 0x4, 0xb, 0x7, 0x104d, 0x7, 0x200, 0x8, 0x401, 0x7, 0x45, 0x3, 0x9, 0x0, 0x7, 0x46, 0x9, 0x3, 0x7, 0x4, 0xc, 0x7, 0x8001, 0x7, 0x7, 0x1902, 0xc3c, 0x3, 0x28000000, 0x4000000, 0x30c7, 0xfad, 0x7, 0x8, 0x0, 0x5, 0x10, 0x400, 0xd58, 0x5, 0x2, 0x4, 0x2, 0x33, 0x8, 0x8, 0xea, 0x0, 0x45ba, 0x9, 0x864b, 0xfffffffa, 0x7, 0x9, 0x8001, 0x7, 0x81, 0x3, 0x9, 0x7, 0xffffff80, 0x43, 0x8, 0x1, 0x6, 0x5, 0x9, 0x7fffffff, 0x4, 0x324f035, 0x6, 0x0, 0x7c1, 0x136, 0x2, 0x5, 0x1, 0x3ff, 0x4, 0x0, 0x2, 0x10001, 0xfffffffd, 0x5, 0x4, 0x400, 0x101, 0x4, 0x1b, 0xd589, 0xffffff81, 0x0, 0x4, 0x0, 0x300, 0x8, 0x60000000, 0xd3d, 0x0, 0xfffffffe, 0x1, 0x81, 0x2, 0x55, 0x4000004, 0xbc6, 0xffff, 0x8, 0x28a6a52, 0x1ff, 0xb, 0x7fff, 0x9, 0x2e4c20b6, 0x1, 0x4, 0x9, 0x7, 0x4, 0x8, 0x0, 0x6, 0x8, 0x7, 0x7, 0x4, 0x9, 0x4, 0xfffffffa, 0x76e8e800, 0x800, 0x400, 0x6, 0x0, 0xcc6, 0xfffffffb, 0x8000, 0xffffff00, 0x894, 0x7, 0x7, 0x6, 0x6, 0x2, 0x9, 0x10001, 0x9, 0x4, 0x8, 0x5d, 0x1000003, 0x7, 0x656, 0x8008, 0x80000001, 0x384, 0x9, 0x58b, 0x80000000, 0xe08, 0x0, 0x1, 0x2c821159, 0x0, 0x9, 0xfff, 0x0, 0x7, 0x0, 0x7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x2, 0x8, 0x0, 0xc}, {0xff, 0x1, 0x0, 0x5, 0x5e1d, 0x8}, 0x9, 0x8, 0x99}}]}}]}, 0x45c}}, 0x8840)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETCARRIER(r4, 0x400454e2, &(0x7f00000002c0))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r7}, 0x10)
r9 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$sock_TIOCINQ(r9, 0x541b, &(0x7f00000001c0))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
r10 = gettid()
ptrace$peekuser(0x3, r10, 0xfff)
r11 = openat$ipvs(0xffffff9c, &(0x7f00000007c0)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0)
ioctl$SNDRV_PCM_IOCTL_LINK(r11, 0x40044160, &(0x7f0000000800)=0xc90)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000240)={r8, r7}, 0x10)

14.578081036s ago: executing program 1 (id=1612):
syz_open_dev$hiddev(&(0x7f00000001c0), 0x6, 0x400002) (async)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x1ffffe}) (async, rerun: 32)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.memory_pressure\x00', 0x275a, 0x0) (rerun: 32)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) (async)
mq_getsetattr(0xffffffffffffffff, &(0x7f0000000140)={0xffff8000, 0x9, 0x1, 0x200080}, 0x0) (async)
syz_emit_ethernet(0xbe, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa0800450000b00000000004119078ac1414ffac14140000000000009c90780100000000000000d8faebab25c9440f1e0b429560dea05fcfa134c5d14c6876b9fe886328060189b9c9d245a4ecddff7080bb17115c263928f3d2700740b11bf4257abb0000000085024cd3ef420000000000000000007af3756acdedd1857ba2429edec68ec07113ef939e2683eb956c3100e311f95152ce9fab74b351abd67a3e95f543716814ec6972513600000000000000"], 0x0) (async)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0) (async, rerun: 32)
r2 = socket$can_raw(0x1d, 0x3, 0x1) (rerun: 32)
syz_genetlink_get_family_id$devlink(&(0x7f0000000d40), r2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) (async, rerun: 64)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) (async, rerun: 64)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x490267a0}, 0x1c) (async, rerun: 64)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='4'], 0x34}, 0x1, 0x0, 0x0, 0x200040c1}, 0x8004) (async, rerun: 64)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r5, 0x0)
sendto$inet6(r0, &(0x7f0000000440)="a6e2976b345c4383035f07778e2e144d8645ca8d1b230e105614396838da83c767887e7bea2f35d481ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42094b5b607fc70344c73cda61718e809915d6c8a9207fb21e718080907964669be53eefbe3e98687ee059853000000000000000000000000000066ddb126d5b9bdbca3efaf58ae32a583d5ac05a5580201a620a98871ad489082e6cd17bccf62f5219607929ba336bb6662b40269ad09667703daac4429dde95bfaafbc1fbcd166e2d04039e16baf0e11c73fe3d74505a66eecbaa16a35c420c3d5dba961b35edae858c1bcb19d6c49acd87e6532e5a4fe7f044cefb2e68d38246161d32ec4fff3a556f396323df7860b395ac8c359bab7cb2ba179f4a3bebf8fa9", 0x159, 0x4040000, 0x0, 0x0) (async, rerun: 32)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x40) (async, rerun: 32)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) (async)
fsopen(&(0x7f0000000040)='tracefs\x00', 0x1) (async)
ioctl$TCSETAF(r1, 0x5408, &(0x7f00000000c0)={0x49e2, 0x0, 0x0, 0xbfef, 0x1, "ec28a144f13d7607"}) (async)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x3, "0062ba7d820000a75e0000000000fcff00"})

14.46003993s ago: executing program 1 (id=1613):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x800, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720a00fef8ffffff71a4f1ff0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x1, 0x0, 0x0, 0x0)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x6)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x10)
write$tun(r4, &(0x7f0000000600)=ANY=[@ANYBLOB="0107ffff0900fffe0cff4517c53d006800000a1190f8ac1414bbe0000002189078040000d526d08d7bff01100000000000ef"], 0x36)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x30, 0x1, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x1f}}, 0x3c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000280)={@empty, 0x6, 0x0, 0x0, 0x5, 0x8, 0x7aec}, 0x20)

14.459733097s ago: executing program 0 (id=1614):
memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x840000000002, 0x3, 0xff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r0, 0x0, r2, 0x0, 0x88000cc, 0x0)
fcntl$setpipe(r1, 0x407, 0x100004)
write$eventfd(r1, &(0x7f0000000240), 0xffffff14)

13.510825431s ago: executing program 1 (id=1615):
r0 = semget(0x1, 0x1, 0x789)
semctl$SETALL(r0, 0x0, 0x11, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)
getegid()

13.410616119s ago: executing program 1 (id=1616):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x110)
mount$9p_virtio(0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76"])
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r4, &(0x7f0000000000), 0x8)

13.190245237s ago: executing program 0 (id=1617):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0xc92)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x140}}, 0x8004884)
r3 = socket$igmp6(0xa, 0x3, 0x2)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23, 0x9, @local, 0x5}, 0x1c)

12.969322467s ago: executing program 0 (id=1618):
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040f0400001904"], 0x7)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet_udp(0x2, 0x2, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000010000", @ANYRES32, @ANYBLOB="0000000000009b1c3d3059000900000000576349fa61", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x34)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
r2 = syz_open_dev$loop(&(0x7f0000000380), 0x75f, 0x800)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, 0xffffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, 0x0, 0x0)
r4 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f00000000c0)=0x3)

12.120375597s ago: executing program 1 (id=1619):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=@newtaction={0x6f8, 0x30, 0x2, 0x0, 0x25dfdbfb, {}, [{0x6e4, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}, @m_mirred={0x1d8, 0x1c, 0x0, 0x0, {{0xb}, {0xe4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x1000, 0x7, 0x6, 0x4}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x7ff, 0x7, 0x20000000, 0xa8b, 0xff}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x7, 0x2, 0xa, 0xa}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0xc2d8, 0x20000000, 0x8, 0x3}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1000, 0xcce, 0x5, 0xec9, 0x54}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xb, 0x5, 0x7, 0x10, 0x2}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x9, 0xffffffffffffffff, 0x8, 0x7a1}, 0x1}}]}, {0xc9, 0x6, "7ccba2f06e3efe0af8bd7db59146f318b7d480bef3c7e269ec01a655400ca42f23e808d303cee6d1e56c28eed4fb74681f948fdedb228fc7f324e7d5b5370ebc1203c164c2b4fcc77abff345f039ccbbbd256a48014907103aed176dc7ee81012ba8c632f6fb781a97557f551cd2b111c06dc50afc1de7348ec40c9a0d2551805e1a3d819b1a4ea6918b240488b6fdeb042d2e2cd5b2846940666320e247d7be567e1e705d12ddbd292aed060ccfcaa3cabf4205a847ab5c93723e20ad5169ad256b7c773f"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_skbedit={0xe4, 0x1b, 0x0, 0x0, {{0xc}, {0x44, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x1ff, 0x6, 0x0, 0xffffffff, 0x10001}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x4}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xfffffffb, 0xfffffffa, 0xffffffffffffffff, 0x7, 0xe}}]}, {0x75, 0x6, "57bd2ad2025cb7fa609f427c6be68f56bdbcb1dbd226b015fbdcfa6f340ce8747e9e01bf85a4e177728f349c9b171d933523e0a37c1d857b972c0fb73b0183cbfd7be932b36f2d6a65d25d71cc7649ce3f5085f43ba4ed068193b7583a92ce0cdef2222d34aac0f67b9103e9a9ba0de923"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_csum={0xa4, 0x1a, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x8, 0x9, 0x10000000, 0x7f, 0x2}, 0x6a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x3, 0x100, 0x7, 0x8000, 0x668}, 0xa}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x6, 0x5, 0xffffffffffffffff, 0xff, 0x4}, 0x43}}]}, {0x21, 0x6, "6cc0983af45798456a58a69b17293f4827273d4670bc54d3885ea14910"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_mpls={0x60, 0x11, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_MPLS_TTL={0x5, 0x7, 0x6}, @TCA_MPLS_LABEL={0x8, 0x5, 0x98eb9}, @TCA_MPLS_TC={0x5, 0x6, 0x2}]}, {0x19, 0x6, "21b67d81796be302d009ca01c351a0a7f72407c071"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_vlan={0x6c, 0x11, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x4, 0x2, 0x3, 0x9, 0x93}, 0x1}}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0x1a, 0x6, "e56d46f6775af8bac8713dd8bec211d91d9a71455be8"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_bpf={0x120, 0x9, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x2}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x4571, 0x7fff, 0x5, 0xf, 0x2}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x248, 0x0, 0x5, 0x4, 0xba8}}, @TCA_ACT_BPF_OPS_LEN={0x6}]}, {0xa1, 0x6, "682d2f9c9acb82cf47465d12bdaa07adddf10bb0342b4bae42f08149fd4307976898f3da71d77c6d5c591f4f7fc6edf1ae64486315bd85c5f8834345aefa414ae74f37451f2ab9524d0312e065d292f032d8fc1e8d66fccb140d76af56f29f08f5c027e8e8923a7e4352c4e9b28c7101eae2da408016f964ba0478d17416f25d9c077e3659338bdbb1b484db6e125a09e2bbe14872936318dd2a82b22e"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_connmark={0x14c, 0x12, 0x0, 0x0, {{0xd}, {0x100, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x130, 0x1da, 0xffffffffffffffff, 0x6, 0x6}, 0xfff}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9, 0x7, 0xffffffffffffffff, 0x6, 0x1}, 0x2a}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7f, 0x6, 0x1, 0x4, 0x20000000}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xffffffff, 0x5, 0x2, 0x5, 0x9}, 0x7}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x6, 0x7f, 0x9}, 0x64}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9, 0x9, 0xffffffffffffffff, 0x3, 0x3}, 0xa}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x1, 0x10000000, 0x3, 0x1}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0x16a640e2, 0xffffffffffffffff, 0xb, 0x7}, 0x3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x6b5, 0x5, 0x2, 0x82d, 0x100}, 0xd}}]}, {0x1f, 0x6, "e296cdf50f12865111b3dad3bd04e36c3c8a38e1164b5288d33a9a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x6f8}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/15, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0xc8080)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000000)=0x639)
readv(r5, &(0x7f0000000180)=[{&(0x7f0000000200)=""/147, 0x48}, {0x0, 0x2}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)

1.241863ms ago: executing program 0 (id=1620):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, 0x0, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x121d, &(0x7f0000000480)={0x0, 0xfffffffd, 0x80, 0x3, 0x34e}, &(0x7f0000000980)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
ioctl$CDROMVOLREAD(0xffffffffffffffff, 0x5313, &(0x7f00000001c0))
socket(0x2a, 0x2, 0xfffffffe)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x5c, 0x0, 0x0, 0x0, 0x23457})
io_uring_enter(r2, 0x47bc, 0xa8be, 0x104000, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)

0s ago: executing program 0 (id=1621):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$I2C(0x0, 0x1, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo\x00')
getdents(r1, &(0x7f0000000040)=""/227, 0xe3) (fail_nth: 7)

kernel console output (not intermixed with test programs):

ing 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.382003][ T5979] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.386171][ T5979] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  276.388964][ T5979] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.394088][ T5979] usb 7-1: config 0 descriptor??
[  276.615345][ T5979] savu 0003:1E7D:2D5A.0006: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  276.802227][    T9] usb 7-1: USB disconnect, device number 6
[  277.383916][   T67] Bluetooth: hci2: command 0x1003 tx timeout
[  277.386524][ T5952] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  277.737128][T10451] FAULT_INJECTION: forcing a failure.
[  277.737128][T10451] name failslab, interval 1, probability 0, space 0, times 0
[  277.741773][T10451] CPU: 0 UID: 0 PID: 10451 Comm: syz.4.1128 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  277.741789][T10451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  277.741796][T10451] Call Trace:
[  277.741800][T10451]  <TASK>
[  277.741804][T10451]  dump_stack_lvl+0x16c/0x1f0
[  277.741824][T10451]  should_fail_ex+0x512/0x640
[  277.741840][T10451]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  277.741852][T10451]  should_failslab+0xc2/0x120
[  277.741866][T10451]  __kmalloc_cache_noprof+0x6a/0x3e0
[  277.741877][T10451]  ? rcu_is_watching+0x12/0xc0
[  277.741887][T10451]  ? assoc_array_delete+0xff/0xd10
[  277.741899][T10451]  assoc_array_delete+0xff/0xd10
[  277.741909][T10451]  ? __key_move_lock+0x122/0x150
[  277.741928][T10451]  ? __pfx_assoc_array_delete+0x10/0x10
[  277.741941][T10451]  ? down_write_nested+0x151/0x210
[  277.741964][T10451]  key_move+0xda/0x6a0
[  277.741973][T10451]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  277.741987][T10451]  ? __pfx_key_move+0x10/0x10
[  277.741995][T10451]  ? __pfx_keyring_search_iterator+0x10/0x10
[  277.742013][T10451]  ? fput+0x70/0xf0
[  277.742028][T10451]  keyctl_keyring_move+0xed/0x150
[  277.742040][T10451]  __ia32_compat_sys_keyctl+0x24d/0x540
[  277.742057][T10451]  __do_fast_syscall_32+0x73/0x120
[  277.742074][T10451]  do_fast_syscall_32+0x32/0x80
[  277.742090][T10451]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.742103][T10451] RIP: 0023:0xf711e579
[  277.742112][T10451] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  277.742122][T10451] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[  277.742132][T10451] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00000000067fbc2e
[  277.742138][T10451] RDX: 00000000fffffffe RSI: 00000000067fbc2e RDI: 0000000000000000
[  277.742144][T10451] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  277.742153][T10451] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  277.742159][T10451] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  277.742173][T10451]  </TASK>
[  279.329165][T10482] overlayfs: missing 'lowerdir'
[  279.695380][ T5939] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  280.011235][T10477] kexec: Could not allocate control_code_buffer
[  280.469301][ T5939] usb 5-1: no configurations
[  280.470664][ T5939] usb 5-1: can't read configurations, error -22
[  281.324255][ T5939] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  281.475024][ T5939] usb 5-1: no configurations
[  281.476911][ T5939] usb 5-1: can't read configurations, error -22
[  281.479725][ T5939] usb usb5-port1: attempt power cycle
[  281.814107][ T5939] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  281.845018][ T5939] usb 5-1: no configurations
[  281.846583][ T5939] usb 5-1: can't read configurations, error -22
[  281.973942][ T5939] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  281.995464][ T5939] usb 5-1: no configurations
[  281.996983][ T5939] usb 5-1: can't read configurations, error -22
[  281.999329][ T5939] usb usb5-port1: unable to enumerate USB device
[  283.093571][T10525] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1147'.
[  283.538061][T10543] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1153'.
[  283.576026][T10545] bridge_slave_0: left allmulticast mode
[  283.577959][T10545] bridge_slave_0: left promiscuous mode
[  283.581117][T10545] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.590415][T10545] bridge_slave_1: left allmulticast mode
[  283.592307][T10545] bridge_slave_1: left promiscuous mode
[  283.594388][T10545] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.599531][T10545] bond0: (slave bond_slave_0): Releasing backup interface
[  283.605563][T10545] bond0: (slave bond_slave_1): Releasing backup interface
[  283.620364][T10545] team0: Port device team_slave_0 removed
[  283.628767][T10545] team0: Port device team_slave_1 removed
[  283.630983][T10545] batman_adv: batadv0: Removing interface: batadv_slave_0
[  283.635708][T10545] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  283.638125][T10545] batman_adv: batadv0: Removing interface: batadv_slave_1
[  283.649819][T10545] team0: Port device geneve0 removed
[  283.660801][T10547] team0: Mode changed to "broadcast"
[  283.725106][T10547] vlan0: entered promiscuous mode
[  283.740999][T10547] team0: Port device vlan0 added
[  283.748855][T10547] tipc: Started in network mode
[  283.750650][T10547] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  283.753430][T10547] tipc: Enabled bearer <eth:team0>, priority 0
[  283.910639][T10549] FAULT_INJECTION: forcing a failure.
[  283.910639][T10549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.915144][T10549] CPU: 1 UID: 0 PID: 10549 Comm: syz.2.1155 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  283.915168][T10549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  283.915178][T10549] Call Trace:
[  283.915185][T10549]  <TASK>
[  283.915192][T10549]  dump_stack_lvl+0x16c/0x1f0
[  283.915220][T10549]  should_fail_ex+0x512/0x640
[  283.915251][T10549]  _copy_from_user+0x2e/0xd0
[  283.915278][T10549]  get_compat_msghdr+0xa7/0x170
[  283.915300][T10549]  ? __pfx_get_compat_msghdr+0x10/0x10
[  283.915330][T10549]  ___sys_sendmsg+0x1ae/0x1d0
[  283.915354][T10549]  ? __pfx____sys_sendmsg+0x10/0x10
[  283.915407][T10549]  __sys_sendmsg+0x16d/0x220
[  283.915427][T10549]  ? __pfx___sys_sendmsg+0x10/0x10
[  283.915457][T10549]  ? rcu_is_watching+0x12/0xc0
[  283.915476][T10549]  __do_fast_syscall_32+0x73/0x120
[  283.915500][T10549]  do_fast_syscall_32+0x32/0x80
[  283.915524][T10549]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  283.915544][T10549] RIP: 0023:0xf7f78579
[  283.915558][T10549] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  283.915574][T10549] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  283.915591][T10549] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000440
[  283.915601][T10549] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  283.915611][T10549] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  283.915621][T10549] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  283.915631][T10549] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  283.915654][T10549]  </TASK>
[  284.745182][ T5998] tipc: Node number set to 11578026
[  285.309932][ T8784] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.378465][ T8784] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.436683][ T8784] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.453261][   T67] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  285.457588][   T67] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  285.462054][   T67] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  285.469376][   T67] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  285.472437][   T67] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  285.520272][ T8784] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.661682][ T8784] vlan2: left allmulticast mode
[  285.663174][ T8784] bond0: left allmulticast mode
[  285.664703][ T8784] bond_slave_0: left allmulticast mode
[  285.666344][ T8784] bond_slave_1: left allmulticast mode
[  285.667873][ T8784] mac80211_hwsim hwsim11 wlan1: left allmulticast mode
[  285.671890][ T8784] vlan2: left promiscuous mode
[  285.673320][ T8784] bond0: left promiscuous mode
[  285.675883][ T8784] bond_slave_0: left promiscuous mode
[  285.677571][ T8784] bond_slave_1: left promiscuous mode
[  285.679200][ T8784] mac80211_hwsim hwsim11 wlan1: left promiscuous mode
[  285.683570][ T8784] bridge0: port 3(vlan2) entered disabled state
[  285.690148][ T8784] bridge_slave_1: left allmulticast mode
[  285.692686][ T8784] bridge_slave_1: left promiscuous mode
[  285.695741][ T8784] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.699742][ T8784] bridge_slave_0: left allmulticast mode
[  285.701792][ T8784] bridge_slave_0: left promiscuous mode
[  285.703672][ T8784] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.040294][T10600] tmpfs: Unknown parameter 'usrqÇ©²®9uota_block_hardlimi'
[  286.047807][ T8784] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  286.064365][ T8784] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  286.070165][ T8784] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  286.077822][ T8784] bond0 (unregistering): Released all slaves
[  286.094313][T10582] chnl_net:caif_netlink_parms(): no params data found
[  286.171647][ T8784] : left promiscuous mode
[  286.266696][T10582] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.268990][T10582] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.271305][T10582] bridge_slave_0: entered allmulticast mode
[  286.274210][T10582] bridge_slave_0: entered promiscuous mode
[  286.277520][T10582] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.279908][T10582] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.282616][T10582] bridge_slave_1: entered allmulticast mode
[  286.286668][T10582] bridge_slave_1: entered promiscuous mode
[  286.350889][T10582] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  286.373738][T10582] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  286.419734][T10582] team0: Port device team_slave_0 added
[  286.422511][T10620] FAULT_INJECTION: forcing a failure.
[  286.422511][T10620] name failslab, interval 1, probability 0, space 0, times 0
[  286.423146][T10582] team0: Port device team_slave_1 added
[  286.426632][T10620] CPU: 3 UID: 0 PID: 10620 Comm: syz.0.1174 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  286.426648][T10620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.426654][T10620] Call Trace:
[  286.426659][T10620]  <TASK>
[  286.426663][T10620]  dump_stack_lvl+0x16c/0x1f0
[  286.426682][T10620]  should_fail_ex+0x512/0x640
[  286.426700][T10620]  ? fs_reclaim_acquire+0xae/0x150
[  286.426718][T10620]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  286.426733][T10620]  should_failslab+0xc2/0x120
[  286.426747][T10620]  __kmalloc_noprof+0xd2/0x510
[  286.426764][T10620]  tomoyo_realpath_from_path+0xc2/0x6e0
[  286.426781][T10620]  ? tomoyo_profile+0x47/0x60
[  286.426792][T10620]  tomoyo_path_number_perm+0x245/0x580
[  286.426804][T10620]  ? tomoyo_path_number_perm+0x237/0x580
[  286.426818][T10620]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  286.426866][T10620]  ? find_held_lock+0x2b/0x80
[  286.426879][T10620]  ? hook_file_ioctl_common+0x145/0x410
[  286.426892][T10620]  ? __fget_files+0x204/0x3c0
[  286.426904][T10620]  ? __fget_files+0x20e/0x3c0
[  286.426912][T10620]  ? fput+0x50/0xf0
[  286.426927][T10620]  security_file_ioctl_compat+0x9b/0x240
[  286.426946][T10620]  __ia32_compat_sys_ioctl+0xc3/0x360
[  286.426964][T10620]  __do_fast_syscall_32+0x73/0x120
[  286.426981][T10620]  do_fast_syscall_32+0x32/0x80
[  286.426997][T10620]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.427011][T10620] RIP: 0023:0xf7fb1579
[  286.427020][T10620] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  286.427030][T10620] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  286.427040][T10620] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040082104
[  286.427046][T10620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  286.427052][T10620] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  286.427058][T10620] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  286.427064][T10620] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  286.427078][T10620]  </TASK>
[  286.427596][T10620] ERROR: Out of memory at tomoyo_realpath_from_path.
[  286.550990][T10582] batman_adv: batadv0: Adding interface: batadv_slave_0
[  286.553204][T10582] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.561481][T10582] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  286.569214][ T8784] hsr_slave_0: left promiscuous mode
[  286.571367][ T8784] hsr_slave_1: left promiscuous mode
[  286.573395][ T8784] batman_adv: batadv0: Removing interface: batadv_slave_0
[  286.577358][ T8784] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  286.579704][ T8784] batman_adv: batadv0: Removing interface: batadv_slave_1
[  286.686415][ T8784] veth1_macvtap: left promiscuous mode
[  286.688125][ T8784] veth0_macvtap: left promiscuous mode
[  286.689889][ T8784] veth1_vlan: left promiscuous mode
[  286.691578][ T8784] veth0_vlan: left promiscuous mode
[  287.397166][ T8784] team0 (unregistering): Port device team_slave_1 removed
[  287.467134][ T8784] team0 (unregistering): Port device team_slave_0 removed
[  287.545342][   T67] Bluetooth: hci2: command tx timeout
[  288.013184][T10582] batman_adv: batadv0: Adding interface: batadv_slave_1
[  288.015921][T10582] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.023965][T10582] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  288.125764][T10582] hsr_slave_0: entered promiscuous mode
[  288.128711][T10582] hsr_slave_1: entered promiscuous mode
[  288.131646][T10582] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  288.138102][T10582] Cannot create hsr debugfs directory
[  288.888652][T10582] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  288.899779][T10582] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  288.906924][T10582] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  288.916182][T10582] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  288.995337][T10582] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.030867][T10582] 8021q: adding VLAN 0 to HW filter on device team0
[  289.040538][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.042878][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.053354][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.056484][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.085625][T10582] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  289.200330][T10582] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.350566][T10582] veth0_vlan: entered promiscuous mode
[  289.357794][T10582] veth1_vlan: entered promiscuous mode
[  289.378949][T10582] veth0_macvtap: entered promiscuous mode
[  289.385073][T10582] veth1_macvtap: entered promiscuous mode
[  289.399315][T10582] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.410571][T10582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.415309][T10582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.419112][T10582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.422836][T10582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.428871][T10582] batman_adv: batadv0: Interface activated: batadv_slave_1
[  289.451901][T10582] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  289.458942][T10582] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.464077][T10582] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.468966][T10582] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.531820][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.535893][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.549270][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.551719][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.624116][ T5952] Bluetooth: hci2: command tx timeout
[  290.375095][T10748] random: crng reseeded on system resumption
[  291.318596][   T40] audit: type=1326 audit(1747289104.561:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.326521][   T40] audit: type=1326 audit(1747289104.561:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.333258][   T40] audit: type=1326 audit(1747289104.571:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.340156][   T40] audit: type=1326 audit(1747289104.571:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.348594][   T40] audit: type=1326 audit(1747289104.571:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.355459][   T40] audit: type=1326 audit(1747289104.571:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.362841][   T40] audit: type=1326 audit(1747289104.571:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.371827][   T40] audit: type=1326 audit(1747289104.571:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.380775][   T40] audit: type=1326 audit(1747289104.571:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=180 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.389736][   T40] audit: type=1326 audit(1747289104.571:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10767 comm="syz.0.1201" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  291.893961][   T65] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  292.032013][T10777] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1205'.
[  292.044023][   T65] usb 5-1: Using ep0 maxpacket: 16
[  292.048107][   T65] usb 5-1: config 1 has too many interfaces: 172, using maximum allowed: 32
[  292.051526][   T65] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  292.054827][   T65] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 172
[  292.058856][   T65] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0005, bcdDevice=8e.8f
[  292.061751][   T65] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  292.064361][   T65] usb 5-1: Product: syz
[  292.065716][   T65] usb 5-1: SerialNumber: syz
[  292.845595][T10794] loop6: detected capacity change from 0 to 63
[  292.852229][T10419] Buffer I/O error on dev loop6, logical block 0, async page read
[  292.857062][T10794] Buffer I/O error on dev loop6, logical block 0, async page read
[  292.861928][T10794] Buffer I/O error on dev loop6, logical block 0, async page read
[  292.868502][T10419] Buffer I/O error on dev loop6, logical block 0, async page read
[  292.874170][T10794] Buffer I/O error on dev loop6, logical block 1, async page read
[  292.874824][T10419] Buffer I/O error on dev loop6, logical block 0, async page read
[  292.876789][T10794] Buffer I/O error on dev loop6, logical block 1, async page read
[  292.880353][T10419] Buffer I/O error on dev loop6, logical block 0, async page read
[  292.886794][T10794] Buffer I/O error on dev loop6, logical block 0, async page read
[  292.889749][T10794] Buffer I/O error on dev loop6, logical block 0, async page read
[  294.504041][   T24] usb 5-1: USB disconnect, device number 10
[  294.553406][T10826] FAULT_INJECTION: forcing a failure.
[  294.553406][T10826] name failslab, interval 1, probability 0, space 0, times 0
[  294.559203][T10826] CPU: 2 UID: 0 PID: 10826 Comm: syz.0.1217 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  294.559219][T10826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  294.559225][T10826] Call Trace:
[  294.559229][T10826]  <TASK>
[  294.559233][T10826]  dump_stack_lvl+0x16c/0x1f0
[  294.559253][T10826]  should_fail_ex+0x512/0x640
[  294.559269][T10826]  ? __kmalloc_noprof+0xbf/0x510
[  294.559282][T10826]  ? sock_kmalloc+0x111/0x170
[  294.559296][T10826]  should_failslab+0xc2/0x120
[  294.559310][T10826]  __kmalloc_noprof+0xd2/0x510
[  294.559342][T10826]  ? __might_fault+0xe3/0x190
[  294.559357][T10826]  ? __might_fault+0xe3/0x190
[  294.559371][T10826]  sock_kmalloc+0x111/0x170
[  294.559387][T10826]  cmsghdr_from_user_compat_to_kern+0x5f8/0x7d0
[  294.559404][T10826]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  294.559417][T10826]  ? __import_iovec+0x1c8/0x660
[  294.559427][T10826]  ? __might_fault+0xe3/0x190
[  294.559438][T10826]  ? __might_fault+0x13b/0x190
[  294.559451][T10826]  ____sys_sendmsg+0x488/0xc70
[  294.559469][T10826]  ? __pfx_____sys_sendmsg+0x10/0x10
[  294.559484][T10826]  ? get_compat_msghdr+0x11a/0x170
[  294.559497][T10826]  ? __pfx__kstrtoull+0x10/0x10
[  294.559513][T10826]  ___sys_sendmsg+0x134/0x1d0
[  294.559526][T10826]  ? __pfx____sys_sendmsg+0x10/0x10
[  294.559546][T10826]  ? find_held_lock+0x2b/0x80
[  294.559567][T10826]  __sys_sendmmsg+0x2f9/0x420
[  294.559581][T10826]  ? __pfx___sys_sendmmsg+0x10/0x10
[  294.559598][T10826]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  294.559620][T10826]  ? fput+0x70/0xf0
[  294.559633][T10826]  ? ksys_write+0x1b9/0x240
[  294.559643][T10826]  ? __pfx_ksys_write+0x10/0x10
[  294.559656][T10826]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  294.559668][T10826]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  294.559684][T10826]  __do_fast_syscall_32+0x73/0x120
[  294.559702][T10826]  do_fast_syscall_32+0x32/0x80
[  294.559718][T10826]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  294.559731][T10826] RIP: 0023:0xf7fb1579
[  294.559739][T10826] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  294.559749][T10826] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  294.559759][T10826] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080004c00
[  294.559766][T10826] RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000000
[  294.559772][T10826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  294.559777][T10826] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  294.559783][T10826] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  294.559796][T10826]  </TASK>
[  295.052432][T10847] sctp: [Deprecated]: syz.0.1224 (pid 10847) Use of struct sctp_assoc_value in delayed_ack socket option.
[  295.052432][T10847] Use struct sctp_sack_info instead
[  295.880769][T10873] FAULT_INJECTION: forcing a failure.
[  295.880769][T10873] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.884988][T10873] CPU: 2 UID: 0 PID: 10873 Comm: syz.1.1232 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  295.885003][T10873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.885010][T10873] Call Trace:
[  295.885014][T10873]  <TASK>
[  295.885028][T10873]  dump_stack_lvl+0x16c/0x1f0
[  295.885049][T10873]  should_fail_ex+0x512/0x640
[  295.885067][T10873]  _copy_from_user+0x2e/0xd0
[  295.885084][T10873]  get_compat_msghdr+0xa7/0x170
[  295.885097][T10873]  ? __pfx_get_compat_msghdr+0x10/0x10
[  295.885110][T10873]  ? __pfx__kstrtoull+0x10/0x10
[  295.885125][T10873]  ___sys_sendmsg+0x1ae/0x1d0
[  295.885139][T10873]  ? __pfx____sys_sendmsg+0x10/0x10
[  295.885159][T10873]  ? find_held_lock+0x2b/0x80
[  295.885180][T10873]  __sys_sendmmsg+0x2f9/0x420
[  295.885195][T10873]  ? __pfx___sys_sendmmsg+0x10/0x10
[  295.885212][T10873]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  295.885235][T10873]  ? fput+0x70/0xf0
[  295.885248][T10873]  ? ksys_write+0x1b9/0x240
[  295.885258][T10873]  ? __pfx_ksys_write+0x10/0x10
[  295.885270][T10873]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  295.885284][T10873]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  295.885300][T10873]  __do_fast_syscall_32+0x73/0x120
[  295.885317][T10873]  do_fast_syscall_32+0x32/0x80
[  295.885333][T10873]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  295.885346][T10873] RIP: 0023:0xf707e579
[  295.885354][T10873] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  295.885365][T10873] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  295.885374][T10873] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001240
[  295.885380][T10873] RDX: 0000000000000001 RSI: 0000000004000001 RDI: 0000000000000000
[  295.885387][T10873] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  295.885392][T10873] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  295.885398][T10873] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  295.885411][T10873]  </TASK>
[  296.092535][T10880] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  296.407727][T10887] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1237'.
[  297.440606][T10909] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1243'.
[  297.528684][T10419] udevd[10419]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  297.783203][T10922] netlink: 161716 bytes leftover after parsing attributes in process `syz.1.1246'.
[  297.786413][T10922] netlink: zone id is out of range
[  297.795789][T10922] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1246'.
[  299.536313][T10952] ALSA: mixer_oss: invalid index 40000
[  299.538162][T10952] ALSA: mixer_oss: invalid OSS volume ''
[  299.672974][T10955] block device autoloading is deprecated and will be removed.
[  300.423168][T10967] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1256'.
[  300.454631][T10967] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.471491][T10967] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.473949][T10967] bond0: (slave wireguard0): The slave device specified does not support setting the MAC address
[  300.479698][T10967] bond0: (slave wireguard0): Error -95 calling set_mac_address
[  300.734561][ T1143] bond0 (unregistering): Released all slaves
[  303.388494][T11042] FAULT_INJECTION: forcing a failure.
[  303.388494][T11042] name failslab, interval 1, probability 0, space 0, times 0
[  303.393166][T11042] CPU: 2 UID: 0 PID: 11042 Comm: syz.0.1273 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  303.393181][T11042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  303.393187][T11042] Call Trace:
[  303.393192][T11042]  <TASK>
[  303.393197][T11042]  dump_stack_lvl+0x16c/0x1f0
[  303.393216][T11042]  should_fail_ex+0x512/0x640
[  303.393232][T11042]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  303.393244][T11042]  should_failslab+0xc2/0x120
[  303.393258][T11042]  __kmalloc_cache_noprof+0x6a/0x3e0
[  303.393268][T11042]  ? snd_pcm_oss_change_params_locked+0x1db/0x3b40
[  303.393289][T11042]  snd_pcm_oss_change_params_locked+0x1db/0x3b40
[  303.393319][T11042]  ? rcu_is_watching+0x12/0xc0
[  303.393331][T11042]  ? __mutex_lock+0x1ca/0xb90
[  303.393348][T11042]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  303.393366][T11042]  ? __pfx___mutex_lock+0x10/0x10
[  303.393380][T11042]  ? __lock_acquire+0xaa4/0x1ba0
[  303.393403][T11042]  snd_pcm_oss_make_ready+0xe6/0x1b0
[  303.393420][T11042]  snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0
[  303.393437][T11042]  ? lockdep_hardirqs_on+0x7c/0x110
[  303.393453][T11042]  snd_pcm_oss_poll+0x549/0xaf0
[  303.393468][T11042]  ? __pfx___pollwait+0x10/0x10
[  303.393485][T11042]  ? __pfx_snd_pcm_oss_poll+0x10/0x10
[  303.393500][T11042]  ? __fget_files+0x20e/0x3c0
[  303.393513][T11042]  ? __pfx_snd_pcm_oss_poll+0x10/0x10
[  303.393528][T11042]  do_select+0xd6a/0x17d0
[  303.393556][T11042]  ? __pfx_do_select+0x10/0x10
[  303.393571][T11042]  ? rcu_is_watching+0x12/0xc0
[  303.393580][T11042]  ? trace_mm_page_alloc+0x11f/0x1a0
[  303.393595][T11042]  ? __pfx___pollwait+0x10/0x10
[  303.393613][T11042]  ? __pfx_pollwake+0x10/0x10
[  303.393630][T11042]  ? __pfx_pollwake+0x10/0x10
[  303.393646][T11042]  ? __pfx_pollwake+0x10/0x10
[  303.393663][T11042]  ? __pfx_pollwake+0x10/0x10
[  303.393680][T11042]  ? __pfx_pollwake+0x10/0x10
[  303.393700][T11042]  ? __pfx_pollwake+0x10/0x10
[  303.393717][T11042]  ? __pfx_pollwake+0x10/0x10
[  303.393735][T11042]  ? __pfx_pollwake+0x10/0x10
[  303.393767][T11042]  ? find_held_lock+0x2b/0x80
[  303.393785][T11042]  ? compat_core_sys_select+0x685/0x880
[  303.393820][T11042]  compat_core_sys_select+0x685/0x880
[  303.393844][T11042]  ? __pfx_compat_core_sys_select+0x10/0x10
[  303.393864][T11042]  ? proc_fail_nth_write+0x9f/0x250
[  303.393891][T11042]  ? set_compat_user_sigmask+0x213/0x2a0
[  303.393903][T11042]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  303.393918][T11042]  __ia32_compat_sys_pselect6_time32+0x2d1/0x390
[  303.393931][T11042]  ? __pfx___ia32_compat_sys_pselect6_time32+0x10/0x10
[  303.393941][T11042]  ? fput+0x70/0xf0
[  303.393954][T11042]  ? ksys_write+0x1b9/0x240
[  303.393964][T11042]  ? __pfx_ksys_write+0x10/0x10
[  303.393975][T11042]  ? rcu_is_watching+0x12/0xc0
[  303.393987][T11042]  __do_fast_syscall_32+0x73/0x120
[  303.394004][T11042]  do_fast_syscall_32+0x32/0x80
[  303.394020][T11042]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  303.394033][T11042] RIP: 0023:0xf7fb1579
[  303.394042][T11042] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  303.394052][T11042] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000134
[  303.394062][T11042] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 00000000800001c0
[  303.394069][T11042] RDX: 0000000000000000 RSI: 00000000800002c0 RDI: 0000000000000000
[  303.394074][T11042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  303.394081][T11042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  303.394090][T11042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  303.394109][T11042]  </TASK>
[  308.496976][T11144] FAULT_INJECTION: forcing a failure.
[  308.496976][T11144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  308.502458][T11144] CPU: 1 UID: 0 PID: 11144 Comm: syz.1.1298 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  308.502481][T11144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  308.502493][T11144] Call Trace:
[  308.502500][T11144]  <TASK>
[  308.502507][T11144]  dump_stack_lvl+0x16c/0x1f0
[  308.502537][T11144]  should_fail_ex+0x512/0x640
[  308.502567][T11144]  _copy_from_user+0x2e/0xd0
[  308.502596][T11144]  get_compat_msghdr+0xa7/0x170
[  308.502618][T11144]  ? __pfx_get_compat_msghdr+0x10/0x10
[  308.502637][T11144]  ? __pfx__kstrtoull+0x10/0x10
[  308.502662][T11144]  ___sys_sendmsg+0x1ae/0x1d0
[  308.502693][T11144]  ? __pfx____sys_sendmsg+0x10/0x10
[  308.502728][T11144]  ? find_held_lock+0x2b/0x80
[  308.502764][T11144]  __sys_sendmmsg+0x2f9/0x420
[  308.502791][T11144]  ? __pfx___sys_sendmmsg+0x10/0x10
[  308.502820][T11144]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  308.502855][T11144]  ? fput+0x70/0xf0
[  308.502877][T11144]  ? ksys_write+0x1b9/0x240
[  308.502896][T11144]  ? __pfx_ksys_write+0x10/0x10
[  308.502918][T11144]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  308.502939][T11144]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  308.502966][T11144]  __do_fast_syscall_32+0x73/0x120
[  308.502995][T11144]  do_fast_syscall_32+0x32/0x80
[  308.503021][T11144]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  308.503044][T11144] RIP: 0023:0xf707e579
[  308.503058][T11144] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  308.503074][T11144] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  308.503092][T11144] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001240
[  308.503104][T11144] RDX: 0000000000000001 RSI: 0000000004000001 RDI: 0000000000000000
[  308.503114][T11144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  308.503125][T11144] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  308.503135][T11144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  308.503158][T11144]  </TASK>
[  309.849415][T11170] netlink: 'syz.2.1306': attribute type 3 has an invalid length.
[  309.851868][T11170] netlink: 'syz.2.1306': attribute type 1 has an invalid length.
[  309.854483][T11170] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1306'.
[  309.859528][T11170] overlayfs: failed to resolve '/
': -2
[  310.188317][T11180] random: crng reseeded on system resumption
[  310.504667][   T65] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  310.654005][   T65] usb 5-1: Using ep0 maxpacket: 16
[  310.658280][   T65] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  310.660895][   T65] usb 5-1: config 0 has no interface number 0
[  310.662779][   T65] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  310.668023][   T65] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  310.675166][T11184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1310'.
[  310.680297][   T65] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  310.683153][   T65] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  310.685769][   T65] usb 5-1: Product: syz
[  310.687101][   T65] usb 5-1: SerialNumber: syz
[  310.690275][   T65] usb 5-1: config 0 descriptor??
[  310.695680][   T65] cm109 5-1:0.8: invalid payload size 0, expected 4
[  310.698711][   T65] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.8/input/input11
[  311.800075][T11206] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1315'.
[  312.692861][T11221] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  312.694981][T11221] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  312.697561][T11221] vhci_hcd vhci_hcd.0: Device attached
[  312.702779][T11222] vhci_hcd: cannot find a urb of seqnum 9 max seqnum 0
[  312.705819][ T8784] vhci_hcd: stop threads
[  312.707296][ T8784] vhci_hcd: release socket
[  312.708797][ T8784] vhci_hcd: disconnect device
[  313.141426][ T6003] usb 5-1: USB disconnect, device number 11
[  313.141490][    C3] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  313.146392][    C3] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  313.162807][ T6003] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  313.226988][T11228] input: syz0 as /devices/virtual/input/input12
[  313.281886][T11230] FAULT_INJECTION: forcing a failure.
[  313.281886][T11230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.287100][T11230] CPU: 1 UID: 0 PID: 11230 Comm: syz.0.1321 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  313.287122][T11230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  313.287132][T11230] Call Trace:
[  313.287137][T11230]  <TASK>
[  313.287144][T11230]  dump_stack_lvl+0x16c/0x1f0
[  313.287170][T11230]  should_fail_ex+0x512/0x640
[  313.287196][T11230]  _copy_to_user+0x32/0xd0
[  313.287223][T11230]  simple_read_from_buffer+0xcb/0x170
[  313.287247][T11230]  proc_fail_nth_read+0x197/0x270
[  313.287271][T11230]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  313.287296][T11230]  ? rw_verify_area+0xcf/0x680
[  313.287315][T11230]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  313.287337][T11230]  vfs_read+0x1de/0xc70
[  313.287357][T11230]  ? __pfx___mutex_lock+0x10/0x10
[  313.287380][T11230]  ? __pfx_vfs_read+0x10/0x10
[  313.287403][T11230]  ? __fget_files+0x20e/0x3c0
[  313.287426][T11230]  ksys_read+0x12a/0x240
[  313.287438][T11230]  ? __pfx_ksys_read+0x10/0x10
[  313.287460][T11230]  ? rcu_is_watching+0x12/0xc0
[  313.287480][T11230]  __do_fast_syscall_32+0x73/0x120
[  313.287506][T11230]  do_fast_syscall_32+0x32/0x80
[  313.287527][T11230]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  313.287543][T11230] RIP: 0023:0xf7fb1579
[  313.287556][T11230] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  313.287571][T11230] RSP: 002b:00000000f50d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  313.287587][T11230] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50d6620
[  313.287597][T11230] RDX: 000000000000000f RSI: 00000000f7442ff4 RDI: 0000000000000000
[  313.287606][T11230] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  313.287613][T11230] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  313.287619][T11230] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  313.287641][T11230]  </TASK>
[  313.948345][T11238] loop7: detected capacity change from 0 to 16384
[  314.000449][T11241] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  314.033083][T11243] hfs: unable to load iocharset "io#harset"
[  314.658488][T11264] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1328'.
[  315.975961][T11277] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1334'.
[  316.596256][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  316.598871][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  317.194291][T11304] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1340'.
[  317.499576][T11310] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  318.365321][T11322] 9pnet_fd: Insufficient options for proto=fd
[  318.380286][T11322] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  319.310863][T11341] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1350'.
[  319.313942][T11341] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1350'.
[  321.362584][T11390] afs: Unknown parameter 'mask'
[  323.032175][   T40] kauditd_printk_skb: 21 callbacks suppressed
[  323.032191][   T40] audit: type=1326 audit(1747289136.271:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.0.1367" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  323.046258][   T40] audit: type=1326 audit(1747289136.271:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.0.1367" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  323.059707][T11424] FAULT_INJECTION: forcing a failure.
[  323.059707][T11424] name failslab, interval 1, probability 0, space 0, times 0
[  323.064397][T11424] CPU: 2 UID: 0 PID: 11424 Comm: syz.0.1368 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  323.064413][T11424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  323.064419][T11424] Call Trace:
[  323.064423][T11424]  <TASK>
[  323.064427][T11424]  dump_stack_lvl+0x16c/0x1f0
[  323.064447][T11424]  should_fail_ex+0x512/0x640
[  323.064463][T11424]  ? fs_reclaim_acquire+0xae/0x150
[  323.064481][T11424]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  323.064496][T11424]  should_failslab+0xc2/0x120
[  323.064510][T11424]  __kmalloc_noprof+0xd2/0x510
[  323.064526][T11424]  tomoyo_realpath_from_path+0xc2/0x6e0
[  323.064543][T11424]  ? tomoyo_profile+0x47/0x60
[  323.064554][T11424]  tomoyo_path_number_perm+0x245/0x580
[  323.064566][T11424]  ? tomoyo_path_number_perm+0x237/0x580
[  323.064580][T11424]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  323.064608][T11424]  ? find_held_lock+0x2b/0x80
[  323.064619][T11424]  ? hook_file_ioctl_common+0x145/0x410
[  323.064631][T11424]  ? __fget_files+0x204/0x3c0
[  323.064644][T11424]  ? __fget_files+0x20e/0x3c0
[  323.064652][T11424]  ? fput+0x50/0xf0
[  323.064667][T11424]  security_file_ioctl_compat+0x9b/0x240
[  323.064682][T11424]  __ia32_compat_sys_ioctl+0xc3/0x360
[  323.064700][T11424]  __do_fast_syscall_32+0x73/0x120
[  323.064717][T11424]  do_fast_syscall_32+0x32/0x80
[  323.064733][T11424]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  323.064746][T11424] RIP: 0023:0xf7fb1579
[  323.064755][T11424] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  323.064765][T11424] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  323.064775][T11424] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0185500
[  323.064782][T11424] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  323.064788][T11424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  323.064794][T11424] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  323.064799][T11424] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  323.064813][T11424]  </TASK>
[  323.064817][T11424] ERROR: Out of memory at tomoyo_realpath_from_path.
[  324.278517][T11452] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1375'.
[  325.192360][T11474] Invalid ELF header magic: != ELF
[  328.412954][T11527] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1392'.
[  328.416099][T11527] netlink: 'syz.1.1392': attribute type 5 has an invalid length.
[  328.419168][T11527] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1392'.
[  328.437749][T11527] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  328.442769][T11527] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  328.445937][T11527] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  328.448668][T11527] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  328.451805][T11527] geneve3: entered promiscuous mode
[  328.453788][T11527] geneve3: entered allmulticast mode
[  328.935583][ T8785] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.995967][ T8785] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.079732][ T8785] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.187411][ T8785] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.229890][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  329.236145][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  329.242710][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  329.251473][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  329.256998][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  329.498326][ T8785] bridge_slave_1: left allmulticast mode
[  329.500233][ T8785] bridge_slave_1: left promiscuous mode
[  329.502100][ T8785] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.524201][ T8785] bridge_slave_0: left allmulticast mode
[  329.526158][ T8785] bridge_slave_0: left promiscuous mode
[  329.528086][ T8785] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.719839][T11548] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1396'.
[  329.724267][T11548] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1396'.
[  330.315505][ T8785] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  330.320616][ T8785] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  330.324368][ T8785] bond0 (unregistering): Released all slaves
[  330.645407][T11534] chnl_net:caif_netlink_parms(): no params data found
[  330.797834][T11534] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.800171][T11534] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.802570][T11534] bridge_slave_0: entered allmulticast mode
[  330.806845][T11534] bridge_slave_0: entered promiscuous mode
[  330.814504][T11534] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.816735][T11534] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.819179][T11534] bridge_slave_1: entered allmulticast mode
[  330.821890][T11534] bridge_slave_1: entered promiscuous mode
[  330.867661][ T8785] hsr_slave_0: left promiscuous mode
[  330.869774][ T8785] hsr_slave_1: left promiscuous mode
[  330.871819][ T8785] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.875788][ T8785] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.878627][ T8785] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.880966][ T8785] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.901244][ T8785] veth1_macvtap: left promiscuous mode
[  330.903060][ T8785] veth0_macvtap: left promiscuous mode
[  330.913196][ T8785] veth1_vlan: left promiscuous mode
[  330.915885][ T8785] veth0_vlan: left promiscuous mode
[  331.238117][T11592] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1401'.
[  331.314052][   T67] Bluetooth: hci2: command tx timeout
[  331.452370][T11597] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1400'.
[  331.702088][ T8785] team0 (unregistering): Port device team_slave_1 removed
[  331.782828][ T8785] team0 (unregistering): Port device team_slave_0 removed
[  332.297034][T11534] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  332.313934][T11534] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  332.381291][T11534] team0: Port device team_slave_0 added
[  332.390756][T11534] team0: Port device team_slave_1 added
[  332.439819][T11534] batman_adv: batadv0: Adding interface: batadv_slave_0
[  332.442038][T11534] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.450052][T11534] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  332.454267][T11534] batman_adv: batadv0: Adding interface: batadv_slave_1
[  332.456474][T11534] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.464696][T11534] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.511375][T11534] hsr_slave_0: entered promiscuous mode
[  332.513633][T11534] hsr_slave_1: entered promiscuous mode
[  332.516339][T11534] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  332.518745][T11534] Cannot create hsr debugfs directory
[  332.540742][T11616] netlink: zone id is out of range
[  332.542720][T11616] netlink: zone id is out of range
[  332.545337][T11616] netlink: zone id is out of range
[  332.546950][T11616] netlink: zone id is out of range
[  332.548567][T11616] netlink: zone id is out of range
[  332.550153][T11616] netlink: zone id is out of range
[  332.551742][T11616] netlink: zone id is out of range
[  332.553380][T11616] netlink: zone id is out of range
[  332.555095][T11616] netlink: zone id is out of range
[  332.556737][T11616] netlink: zone id is out of range
[  333.138897][T11534] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  333.147110][T11534] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  333.152233][T11534] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  333.156521][T11534] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  333.239346][T11534] 8021q: adding VLAN 0 to HW filter on device bond0
[  333.269009][T11534] 8021q: adding VLAN 0 to HW filter on device team0
[  333.284583][ T8785] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.286800][ T8785] bridge0: port 1(bridge_slave_0) entered forwarding state
[  333.298456][ T8785] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.300716][ T8785] bridge0: port 2(bridge_slave_1) entered forwarding state
[  333.384999][   T67] Bluetooth: hci2: command tx timeout
[  333.472580][T11652] netlink: 'syz.2.1409': attribute type 4 has an invalid length.
[  333.591593][T11534] 8021q: adding VLAN 0 to HW filter on device batadv0
[  333.857182][T11534] veth0_vlan: entered promiscuous mode
[  333.868458][T11534] veth1_vlan: entered promiscuous mode
[  333.902786][T11534] veth0_macvtap: entered promiscuous mode
[  333.914976][T11534] veth1_macvtap: entered promiscuous mode
[  333.942260][T11534] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.957021][T11534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.960496][T11534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.964902][T11534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.968007][T11534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.981730][T11534] batman_adv: batadv0: Interface activated: batadv_slave_1
[  333.992739][T11534] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.003449][T11534] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.007140][T11534] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.009926][T11534] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.081625][ T8785] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.088257][ T8785] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.102055][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.107610][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.510059][T11693] 9pnet_fd: Insufficient options for proto=fd
[  334.641115][T11703] tipc: Resetting bearer <eth:team0>
[  334.760579][T11703] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  334.763501][T11703] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  334.767985][T11703] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  334.770990][T11703] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  334.783174][T11703] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  334.787001][T11703] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  334.789884][T11703] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  334.792773][T11703] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  335.436983][T11722] FAULT_INJECTION: forcing a failure.
[  335.436983][T11722] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.441132][T11722] CPU: 1 UID: 0 PID: 11722 Comm: syz.2.1418 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  335.441148][T11722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  335.441154][T11722] Call Trace:
[  335.441158][T11722]  <TASK>
[  335.441163][T11722]  dump_stack_lvl+0x16c/0x1f0
[  335.441182][T11722]  should_fail_ex+0x512/0x640
[  335.441201][T11722]  _copy_from_user+0x2e/0xd0
[  335.441218][T11722]  copy_mount_options+0x76/0x190
[  335.441233][T11722]  __ia32_sys_mount+0x1ac/0x310
[  335.441245][T11722]  ? __pfx___ia32_sys_mount+0x10/0x10
[  335.441258][T11722]  ? rcu_is_watching+0x12/0xc0
[  335.441270][T11722]  __do_fast_syscall_32+0x73/0x120
[  335.441288][T11722]  do_fast_syscall_32+0x32/0x80
[  335.441304][T11722]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  335.441317][T11722] RIP: 0023:0xf7f78579
[  335.441326][T11722] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  335.441337][T11722] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  335.441347][T11722] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800003c0
[  335.441353][T11722] RDX: 0000000080000b80 RSI: 0000000000000000 RDI: 0000000080000580
[  335.441359][T11722] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  335.441365][T11722] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  335.441371][T11722] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  335.441384][T11722]  </TASK>
[  335.777092][ T8785] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.911271][T11737] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.914017][T11737] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.969717][T11737] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  335.989103][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  335.994192][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  335.997229][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  336.000187][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  336.003114][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  336.037802][T11737] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  336.041450][T11737] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  336.045099][T11737] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  336.048594][T11737] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  336.251265][T11742] chnl_net:caif_netlink_parms(): no params data found
[  336.291602][T11749] overlayfs: failed to resolve './file0/file0': -2
[  336.327793][T11749] overlayfs: overlapping lowerdir path
[  336.385495][T11742] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.387993][T11742] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.390520][T11742] bridge_slave_0: entered allmulticast mode
[  336.393321][T11742] bridge_slave_0: entered promiscuous mode
[  336.397554][T11742] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.400027][T11742] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.402324][T11742] bridge_slave_1: entered allmulticast mode
[  336.406462][T11742] bridge_slave_1: entered promiscuous mode
[  336.446938][T11742] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.451579][T11742] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.487676][T11742] team0: Port device team_slave_0 added
[  336.492982][T11742] team0: Port device team_slave_1 added
[  336.525972][T11742] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.528195][T11742] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.537879][T11742] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  336.542437][T11742] batman_adv: batadv0: Adding interface: batadv_slave_1
[  336.546008][T11742] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.553782][T11742] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  336.592537][T11742] hsr_slave_0: entered promiscuous mode
[  336.595041][T11742] hsr_slave_1: entered promiscuous mode
[  336.597171][T11742] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  336.599550][T11742] Cannot create hsr debugfs directory
[  336.840798][T11763] FAULT_INJECTION: forcing a failure.
[  336.840798][T11763] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.845297][T11763] CPU: 3 UID: 0 PID: 11763 Comm: syz.2.1427 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  336.845312][T11763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  336.845318][T11763] Call Trace:
[  336.845321][T11763]  <TASK>
[  336.845326][T11763]  dump_stack_lvl+0x16c/0x1f0
[  336.845344][T11763]  should_fail_ex+0x512/0x640
[  336.845362][T11763]  _copy_from_user+0x2e/0xd0
[  336.845379][T11763]  get_compat_msghdr+0xa7/0x170
[  336.845393][T11763]  ? __pfx_get_compat_msghdr+0x10/0x10
[  336.845410][T11763]  ___sys_sendmsg+0x1ae/0x1d0
[  336.845424][T11763]  ? __pfx____sys_sendmsg+0x10/0x10
[  336.845454][T11763]  __sys_sendmsg+0x16d/0x220
[  336.845467][T11763]  ? __pfx___sys_sendmsg+0x10/0x10
[  336.845484][T11763]  ? rcu_is_watching+0x12/0xc0
[  336.845496][T11763]  ? rcu_is_watching+0x12/0xc0
[  336.845508][T11763]  __do_fast_syscall_32+0x73/0x120
[  336.845525][T11763]  do_fast_syscall_32+0x32/0x80
[  336.845541][T11763]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  336.845554][T11763] RIP: 0023:0xf7f78579
[  336.845562][T11763] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  336.845572][T11763] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  336.845582][T11763] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  336.845588][T11763] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  336.845594][T11763] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  336.845600][T11763] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  336.845606][T11763] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  336.845619][T11763]  </TASK>
[  336.908329][    C3] vkms_vblank_simulate: vblank timer overrun
[  337.153405][T11774] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1428'.
[  337.156553][T11774] netlink: 'syz.2.1428': attribute type 5 has an invalid length.
[  337.159252][T11774] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1428'.
[  337.172310][T11774] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  337.175723][T11774] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  337.178714][T11774] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  337.181696][T11774] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  337.186285][T11774] geneve2: entered promiscuous mode
[  337.188150][T11774] geneve2: entered allmulticast mode
[  337.577215][ T8785] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.650911][ T8785] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.743398][ T8785] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.873721][ T8785] bridge_slave_1: left allmulticast mode
[  337.876389][ T8785] bridge_slave_1: left promiscuous mode
[  337.879532][ T8785] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.883719][ T8785] bridge_slave_0: left allmulticast mode
[  337.887027][ T8785] bridge_slave_0: left promiscuous mode
[  337.890676][ T8785] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.024130][   T67] Bluetooth: hci2: command tx timeout
[  338.209823][ T8785] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.214100][ T8785] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  338.218820][ T8785] bond0 (unregistering): Released all slaves
[  338.269065][T11809] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  338.271098][T11809] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  338.273556][T11809] vhci_hcd vhci_hcd.0: Device attached
[  338.302332][T11810] vhci_hcd: connection closed
[  338.302453][ T1178] vhci_hcd: stop threads
[  338.312025][ T1178] vhci_hcd: release socket
[  338.315050][ T1178] vhci_hcd: disconnect device
[  338.557068][ T8785] hsr_slave_0: left promiscuous mode
[  338.559263][ T8785] hsr_slave_1: left promiscuous mode
[  338.561229][ T8785] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.563548][ T8785] batman_adv: batadv0: Removing interface: batadv_slave_0
[  338.567944][ T8785] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.570395][ T8785] batman_adv: batadv0: Removing interface: batadv_slave_1
[  338.613232][ T8785] veth1_macvtap: left promiscuous mode
[  338.615164][ T8785] veth0_macvtap: left promiscuous mode
[  338.616959][ T8785] veth1_vlan: left promiscuous mode
[  338.618655][ T8785] veth0_vlan: left promiscuous mode
[  339.330775][ T8785] team0 (unregistering): Port device team_slave_1 removed
[  339.395255][ T8785] team0 (unregistering): Port device team_slave_0 removed
[  340.105571][   T67] Bluetooth: hci2: command tx timeout
[  340.123927][T11742] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  340.135661][T11742] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  340.141976][T11742] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  340.151239][T11742] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  340.311711][T11742] 8021q: adding VLAN 0 to HW filter on device bond0
[  340.359161][T11742] 8021q: adding VLAN 0 to HW filter on device team0
[  340.378975][ T1178] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.381427][ T1178] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.390901][   T94] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.393171][   T94] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.449188][T11742] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  340.568972][T11742] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.781691][T11742] veth0_vlan: entered promiscuous mode
[  340.787196][T11742] veth1_vlan: entered promiscuous mode
[  340.806910][T11742] veth0_macvtap: entered promiscuous mode
[  340.810846][T11742] veth1_macvtap: entered promiscuous mode
[  340.819318][T11742] batman_adv: batadv0: Interface activated: batadv_slave_0
[  340.830272][T11742] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.833608][T11742] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.837796][T11742] batman_adv: batadv0: Interface activated: batadv_slave_1
[  340.844023][T11742] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.846893][T11742] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.849508][T11742] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.852106][T11742] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  340.891397][ T8784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.893802][ T8784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.910352][ T8784] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.912734][ T8784] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  343.077295][ T8784] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.561362][T11939] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  343.563413][T11939] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  343.566072][T11939] vhci_hcd vhci_hcd.0: Device attached
[  343.572607][T11939] gtp0: entered promiscuous mode
[  343.635040][T11943] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  343.639691][T11943] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(18)
[  343.642308][T11943] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  343.646271][T11943] vhci_hcd vhci_hcd.0: Device attached
[  343.657359][T11939] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(20)
[  343.659451][T11939] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  343.663997][T11939] vhci_hcd vhci_hcd.0: Device attached
[  343.684227][T11939] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(22)
[  343.686265][T11939] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  343.693916][T11939] vhci_hcd vhci_hcd.0: Device attached
[  343.707601][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  343.711608][T11939] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  343.711848][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  343.715431][T11939] vhci_hcd vhci_hcd.0: pdev(1) rhport(6) sockfd(27)
[  343.718198][T11939] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  343.718226][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  343.723948][T11939] vhci_hcd vhci_hcd.0: Device attached
[  343.738712][T11953] vhci_hcd: connection closed
[  343.738802][T11949] vhci_hcd: connection closed
[  343.738897][ T8785] vhci_hcd: stop threads
[  343.743635][T11944] vhci_hcd: connection closed
[  343.743689][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  343.743951][T11946] vhci_hcd: connection closed
[  343.743970][   T24] vhci_hcd: vhci_device speed not set
[  343.745994][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  343.748687][ T8785] vhci_hcd: release socket
[  343.754685][T11940] vhci_hcd: connection closed
[  343.760193][ T8785] vhci_hcd: disconnect device
[  343.765538][ T8785] vhci_hcd: stop threads
[  343.766927][ T8785] vhci_hcd: release socket
[  343.772854][ T8785] vhci_hcd: disconnect device
[  343.777859][ T8785] vhci_hcd: stop threads
[  343.779307][ T8785] vhci_hcd: release socket
[  343.781989][ T8785] vhci_hcd: disconnect device
[  343.789762][ T8785] vhci_hcd: stop threads
[  343.791934][ T8785] vhci_hcd: release socket
[  343.793543][ T8785] vhci_hcd: disconnect device
[  343.797099][ T8785] vhci_hcd: stop threads
[  343.798424][ T8785] vhci_hcd: release socket
[  343.803002][ T8785] vhci_hcd: disconnect device
[  343.804735][   T24] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  343.807111][   T24] usb 39-1: enqueue for inactive port 0
[  343.853504][T11951] chnl_net:caif_netlink_parms(): no params data found
[  343.874696][   T24] vhci_hcd: vhci_device speed not set
[  343.942603][T11951] bridge0: port 1(bridge_slave_0) entered blocking state
[  343.948452][T11951] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.950782][T11951] bridge_slave_0: entered allmulticast mode
[  343.953414][T11951] bridge_slave_0: entered promiscuous mode
[  343.957809][T11951] bridge0: port 2(bridge_slave_1) entered blocking state
[  343.960517][T11951] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.962783][T11951] bridge_slave_1: entered allmulticast mode
[  343.965560][T11951] bridge_slave_1: entered promiscuous mode
[  343.994934][T11965] netfs: Couldn't get user pages (rc=-14)
[  344.006269][T11951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  344.012118][T11951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  344.050484][T11951] team0: Port device team_slave_0 added
[  344.054179][T11951] team0: Port device team_slave_1 added
[  344.092180][T11951] batman_adv: batadv0: Adding interface: batadv_slave_0
[  344.095433][T11951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.103205][T11951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  344.112980][T11951] batman_adv: batadv0: Adding interface: batadv_slave_1
[  344.115538][T11951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.123254][T11951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  344.171689][T11951] hsr_slave_0: entered promiscuous mode
[  344.174642][T11951] hsr_slave_1: entered promiscuous mode
[  344.176779][T11951] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  344.179163][T11951] Cannot create hsr debugfs directory
[  345.208450][ T8784] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.341168][ T8784] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.425024][ T8784] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.451427][T12004] exFAT-fs (nullb0): invalid boot record signature
[  345.454378][T12004] exFAT-fs (nullb0): failed to read boot sector
[  345.458257][T12004] exFAT-fs (nullb0): failed to recognize exfat type
[  345.532246][ T8784] bridge_slave_1: left allmulticast mode
[  345.534778][ T8784] bridge_slave_1: left promiscuous mode
[  345.536542][ T8784] bridge0: port 2(bridge_slave_1) entered disabled state
[  345.541159][ T8784] bridge_slave_0: left allmulticast mode
[  345.544449][ T8784] bridge_slave_0: left promiscuous mode
[  345.546237][ T8784] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.785586][ T5952] Bluetooth: hci2: command tx timeout
[  345.862635][ T8784] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  345.867184][ T8784] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  345.870804][ T8784] bond0 (unregistering): Released all slaves
[  346.184954][ T8784] hsr_slave_0: left promiscuous mode
[  346.187279][ T8784] hsr_slave_1: left promiscuous mode
[  346.189242][ T8784] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  346.191545][ T8784] batman_adv: batadv0: Removing interface: batadv_slave_0
[  346.197507][ T8784] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  346.199846][ T8784] batman_adv: batadv0: Removing interface: batadv_slave_1
[  346.226209][ T8784] veth1_macvtap: left promiscuous mode
[  346.227979][ T8784] veth0_macvtap: left promiscuous mode
[  346.230741][ T8784] veth1_vlan: left promiscuous mode
[  346.232509][ T8784] veth0_vlan: left promiscuous mode
[  346.438083][T12034] net_ratelimit: 6 callbacks suppressed
[  346.438094][T12034] netlink: zone id is out of range
[  346.442349][T12034] netlink: zone id is out of range
[  346.448776][T12034] netlink: zone id is out of range
[  346.450321][T12034] netlink: zone id is out of range
[  346.451879][T12034] netlink: zone id is out of range
[  346.453521][T12034] netlink: zone id is out of range
[  346.455207][T12034] netlink: zone id is out of range
[  346.456840][T12034] netlink: zone id is out of range
[  346.458567][T12034] netlink: zone id is out of range
[  346.460326][T12034] netlink: zone id is out of range
[  346.462248][T12034] FAULT_INJECTION: forcing a failure.
[  346.462248][T12034] name failslab, interval 1, probability 0, space 0, times 0
[  346.466517][T12034] CPU: 1 UID: 0 PID: 12034 Comm: syz.1.1482 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  346.466542][T12034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  346.466550][T12034] Call Trace:
[  346.466554][T12034]  <TASK>
[  346.466558][T12034]  dump_stack_lvl+0x16c/0x1f0
[  346.466578][T12034]  should_fail_ex+0x512/0x640
[  346.466594][T12034]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  346.466606][T12034]  should_failslab+0xc2/0x120
[  346.466620][T12034]  __kmalloc_cache_noprof+0x6a/0x3e0
[  346.466629][T12034]  ? __pfx____ratelimit+0x10/0x10
[  346.466642][T12034]  ? mark_held_locks+0x49/0x80
[  346.466656][T12034]  ? ovs_ct_limit_cmd_set+0x30a/0xa90
[  346.466670][T12034]  ovs_ct_limit_cmd_set+0x30a/0xa90
[  346.466685][T12034]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  346.466697][T12034]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  346.466715][T12034]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  346.466735][T12034]  genl_family_rcv_msg_doit+0x206/0x2f0
[  346.466751][T12034]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  346.466767][T12034]  ? trace_cap_capable+0x18d/0x200
[  346.466782][T12034]  ? bpf_lsm_capable+0x9/0x10
[  346.466794][T12034]  ? security_capable+0x7e/0x260
[  346.466805][T12034]  ? ns_capable+0xd7/0x110
[  346.466822][T12034]  genl_rcv_msg+0x55c/0x800
[  346.466846][T12034]  ? __pfx_genl_rcv_msg+0x10/0x10
[  346.466869][T12034]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  346.466889][T12034]  ? __lock_acquire+0xaa4/0x1ba0
[  346.466915][T12034]  netlink_rcv_skb+0x16d/0x440
[  346.466936][T12034]  ? __pfx_genl_rcv_msg+0x10/0x10
[  346.466960][T12034]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  346.466994][T12034]  ? __pfx_down_read+0x10/0x10
[  346.467011][T12034]  ? netlink_deliver_tap+0x1ae/0xd30
[  346.467034][T12034]  genl_rcv+0x28/0x40
[  346.467054][T12034]  netlink_unicast+0x53a/0x7f0
[  346.467075][T12034]  ? __pfx_netlink_unicast+0x10/0x10
[  346.467103][T12034]  netlink_sendmsg+0x8d1/0xdd0
[  346.467128][T12034]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.467152][T12034]  ? __import_iovec+0x1c8/0x660
[  346.467173][T12034]  ____sys_sendmsg+0xa98/0xc70
[  346.467201][T12034]  ? __pfx_____sys_sendmsg+0x10/0x10
[  346.467222][T12034]  ? get_compat_msghdr+0x11a/0x170
[  346.467241][T12034]  ___sys_sendmsg+0x134/0x1d0
[  346.467255][T12034]  ? __pfx____sys_sendmsg+0x10/0x10
[  346.467286][T12034]  __sys_sendmsg+0x16d/0x220
[  346.467299][T12034]  ? __pfx___sys_sendmsg+0x10/0x10
[  346.467318][T12034]  ? rcu_is_watching+0x12/0xc0
[  346.467331][T12034]  __do_fast_syscall_32+0x73/0x120
[  346.467348][T12034]  do_fast_syscall_32+0x32/0x80
[  346.467369][T12034]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  346.467382][T12034] RIP: 0023:0xf707e579
[  346.467391][T12034] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  346.467401][T12034] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  346.467411][T12034] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  346.467417][T12034] RDX: 0000000000004010 RSI: 0000000000000000 RDI: 0000000000000000
[  346.467423][T12034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  346.467429][T12034] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  346.467435][T12034] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  346.467449][T12034]  </TASK>
[  346.624938][T12036] netlink: 'syz.1.1483': attribute type 8 has an invalid length.
[  347.013361][ T8784] team0 (unregistering): Port device team_slave_1 removed
[  347.085630][ T8784] team0 (unregistering): Port device team_slave_0 removed
[  347.804612][T11951] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  347.811499][T11951] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  347.818215][T11951] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  347.834247][T11951] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  347.864067][ T5952] Bluetooth: hci2: command tx timeout
[  347.891280][T11951] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.908581][T11951] 8021q: adding VLAN 0 to HW filter on device team0
[  347.915216][   T94] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.917420][   T94] bridge0: port 1(bridge_slave_0) entered forwarding state
[  347.926496][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.928949][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  348.106235][T11951] 8021q: adding VLAN 0 to HW filter on device batadv0
[  348.191256][T12078] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1488'.
[  348.196036][T12078] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1488'.
[  348.260741][T11951] veth0_vlan: entered promiscuous mode
[  348.266572][T11951] veth1_vlan: entered promiscuous mode
[  348.279149][T11951] veth0_macvtap: entered promiscuous mode
[  348.282993][T11951] veth1_macvtap: entered promiscuous mode
[  348.294674][T11951] batman_adv: batadv0: Interface activated: batadv_slave_0
[  348.299030][T11951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.302377][T11951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.307311][T11951] batman_adv: batadv0: Interface activated: batadv_slave_1
[  348.313468][T11951] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.317123][T11951] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.319920][T11951] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  348.322719][T11951] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  348.364407][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.366925][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.380486][ T8785] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.382954][ T8785] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.630761][T12093] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1491'.
[  348.765614][T12102] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1494'.
[  348.961659][T12106] ALSA: mixer_oss: invalid index 40000
[  350.528253][T12139] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1502'.
[  350.630450][ T8783] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.284511][T12152] random: crng reseeded on system resumption
[  351.292676][ T6003] hid-generic 0000:0004:0009.0007: unknown main item tag 0x0
[  351.297965][ T6003] hid-generic 0000:0004:0009.0007: unknown main item tag 0x0
[  351.300439][ T6003] hid-generic 0000:0004:0009.0007: unknown main item tag 0x0
[  351.305976][ T6003] hid-generic 0000:0004:0009.0007: hidraw1: <UNKNOWN> HID v0.04 Device [syz1] on syz1
[  351.309638][T12152] Restarting kernel threads ... done.
[  351.330810][   T67] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  351.339365][   T67] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  351.343971][   T67] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  351.349459][   T67] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  351.353618][   T67] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  351.360069][T12157] fido_id[12157]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  351.467080][T12155] chnl_net:caif_netlink_parms(): no params data found
[  351.574453][T12155] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.576882][T12155] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.579235][T12155] bridge_slave_0: entered allmulticast mode
[  351.581952][T12155] bridge_slave_0: entered promiscuous mode
[  351.585228][T12155] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.587770][T12155] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.590456][T12155] bridge_slave_1: entered allmulticast mode
[  351.593144][T12155] bridge_slave_1: entered promiscuous mode
[  351.631672][T12155] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  351.636435][T12155] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  351.670531][T12155] team0: Port device team_slave_0 added
[  351.676374][T12155] team0: Port device team_slave_1 added
[  351.706250][T12155] batman_adv: batadv0: Adding interface: batadv_slave_0
[  351.708474][T12155] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.716602][T12155] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  351.729889][T12155] batman_adv: batadv0: Adding interface: batadv_slave_1
[  351.732820][T12155] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.742980][T12155] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.800601][T12155] hsr_slave_0: entered promiscuous mode
[  351.802902][T12155] hsr_slave_1: entered promiscuous mode
[  351.805177][T12155] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  351.807706][T12155] Cannot create hsr debugfs directory
[  352.142020][T12171] netlink: 'syz.1.1510': attribute type 1 has an invalid length.
[  352.158393][T12171] 8021q: adding VLAN 0 to HW filter on device bond1
[  352.167870][T12171] bond1: (slave ip6gretap1): making interface the new active one
[  352.170917][T12171] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  352.174980][T12171] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  352.177613][T12171] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  352.195947][ T1143] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  352.214134][    T9] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  352.365530][ T1143] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  352.552920][ T8783] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.637000][ T8783] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.704012][    T9] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  352.707860][ T8783] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.825939][ T8783] bridge_slave_1: left allmulticast mode
[  352.828229][ T8783] bridge_slave_1: left promiscuous mode
[  352.830235][ T8783] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.834138][ T8783] bridge_slave_0: left allmulticast mode
[  352.835984][ T8783] bridge_slave_0: left promiscuous mode
[  352.837829][ T8783] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.102021][ T8783] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  353.106902][ T8783] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  353.110618][ T8783] bond0 (unregistering): Released all slaves
[  353.178584][T12198] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1515'.
[  353.309549][ T8784] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  353.384136][   T94] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  353.387435][   T94] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  353.391053][ T5952] Bluetooth: hci2: command tx timeout
[  353.538596][ T8783] hsr_slave_0: left promiscuous mode
[  353.540792][ T8783] hsr_slave_1: left promiscuous mode
[  353.543275][ T8783] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  353.546159][ T8783] batman_adv: batadv0: Removing interface: batadv_slave_0
[  353.548905][ T8783] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  353.551305][ T8783] batman_adv: batadv0: Removing interface: batadv_slave_1
[  353.578257][ T8783] veth1_macvtap: left promiscuous mode
[  353.580235][ T8783] veth0_macvtap: left promiscuous mode
[  353.582659][ T8783] veth1_vlan: left promiscuous mode
[  353.585568][ T8783] veth0_vlan: left promiscuous mode
[  353.743986][   T65] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  354.185916][T12226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1520'.
[  354.382810][ T8783] team0 (unregistering): Port device team_slave_1 removed
[  354.483161][ T8783] team0 (unregistering): Port device team_slave_0 removed
[  355.360577][T12155] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  355.366425][T12155] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  355.378684][T12155] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  355.409442][T12155] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  355.464660][ T5952] Bluetooth: hci2: command tx timeout
[  355.519795][T12155] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.549145][T12155] 8021q: adding VLAN 0 to HW filter on device team0
[  355.558779][   T94] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.561059][   T94] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.587914][   T94] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.590148][   T94] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.771948][T12155] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  355.776944][T12155] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  355.887821][T12155] 8021q: adding VLAN 0 to HW filter on device batadv0
[  356.029241][T12155] veth0_vlan: entered promiscuous mode
[  356.035049][T12155] veth1_vlan: entered promiscuous mode
[  356.058387][T12155] veth0_macvtap: entered promiscuous mode
[  356.063731][T12155] veth1_macvtap: entered promiscuous mode
[  356.074508][T12155] batman_adv: batadv0: Interface activated: batadv_slave_0
[  356.145736][T12155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.151497][T12155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.157878][T12155] batman_adv: batadv0: Interface activated: batadv_slave_1
[  356.190083][T12155] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.192897][T12155] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  356.196824][T12155] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  356.200202][T12155] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  356.236188][ T8784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  356.238860][ T8784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.250095][ T8784] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  356.252592][ T8784] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.298540][T12285] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1528'.
[  356.796880][T12292] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1530'.
[  356.800215][T12292] net_ratelimit: 6 callbacks suppressed
[  356.800224][T12292] netlink: zone id is out of range
[  356.803708][T12292] netlink: zone id is out of range
[  356.806956][T12292] netlink: zone id is out of range
[  356.808613][T12292] netlink: zone id is out of range
[  356.810232][T12292] netlink: zone id is out of range
[  356.811861][T12292] netlink: zone id is out of range
[  356.813534][T12292] netlink: zone id is out of range
[  356.815343][T12292] netlink: zone id is out of range
[  356.817675][T12292] netlink: zone id is out of range
[  356.819320][T12292] netlink: zone id is out of range
[  357.773133][T12324] FAULT_INJECTION: forcing a failure.
[  357.773133][T12324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  357.778624][T12324] CPU: 1 UID: 0 PID: 12324 Comm: syz.2.1536 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  357.778648][T12324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  357.778659][T12324] Call Trace:
[  357.778665][T12324]  <TASK>
[  357.778672][T12324]  dump_stack_lvl+0x16c/0x1f0
[  357.778702][T12324]  should_fail_ex+0x512/0x640
[  357.778731][T12324]  _copy_from_user+0x2e/0xd0
[  357.778758][T12324]  get_compat_msghdr+0xa7/0x170
[  357.778778][T12324]  ? __pfx_get_compat_msghdr+0x10/0x10
[  357.778808][T12324]  ___sys_sendmsg+0x1ae/0x1d0
[  357.778831][T12324]  ? __pfx____sys_sendmsg+0x10/0x10
[  357.778875][T12324]  ? __pfx_vfs_write+0x10/0x10
[  357.778900][T12324]  __sys_sendmsg+0x16d/0x220
[  357.778921][T12324]  ? __pfx___sys_sendmsg+0x10/0x10
[  357.778952][T12324]  ? rcu_is_watching+0x12/0xc0
[  357.778974][T12324]  __do_fast_syscall_32+0x73/0x120
[  357.779001][T12324]  do_fast_syscall_32+0x32/0x80
[  357.779027][T12324]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  357.779046][T12324] RIP: 0023:0xf7f78579
[  357.779059][T12324] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  357.779075][T12324] RSP: 002b:00000000f505455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  357.779092][T12324] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000500
[  357.779103][T12324] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  357.779113][T12324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  357.779122][T12324] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  357.779132][T12324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  357.779155][T12324]  </TASK>
[  357.841994][   T12] ip6_tnl_xmit_ctl: 4 callbacks suppressed
[  357.842010][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  358.674593][ T1143] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.684529][T12282] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  358.846416][T12282] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  358.849123][T12282] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  358.852262][T12282] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  358.855603][T12282] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  358.858990][T12282] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  358.863585][T12282] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  358.866525][T12282] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  358.869038][T12282] usb 5-1: Product: syz
[  358.870402][T12282] usb 5-1: Manufacturer: syz
[  358.875918][T12282] cdc_wdm 5-1:1.0: skipping garbage
[  358.877683][T12282] cdc_wdm 5-1:1.0: skipping garbage
[  358.881808][T12282] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  358.883751][T12282] cdc_wdm 5-1:1.0: Unknown control protocol
[  358.984268][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  359.452317][   T67] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  359.457210][   T67] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  359.460827][   T67] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  359.466523][   T67] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  359.469847][   T67] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  359.585323][T12356] chnl_net:caif_netlink_parms(): no params data found
[  359.679984][T12356] bridge0: port 1(bridge_slave_0) entered blocking state
[  359.684317][T12356] bridge0: port 1(bridge_slave_0) entered disabled state
[  359.686935][T12356] bridge_slave_0: entered allmulticast mode
[  359.690286][T12356] bridge_slave_0: entered promiscuous mode
[  359.698749][T12356] bridge0: port 2(bridge_slave_1) entered blocking state
[  359.701349][T12356] bridge0: port 2(bridge_slave_1) entered disabled state
[  359.704249][T12356] bridge_slave_1: entered allmulticast mode
[  359.707545][T12356] bridge_slave_1: entered promiscuous mode
[  359.765108][T12356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  359.769515][T12356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  359.804647][T12356] team0: Port device team_slave_0 added
[  359.808172][T12356] team0: Port device team_slave_1 added
[  359.838212][T12356] batman_adv: batadv0: Adding interface: batadv_slave_0
[  359.840462][T12356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  359.849709][T12356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  359.854016][T12356] batman_adv: batadv0: Adding interface: batadv_slave_1
[  359.856228][T12356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  359.864985][T12356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  359.902997][T12356] hsr_slave_0: entered promiscuous mode
[  359.905477][T12356] hsr_slave_1: entered promiscuous mode
[  359.907501][T12356] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  359.909811][T12356] Cannot create hsr debugfs directory
[  360.084079][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  360.258047][T12374] fuse: Bad value for 'fd'
[  360.577043][ T1143] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.635999][ T1143] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.693520][ T1143] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.807058][ T1143] bridge_slave_1: left allmulticast mode
[  360.809529][ T1143] bridge_slave_1: left promiscuous mode
[  360.812122][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.816790][ T1143] bridge_slave_0: left allmulticast mode
[  360.818731][ T1143] bridge_slave_0: left promiscuous mode
[  360.820704][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.088533][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  361.093327][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  361.097384][ T1143] bond0 (unregistering): Released all slaves
[  361.204111][ T8784] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  361.371954][ T1143] hsr_slave_0: left promiscuous mode
[  361.376481][ T1143] hsr_slave_1: left promiscuous mode
[  361.378478][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  361.380792][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  361.383639][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  361.386185][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  361.411775][ T1143] veth1_macvtap: left promiscuous mode
[  361.413632][ T1143] veth0_macvtap: left promiscuous mode
[  361.415570][ T1143] veth1_vlan: left promiscuous mode
[  361.417264][ T1143] veth0_vlan: left promiscuous mode
[  361.440989][T12347] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  361.445178][T12347] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  361.453494][T12347] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  361.524767][ T6003] usb 5-1: USB disconnect, device number 12
[  361.794176][   T67] Bluetooth: hci2: command 0x041b tx timeout
[  362.184248][ T1143] team0 (unregistering): Port device team_slave_1 removed
[  362.256090][ T1143] team0 (unregistering): Port device team_slave_0 removed
[  362.349276][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  362.982902][T12356] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  362.996961][T12356] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  363.002140][T12356] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  363.009555][T12356] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  363.059354][T12356] 8021q: adding VLAN 0 to HW filter on device bond0
[  363.068263][T12356] 8021q: adding VLAN 0 to HW filter on device team0
[  363.073018][   T94] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.075477][   T94] bridge0: port 1(bridge_slave_0) entered forwarding state
[  363.082045][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.084402][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  363.254031][T12356] 8021q: adding VLAN 0 to HW filter on device batadv0
[  363.401425][T12356] veth0_vlan: entered promiscuous mode
[  363.412720][T12356] veth1_vlan: entered promiscuous mode
[  363.430533][T12356] veth0_macvtap: entered promiscuous mode
[  363.435045][T12356] veth1_macvtap: entered promiscuous mode
[  363.452078][T12356] batman_adv: batadv0: Interface activated: batadv_slave_0
[  363.459869][T12356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.463274][T12356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.474762][T12356] batman_adv: batadv0: Interface activated: batadv_slave_1
[  363.479329][T12356] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  363.482097][T12356] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  363.486681][T12356] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  363.489402][T12356] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  363.494494][ T1143] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  363.529836][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  363.532419][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  363.544974][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  363.547781][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  364.605569][   T94] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  365.233931][    C3] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  365.715248][ T8783] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  366.086175][   T94] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.824248][ T1143] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  367.292653][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  367.296517][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  367.299408][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  367.302501][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  367.308018][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  367.512026][T12523] chnl_net:caif_netlink_parms(): no params data found
[  367.623779][T12523] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.626191][T12523] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.628495][T12523] bridge_slave_0: entered allmulticast mode
[  367.631228][T12523] bridge_slave_0: entered promiscuous mode
[  367.634514][T12523] bridge0: port 2(bridge_slave_1) entered blocking state
[  367.636859][T12523] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.639192][T12523] bridge_slave_1: entered allmulticast mode
[  367.641996][T12523] bridge_slave_1: entered promiscuous mode
[  367.664442][   T94] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.701962][T12523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  367.707739][T12523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  367.750082][   T94] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.760375][T12523] team0: Port device team_slave_0 added
[  367.765752][T12523] team0: Port device team_slave_1 added
[  367.815861][   T94] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.821404][T12523] batman_adv: batadv0: Adding interface: batadv_slave_0
[  367.823553][T12523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.832108][T12523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  367.836473][T12523] batman_adv: batadv0: Adding interface: batadv_slave_1
[  367.838664][T12523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.846681][T12523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  367.888514][T12523] hsr_slave_0: entered promiscuous mode
[  367.890749][T12523] hsr_slave_1: entered promiscuous mode
[  367.892830][T12523] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  367.895411][T12523] Cannot create hsr debugfs directory
[  367.934587][   T46] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  368.013215][   T94] bridge_slave_1: left allmulticast mode
[  368.015071][   T94] bridge_slave_1: left promiscuous mode
[  368.016847][   T94] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.021362][   T94] bridge_slave_0: left allmulticast mode
[  368.023747][   T94] bridge_slave_0: left promiscuous mode
[  368.026872][   T94] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.281458][   T94] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  368.286741][   T94] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  368.291260][   T94] bond0 (unregistering): Released all slaves
[  368.513631][T12555] overlayfs: failed to resolve './file1': -2
[  368.955754][   T94] hsr_slave_0: left promiscuous mode
[  368.957990][   T94] hsr_slave_1: left promiscuous mode
[  368.960091][   T94] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  368.962368][   T94] batman_adv: batadv0: Removing interface: batadv_slave_0
[  368.965582][   T94] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  368.967881][   T94] batman_adv: batadv0: Removing interface: batadv_slave_1
[  368.992311][   T94] veth1_macvtap: left promiscuous mode
[  368.994292][   T94] veth0_macvtap: left promiscuous mode
[  368.996151][   T94] veth1_vlan: left promiscuous mode
[  368.997850][   T94] veth0_vlan: left promiscuous mode
[  369.066207][ T8783] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  369.394031][   T67] Bluetooth: hci2: command tx timeout
[  369.862576][   T94] team0 (unregistering): Port device team_slave_1 removed
[  369.939772][   T94] team0 (unregistering): Port device team_slave_0 removed
[  370.164039][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  370.767812][T12523] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  370.773157][T12523] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  370.797160][T12523] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  370.809523][T12523] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  370.917358][T12608] fuse: Bad value for 'fd'
[  370.920332][T12612] fuse: Bad value for 'fd'
[  370.920373][T12523] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.943146][T12523] 8021q: adding VLAN 0 to HW filter on device team0
[  370.966679][ T8783] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.969811][ T8783] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.974280][ T8783] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.976741][ T8783] bridge0: port 2(bridge_slave_1) entered forwarding state
[  371.005106][T12523] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  371.139298][T12523] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.325050][   T94] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  371.443714][T12523] veth0_vlan: entered promiscuous mode
[  371.454346][T12523] veth1_vlan: entered promiscuous mode
[  371.464933][   T67] Bluetooth: hci2: command tx timeout
[  371.478756][T12523] veth0_macvtap: entered promiscuous mode
[  371.484974][T12523] veth1_macvtap: entered promiscuous mode
[  371.499298][T12523] batman_adv: batadv0: Interface activated: batadv_slave_0
[  371.507786][T12523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  371.511157][T12523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.516463][T12523] batman_adv: batadv0: Interface activated: batadv_slave_1
[  371.523327][T12523] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.527021][T12523] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.530668][T12523] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.533599][T12523] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.601456][ T1178] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.605513][ T1178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.619331][ T1178] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.621935][ T1178] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.056771][T12654] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1596'.
[  372.060208][T12654] netlink: 31 bytes leftover after parsing attributes in process `syz.0.1596'.
[  372.453982][ T1143] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  372.533926][ T6003] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  372.558975][T12665] FAULT_INJECTION: forcing a failure.
[  372.558975][T12665] name failslab, interval 1, probability 0, space 0, times 0
[  372.563029][T12665] CPU: 0 UID: 0 PID: 12665 Comm: syz.2.1599 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  372.563044][T12665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  372.563051][T12665] Call Trace:
[  372.563055][T12665]  <TASK>
[  372.563060][T12665]  dump_stack_lvl+0x16c/0x1f0
[  372.563079][T12665]  should_fail_ex+0x512/0x640
[  372.563095][T12665]  ? __kmalloc_noprof+0xbf/0x510
[  372.563109][T12665]  ? rfkill_alloc+0xac/0x330
[  372.563119][T12665]  should_failslab+0xc2/0x120
[  372.563132][T12665]  __kmalloc_noprof+0xd2/0x510
[  372.563148][T12665]  rfkill_alloc+0xac/0x330
[  372.563175][T12665]  wiphy_new_nm+0x136a/0x2160
[  372.563190][T12665]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  372.563203][T12665]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  372.563214][T12665]  ieee80211_alloc_hw_nm+0x1b7a/0x2260
[  372.563225][T12665]  ? __local_bh_enable_ip+0xa4/0x120
[  372.563240][T12665]  mac80211_hwsim_new_radio+0x1d4/0x54d0
[  372.563264][T12665]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  372.563281][T12665]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  372.563303][T12665]  hwsim_new_radio_nl+0xb51/0x12c0
[  372.563321][T12665]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  372.563341][T12665]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  372.563359][T12665]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  372.563378][T12665]  genl_family_rcv_msg_doit+0x206/0x2f0
[  372.563395][T12665]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  372.563411][T12665]  ? trace_cap_capable+0x18d/0x200
[  372.563426][T12665]  ? bpf_lsm_capable+0x9/0x10
[  372.563437][T12665]  ? security_capable+0x7e/0x260
[  372.563448][T12665]  ? ns_capable+0xd7/0x110
[  372.563461][T12665]  genl_rcv_msg+0x55c/0x800
[  372.563478][T12665]  ? __pfx_genl_rcv_msg+0x10/0x10
[  372.563493][T12665]  ? __pfx___dev_queue_xmit+0x10/0x10
[  372.563504][T12665]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  372.563521][T12665]  ? __lock_acquire+0xaa4/0x1ba0
[  372.563538][T12665]  netlink_rcv_skb+0x16d/0x440
[  372.563552][T12665]  ? __pfx_genl_rcv_msg+0x10/0x10
[  372.563568][T12665]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  372.563589][T12665]  ? __pfx_down_read+0x10/0x10
[  372.563599][T12665]  ? netlink_deliver_tap+0x1ae/0xd30
[  372.563637][T12665]  genl_rcv+0x28/0x40
[  372.563653][T12665]  netlink_unicast+0x53a/0x7f0
[  372.563669][T12665]  ? __pfx_netlink_unicast+0x10/0x10
[  372.563687][T12665]  netlink_sendmsg+0x8d1/0xdd0
[  372.563704][T12665]  ? __pfx_netlink_sendmsg+0x10/0x10
[  372.563718][T12665]  ? __import_iovec+0x1c8/0x660
[  372.563732][T12665]  ____sys_sendmsg+0xa98/0xc70
[  372.563749][T12665]  ? __pfx_____sys_sendmsg+0x10/0x10
[  372.563764][T12665]  ? get_compat_msghdr+0x11a/0x170
[  372.563783][T12665]  ___sys_sendmsg+0x134/0x1d0
[  372.563797][T12665]  ? __pfx____sys_sendmsg+0x10/0x10
[  372.563840][T12665]  __sys_sendmsg+0x16d/0x220
[  372.563854][T12665]  ? __pfx___sys_sendmsg+0x10/0x10
[  372.563871][T12665]  ? rcu_is_watching+0x12/0xc0
[  372.563882][T12665]  ? rcu_is_watching+0x12/0xc0
[  372.563894][T12665]  __do_fast_syscall_32+0x73/0x120
[  372.563915][T12665]  do_fast_syscall_32+0x32/0x80
[  372.563931][T12665]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  372.563944][T12665] RIP: 0023:0xf7f78579
[  372.563953][T12665] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  372.563963][T12665] RSP: 002b:00000000f507555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  372.563973][T12665] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000140
[  372.563980][T12665] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  372.563986][T12665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  372.563991][T12665] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  372.563997][T12665] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  372.564011][T12665]  </TASK>
[  372.693967][ T6003] usb 5-1: Using ep0 maxpacket: 8
[  372.697383][ T6003] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  372.702420][ T6003] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  372.705431][ T6003] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.707938][ T6003] usb 5-1: Product: syz
[  372.709332][ T6003] usb 5-1: Manufacturer: syz
[  372.710922][ T6003] usb 5-1: SerialNumber: syz
[  372.924580][ T6003] cdc_ncm 5-1:1.0: bind() failure
[  372.928465][ T6003] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  372.930638][ T6003] cdc_ncm 5-1:1.1: bind() failure
[  372.935799][ T6003] usb 5-1: USB disconnect, device number 13
[  373.069630][T12674] FAULT_INJECTION: forcing a failure.
[  373.069630][T12674] name failslab, interval 1, probability 0, space 0, times 0
[  373.075532][T12674] CPU: 1 UID: 0 PID: 12674 Comm: syz.2.1603 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  373.075556][T12674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  373.075568][T12674] Call Trace:
[  373.075574][T12674]  <TASK>
[  373.075580][T12674]  dump_stack_lvl+0x16c/0x1f0
[  373.075630][T12674]  should_fail_ex+0x512/0x640
[  373.075655][T12674]  ? fs_reclaim_acquire+0xae/0x150
[  373.075683][T12674]  ? tomoyo_encode2+0x100/0x3e0
[  373.075706][T12674]  should_failslab+0xc2/0x120
[  373.075728][T12674]  __kmalloc_noprof+0xd2/0x510
[  373.075746][T12674]  ? d_absolute_path+0x136/0x1a0
[  373.075772][T12674]  tomoyo_encode2+0x100/0x3e0
[  373.075800][T12674]  tomoyo_encode+0x29/0x50
[  373.075822][T12674]  tomoyo_realpath_from_path+0x18f/0x6e0
[  373.075853][T12674]  tomoyo_path_number_perm+0x245/0x580
[  373.075880][T12674]  ? tomoyo_path_number_perm+0x237/0x580
[  373.075903][T12674]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  373.075949][T12674]  ? d_alloc_parallel+0x979/0x12e0
[  373.075975][T12674]  ? current_check_access_path+0x33c/0x460
[  373.076000][T12674]  ? __pfx_current_check_access_path+0x10/0x10
[  373.076029][T12674]  tomoyo_path_mknod+0x10c/0x190
[  373.076047][T12674]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[  373.076065][T12674]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  373.076093][T12674]  security_path_mknod+0x161/0x310
[  373.076116][T12674]  lookup_open.isra.0+0xc17/0x1580
[  373.076145][T12674]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  373.076184][T12674]  ? __pfx_down_write+0x10/0x10
[  373.076198][T12674]  ? mnt_get_write_access+0x20c/0x300
[  373.076226][T12674]  path_openat+0x905/0x2d40
[  373.076253][T12674]  ? __pfx_path_openat+0x10/0x10
[  373.076273][T12674]  ? __lock_acquire+0xaa4/0x1ba0
[  373.076299][T12674]  do_filp_open+0x20b/0x470
[  373.076315][T12674]  ? __pfx_do_filp_open+0x10/0x10
[  373.076352][T12674]  ? _raw_spin_unlock+0x28/0x50
[  373.076373][T12674]  ? alloc_fd+0x471/0x7d0
[  373.076397][T12674]  do_sys_openat2+0x11b/0x1d0
[  373.076421][T12674]  ? __pfx_do_sys_openat2+0x10/0x10
[  373.076445][T12674]  ? __fget_files+0x20e/0x3c0
[  373.076467][T12674]  __ia32_compat_sys_open+0x146/0x1e0
[  373.076489][T12674]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  373.076517][T12674]  ? rcu_is_watching+0x12/0xc0
[  373.076534][T12674]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  373.076560][T12674]  __do_fast_syscall_32+0x73/0x120
[  373.076586][T12674]  do_fast_syscall_32+0x32/0x80
[  373.076609][T12674]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  373.076629][T12674] RIP: 0023:0xf7f78579
[  373.076642][T12674] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  373.076658][T12674] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  373.076674][T12674] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000000143142
[  373.076685][T12674] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  373.076694][T12674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  373.076704][T12674] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  373.076712][T12674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  373.076736][T12674]  </TASK>
[  373.076756][T12674] ERROR: Out of memory at tomoyo_realpath_from_path.
[  373.193360][T12676] No source specified
[  373.329499][ T8785] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.584515][ T1178] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  374.296313][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  374.299836][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  374.302665][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  374.307104][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  374.309765][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  374.445550][T12687] chnl_net:caif_netlink_parms(): no params data found
[  374.636097][T12687] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.638374][T12687] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.640607][T12687] bridge_slave_0: entered allmulticast mode
[  374.644756][T12687] bridge_slave_0: entered promiscuous mode
[  374.654720][T12687] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.656994][T12687] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.659184][T12687] bridge_slave_1: entered allmulticast mode
[  374.661757][T12687] bridge_slave_1: entered promiscuous mode
[  374.706875][T12687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  374.712078][T12687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  374.714095][   T94] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  374.751160][T12687] team0: Port device team_slave_0 added
[  374.759898][T12687] team0: Port device team_slave_1 added
[  374.855335][ T8785] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.874799][T12687] batman_adv: batadv0: Adding interface: batadv_slave_0
[  374.876921][T12687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.884681][T12687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.889320][T12687] batman_adv: batadv0: Adding interface: batadv_slave_1
[  374.891552][T12687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.900539][T12687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  374.918395][ T8785] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.960183][T12687] hsr_slave_0: entered promiscuous mode
[  374.964462][T12687] hsr_slave_1: entered promiscuous mode
[  374.967936][T12687] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  374.970853][T12687] Cannot create hsr debugfs directory
[  375.069404][ T8785] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.159540][T12706] Timeout policy `syz1' can only be used by L3 protocol number 0
[  375.334995][ T8785] bridge_slave_1: left allmulticast mode
[  375.337248][ T8785] bridge_slave_1: left promiscuous mode
[  375.339482][ T8785] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.355484][ T8785] bridge_slave_0: left allmulticast mode
[  375.357756][ T8785] bridge_slave_0: left promiscuous mode
[  375.360095][ T8785] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.664583][ T8785] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  375.669165][ T8785] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  375.672957][ T8785] bond0 (unregistering): Released all slaves
[  375.698989][T12719] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  375.854825][ T1143] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  376.345561][ T5952] Bluetooth: hci2: command tx timeout
[  376.428234][ T8785] hsr_slave_0: left promiscuous mode
[  376.435033][ T8785] hsr_slave_1: left promiscuous mode
[  376.437340][ T8785] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  376.439624][ T8785] batman_adv: batadv0: Removing interface: batadv_slave_0
[  376.451338][T12737] ref_ctr_offset mismatch. inode: 0xa22 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa
[  376.458753][ T8785] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  376.461072][ T8785] batman_adv: batadv0: Removing interface: batadv_slave_1
[  376.500586][ T8785] veth1_macvtap: left promiscuous mode
[  376.502307][ T8785] veth0_macvtap: left promiscuous mode
[  376.506730][ T8785] veth1_vlan: left promiscuous mode
[  376.507974][T12739] net_ratelimit: 7 callbacks suppressed
[  376.507982][T12739] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  376.513065][ T8785] veth0_vlan: left promiscuous mode
[  376.968318][ T1178] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  377.729918][ T8785] team0 (unregistering): Port device team_slave_1 removed
[  377.802278][ T8785] team0 (unregistering): Port device team_slave_0 removed
[  378.036871][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  378.039370][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  378.423982][ T5952] Bluetooth: hci2: command tx timeout
[  378.617545][T12765] FAULT_INJECTION: forcing a failure.
[  378.617545][T12765] name failslab, interval 1, probability 0, space 0, times 0
[  378.621877][T12765] CPU: 1 UID: 0 PID: 12765 Comm: syz.0.1621 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  378.621905][T12765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  378.621911][T12765] Call Trace:
[  378.621916][T12765]  <TASK>
[  378.621920][T12765]  dump_stack_lvl+0x16c/0x1f0
[  378.621939][T12765]  should_fail_ex+0x512/0x640
[  378.621955][T12765]  ? fs_reclaim_acquire+0xae/0x150
[  378.621973][T12765]  should_failslab+0xc2/0x120
[  378.621987][T12765]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  378.622000][T12765]  ? security_inode_alloc+0x3b/0x2b0
[  378.622014][T12765]  security_inode_alloc+0x3b/0x2b0
[  378.622027][T12765]  inode_init_always_gfp+0xce4/0x1030
[  378.622040][T12765]  alloc_inode+0x86/0x240
[  378.622054][T12765]  new_inode+0x22/0x1c0
[  378.622068][T12765]  proc_pid_make_inode+0x22/0x160
[  378.622080][T12765]  proc_fdinfo_instantiate+0x57/0x250
[  378.622096][T12765]  proc_fill_cache+0x35e/0x470
[  378.622106][T12765]  ? __pfx_proc_fdinfo_instantiate+0x10/0x10
[  378.622121][T12765]  ? __pfx_proc_fill_cache+0x10/0x10
[  378.622135][T12765]  ? __pfx_vsnprintf+0x10/0x10
[  378.622153][T12765]  ? snprintf+0xc7/0x100
[  378.622171][T12765]  ? _raw_spin_unlock+0x28/0x50
[  378.622183][T12765]  ? fget_task_next+0x2b0/0x580
[  378.622196][T12765]  proc_readfd_common+0x1ef/0x620
[  378.622211][T12765]  ? __pfx_proc_fdinfo_instantiate+0x10/0x10
[  378.622227][T12765]  ? __pfx_proc_readfd_common+0x10/0x10
[  378.622242][T12765]  ? down_read_killable+0x220/0x4b0
[  378.622253][T12765]  ? __pfx_down_read_killable+0x10/0x10
[  378.622265][T12765]  ? apparmor_file_permission+0x251/0x400
[  378.622280][T12765]  iterate_dir+0x293/0xb40
[  378.622298][T12765]  __ia32_compat_sys_getdents+0x14d/0x2c0
[  378.622315][T12765]  ? __pfx___ia32_compat_sys_getdents+0x10/0x10
[  378.622331][T12765]  ? fput+0x70/0xf0
[  378.622343][T12765]  ? __pfx_compat_filldir+0x10/0x10
[  378.622359][T12765]  ? rcu_is_watching+0x12/0xc0
[  378.622371][T12765]  ? rcu_is_watching+0x12/0xc0
[  378.622382][T12765]  __do_fast_syscall_32+0x73/0x120
[  378.622400][T12765]  do_fast_syscall_32+0x32/0x80
[  378.622416][T12765]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  378.622429][T12765] RIP: 0023:0xf7fb1579
[  378.622437][T12765] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  378.622447][T12765] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 000000000000008d
[  378.622457][T12765] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000040
[  378.622464][T12765] RDX: 00000000000000e3 RSI: 0000000000000000 RDI: 0000000000000000
[  378.622470][T12765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  378.622476][T12765] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  378.622482][T12765] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  378.622495][T12765]  </TASK>
[  379.943963][    C3] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  380.503951][ T5952] Bluetooth: hci2: command tx timeout
[  382.594022][ T5952] Bluetooth: hci2: command tx timeout
[  390.772870][T12786] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  390.778120][T12786] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  390.781740][T12786] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  390.786841][T12786] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  390.790081][T12786] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  392.824038][T12786] Bluetooth: hci4: command tx timeout
[  394.767554][ T5952] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  394.875826][ T5952] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  394.879158][ T5952] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  394.881715][ T5952] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  394.884276][ T5952] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  394.913987][T12786] Bluetooth: hci4: command tx timeout
[  395.689916][ T1415] ==================================================================
[  395.692481][ T1415] BUG: KASAN: slab-use-after-free in tty_write_room+0x7d/0x90
[  395.694826][ T1415] Read of size 8 at addr ffff888059567020 by task aoe_tx0/1415
[  395.697231][ T1415] 
[  395.698793][ T1415] CPU: 2 UID: 0 PID: 1415 Comm: aoe_tx0 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  395.698807][ T1415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  395.698814][ T1415] Call Trace:
[  395.698819][ T1415]  <TASK>
[  395.698824][ T1415]  dump_stack_lvl+0x116/0x1f0
[  395.698843][ T1415]  print_report+0xc3/0x670
[  395.698856][ T1415]  ? __virt_addr_valid+0x5e/0x590
[  395.698871][ T1415]  ? __phys_addr+0xc6/0x150
[  395.698884][ T1415]  ? tty_write_room+0x7d/0x90
[  395.698900][ T1415]  kasan_report+0xe0/0x110
[  395.698912][ T1415]  ? tty_write_room+0x7d/0x90
[  395.699254][ T1415]  tty_write_room+0x7d/0x90
[  395.699270][ T1415]  handle_tx+0x14f/0x630
[  395.699284][ T1415]  dev_hard_start_xmit+0x93/0x740
[  395.699296][ T1415]  __dev_queue_xmit+0x7eb/0x43e0
[  395.699306][ T1415]  ? lockdep_hardirqs_on+0x7c/0x110
[  395.699321][ T1415]  ? finish_task_switch.isra.0+0x221/0xc10
[  395.699333][ T1415]  ? rcu_is_watching+0x12/0xc0
[  395.699342][ T1415]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.699353][ T1415]  ? __lock_acquire+0xaa4/0x1ba0
[  395.699368][ T1415]  ? __lock_acquire+0xaa4/0x1ba0
[  395.699382][ T1415]  ? do_raw_spin_lock+0x12c/0x2b0
[  395.699414][ T1415]  ? find_held_lock+0x2b/0x80
[  395.699426][ T1415]  ? skb_dequeue+0x126/0x180
[  395.699442][ T1415]  ? find_held_lock+0x2b/0x80
[  395.699452][ T1415]  ? rcu_is_watching+0x12/0xc0
[  395.699462][ T1415]  tx+0xcc/0x190
[  395.699474][ T1415]  ? __pfx_tx+0x10/0x10
[  395.699484][ T1415]  kthread+0x1e4/0x3e0
[  395.699494][ T1415]  ? find_held_lock+0x2b/0x80
[  395.699503][ T1415]  ? __pfx_kthread+0x10/0x10
[  395.699513][ T1415]  ? __pfx_default_wake_function+0x10/0x10
[  395.699524][ T1415]  ? lockdep_hardirqs_on+0x7c/0x110
[  395.699538][ T1415]  ? __kthread_parkme+0x19e/0x250
[  395.699551][ T1415]  ? __pfx_kthread+0x10/0x10
[  395.699560][ T1415]  kthread+0x3c5/0x780
[  395.699575][ T1415]  ? __pfx_kthread+0x10/0x10
[  395.699594][ T1415]  ? __pfx_kthread+0x10/0x10
[  395.699608][ T1415]  ? __pfx_kthread+0x10/0x10
[  395.699622][ T1415]  ? __pfx_kthread+0x10/0x10
[  395.699637][ T1415]  ? rcu_is_watching+0x12/0xc0
[  395.699646][ T1415]  ? __pfx_kthread+0x10/0x10
[  395.699661][ T1415]  ret_from_fork+0x48/0x80
[  395.699671][ T1415]  ? __pfx_kthread+0x10/0x10
[  395.699685][ T1415]  ret_from_fork_asm+0x1a/0x30
[  395.699703][ T1415]  </TASK>
[  395.699707][ T1415] 
[  395.771955][ T1415] Allocated by task 11756:
[  395.771965][ T1415]  kasan_save_stack+0x33/0x60
[  395.771980][ T1415]  kasan_save_track+0x14/0x30
[  395.771990][ T1415]  __kasan_kmalloc+0xaa/0xb0
[  395.772000][ T1415]  alloc_tty_struct+0x96/0x8c0
[  395.772013][ T1415]  tty_init_dev.part.0+0x1e/0x500
[  395.772026][ T1415]  tty_open+0xa50/0xf90
[  395.772040][ T1415]  chrdev_open+0x231/0x6a0
[  395.772052][ T1415]  do_dentry_open+0x741/0x1c10
[  395.786261][ T1415]  vfs_open+0x82/0x3f0
[  395.787542][ T1415]  path_openat+0x1e5e/0x2d40
[  395.788984][ T1415]  do_filp_open+0x20b/0x470
[  395.790422][ T1415]  do_sys_openat2+0x11b/0x1d0
[  395.791909][ T1415]  __ia32_compat_sys_openat+0x16d/0x210
[  395.793642][ T1415]  __do_fast_syscall_32+0x73/0x120
[  395.795205][ T1415]  do_fast_syscall_32+0x32/0x80
[  395.796754][ T1415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  395.798717][ T1415] 
[  395.799480][ T1415] Freed by task 6004:
[  395.800738][ T1415]  kasan_save_stack+0x33/0x60
[  395.802178][ T1415]  kasan_save_track+0x14/0x30
[  395.803650][ T1415]  kasan_save_free_info+0x3b/0x60
[  395.805268][ T1415]  __kasan_slab_free+0x51/0x70
[  395.806764][ T1415]  kfree+0x2b6/0x4d0
[  395.808004][ T1415]  process_one_work+0x9cc/0x1b70
[  395.809571][ T1415]  worker_thread+0x6c8/0xf10
[  395.811047][ T1415]  kthread+0x3c5/0x780
[  395.812367][ T1415]  ret_from_fork+0x48/0x80
[  395.813791][ T1415]  ret_from_fork_asm+0x1a/0x30
[  395.815348][ T1415] 
[  395.816135][ T1415] Last potentially related work creation:
[  395.817921][ T1415]  kasan_save_stack+0x33/0x60
[  395.819418][ T1415]  kasan_record_aux_stack+0xb8/0xd0
[  395.821062][ T1415]  insert_work+0x36/0x230
[  395.822440][ T1415]  __queue_work+0x97e/0x10f0
[  395.823919][ T1415]  queue_work_on+0x1a4/0x1f0
[  395.825378][ T1415]  release_tty+0x4de/0x5d0
[  395.826796][ T1415]  tty_release_struct+0xb7/0xe0
[  395.828338][ T1415]  tty_release+0xe2d/0x1430
[  395.829777][ T1415]  __fput+0x3ff/0xb70
[  395.831051][ T1415]  task_work_run+0x14d/0x240
[  395.832536][ T1415]  do_exit+0xafb/0x2c30
[  395.833857][ T1415]  do_group_exit+0xd3/0x2a0
[  395.835335][ T1415]  get_signal+0x2673/0x26d0
[  395.836787][ T1415]  arch_do_signal_or_restart+0x8f/0x7a0
[  395.838527][ T1415]  syscall_exit_to_user_mode+0x150/0x2a0
[  395.840299][ T1415]  __do_fast_syscall_32+0x80/0x120
[  395.841918][ T1415]  do_fast_syscall_32+0x32/0x80
[  395.843469][ T1415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  395.845457][ T1415] 
[  395.846231][ T1415] The buggy address belongs to the object at ffff888059567000
[  395.846231][ T1415]  which belongs to the cache kmalloc-cg-2k of size 2048
[  395.850609][ T1415] The buggy address is located 32 bytes inside of
[  395.850609][ T1415]  freed 2048-byte region [ffff888059567000, ffff888059567800)
[  395.854840][ T1415] 
[  395.855619][ T1415] The buggy address belongs to the physical page:
[  395.857622][ T1415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888059565000 pfn:0x59560
[  395.860741][ T1415] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  395.863324][ T1415] memcg:ffff88805044a581
[  395.864671][ T1415] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[  395.867328][ T1415] page_type: f5(slab)
[  395.868613][ T1415] raw: 04fff00000000240 ffff88801b44c140 ffffea0001806610 ffffea00012c7010
[  395.871271][ T1415] raw: ffff888059565000 0000000000080006 00000000f5000000 ffff88805044a581
[  395.873921][ T1415] head: 04fff00000000240 ffff88801b44c140 ffffea0001806610 ffffea00012c7010
[  395.876601][ T1415] head: ffff888059565000 0000000000080006 00000000f5000000 ffff88805044a581
[  395.879276][ T1415] head: 04fff00000000003 ffffea0001655801 00000000ffffffff 00000000ffffffff
[  395.881951][ T1415] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  395.884628][ T1415] page dumped because: kasan: bad access detected
[  395.886625][ T1415] page_owner tracks the page as allocated
[  395.888413][ T1415] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 11742, tgid 11742 (syz-executor), ts 336657993271, free_ts 335859910663
[  395.895131][ T1415]  post_alloc_hook+0x181/0x1b0
[  395.896724][ T1415]  get_page_from_freelist+0x135c/0x3920
[  395.898449][ T1415]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  395.900297][ T1415]  alloc_pages_mpol+0x1fb/0x550
[  395.901793][ T1415]  new_slab+0x244/0x340
[  395.903105][ T1415]  ___slab_alloc+0xd9c/0x1940
[  395.904599][ T1415]  __slab_alloc.constprop.0+0x56/0xb0
[  395.906287][ T1415]  __kmalloc_cache_noprof+0xfb/0x3e0
[  395.907928][ T1415]  ipv6_add_dev+0x1c9/0x15f0
[  395.909369][ T1415]  addrconf_notify+0x53e/0x19e0
[  395.910893][ T1415]  notifier_call_chain+0xbc/0x410
[  395.912475][ T1415]  call_netdevice_notifiers_info+0xbe/0x140
[  395.914369][ T1415]  register_netdevice+0x182e/0x2270
[  395.916020][ T1415]  veth_newlink+0x30f/0xa00
[  395.917461][ T1415]  rtnl_newlink+0xc42/0x2000
[  395.918928][ T1415]  rtnetlink_rcv_msg+0x95b/0xe90
[  395.920499][ T1415] page last free pid 11531 tgid 11531 stack trace:
[  395.922496][ T1415]  __free_frozen_pages+0x69d/0xff0
[  395.924118][ T1415]  vfree+0x176/0x960
[  395.925366][ T1415]  kcov_close+0x34/0x60
[  395.926668][ T1415]  __fput+0x3ff/0xb70
[  395.927948][ T1415]  task_work_run+0x14d/0x240
[  395.929464][ T1415]  do_exit+0xafb/0x2c30
[  395.930790][ T1415]  do_group_exit+0xd3/0x2a0
[  395.932241][ T1415]  __ia32_sys_exit_group+0x3e/0x50
[  395.933867][ T1415]  ia32_sys_call+0xd56/0x1c40
[  395.935371][ T1415]  __do_fast_syscall_32+0x73/0x120
[  395.937003][ T1415]  do_fast_syscall_32+0x32/0x80
[  395.938546][ T1415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  395.940538][ T1415] 
[  395.941342][ T1415] Memory state around the buggy address:
[  395.943089][ T1415]  ffff888059566f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  395.945599][ T1415]  ffff888059566f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  395.948098][ T1415] >ffff888059567000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  395.950566][ T1415]                                ^
[  395.952176][ T1415]  ffff888059567080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  395.954678][ T1415]  ffff888059567100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  395.957143][ T1415] ==================================================================
[  395.959692][ T1415] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  395.961892][ T1415] CPU: 2 UID: 0 PID: 1415 Comm: aoe_tx0 Not tainted 6.15.0-rc6-syzkaller-00085-gc94d59a126cb #0 PREEMPT(full) 
[  395.965460][ T1415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  395.968686][ T1415] Call Trace:
[  395.969762][ T1415]  <TASK>
[  395.970717][ T1415]  dump_stack_lvl+0x3d/0x1f0
[  395.972155][ T1415]  panic+0x71c/0x800
[  395.973371][ T1415]  ? __pfx_panic+0x10/0x10
[  395.974772][ T1415]  ? mark_held_locks+0x49/0x80
[  395.976276][ T1415]  ? tty_write_room+0x7d/0x90
[  395.977778][ T1415]  ? check_panic_on_warn+0x1f/0xb0
[  395.979346][ T1415]  ? tty_write_room+0x7d/0x90
[  395.980833][ T1415]  check_panic_on_warn+0xab/0xb0
[  395.982391][ T1415]  end_report+0x107/0x170
[  395.983787][ T1415]  kasan_report+0xee/0x110
[  395.985210][ T1415]  ? tty_write_room+0x7d/0x90
[  395.986716][ T1415]  tty_write_room+0x7d/0x90
[  395.988191][ T1415]  handle_tx+0x14f/0x630
[  395.989541][ T1415]  dev_hard_start_xmit+0x93/0x740
[  395.991178][ T1415]  __dev_queue_xmit+0x7eb/0x43e0
[  395.992767][ T1415]  ? lockdep_hardirqs_on+0x7c/0x110
[  395.994421][ T1415]  ? finish_task_switch.isra.0+0x221/0xc10
[  395.996287][ T1415]  ? rcu_is_watching+0x12/0xc0
[  395.997802][ T1415]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.999498][ T1415]  ? __lock_acquire+0xaa4/0x1ba0
[  396.001062][ T1415]  ? __lock_acquire+0xaa4/0x1ba0
[  396.002633][ T1415]  ? do_raw_spin_lock+0x12c/0x2b0
[  396.004235][ T1415]  ? find_held_lock+0x2b/0x80
[  396.005722][ T1415]  ? skb_dequeue+0x126/0x180
[  396.007190][ T1415]  ? find_held_lock+0x2b/0x80
[  396.008686][ T1415]  ? rcu_is_watching+0x12/0xc0
[  396.010206][ T1415]  tx+0xcc/0x190
[  396.011357][ T1415]  ? __pfx_tx+0x10/0x10
[  396.012705][ T1415]  kthread+0x1e4/0x3e0
[  396.013998][ T1415]  ? find_held_lock+0x2b/0x80
[  396.015488][ T1415]  ? __pfx_kthread+0x10/0x10
[  396.016987][ T1415]  ? __pfx_default_wake_function+0x10/0x10
[  396.018823][ T1415]  ? lockdep_hardirqs_on+0x7c/0x110
[  396.020486][ T1415]  ? __kthread_parkme+0x19e/0x250
[  396.022079][ T1415]  ? __pfx_kthread+0x10/0x10
[  396.023551][ T1415]  kthread+0x3c5/0x780
[  396.024896][ T1415]  ? __pfx_kthread+0x10/0x10
[  396.026421][ T1415]  ? __pfx_kthread+0x10/0x10
[  396.027904][ T1415]  ? __pfx_kthread+0x10/0x10
[  396.029369][ T1415]  ? __pfx_kthread+0x10/0x10
[  396.030839][ T1415]  ? rcu_is_watching+0x12/0xc0
[  396.032359][ T1415]  ? __pfx_kthread+0x10/0x10
[  396.033840][ T1415]  ret_from_fork+0x48/0x80
[  396.035255][ T1415]  ? __pfx_kthread+0x10/0x10
[  396.036736][ T1415]  ret_from_fork_asm+0x1a/0x30
[  396.038259][ T1415]  </TASK>
[  396.039945][ T1415] Kernel Offset: disabled
[  396.041316][ T1415] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:06:49  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802b43f880 RCX=ffffffff81aea199 RDX=ffff888012b02440
RSI=ffffffff81aea173 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000de1f360
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed1005687f11 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b23b180
RIP=ffffffff81aea187 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977ea000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f74b2028 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cf4ce420c591bfc0 8f747ac8a8996cea
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f36956551e130f25 8ac0ec5f70b5489d
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c1cae0fb126a2bcd bd68d6c5f91e3358
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d5a6b7ab3c33d52c f92c8e685c976a57
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000c0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f0b37fea2e b5c841bc0863e1dd
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000f0 000000f0000000f0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7b30864c63e2a14d 7130f968000d15fa
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b5e9f490b839ed68 000000003cca66ec
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44fcae23bc24c712 c4875f70897de67d
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e8d6fbc3f3f37e08 80017d7fac3e396c
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000f65c47 RBX=0000000000000001 RCX=ffffffff8b6973e9 RDX=0000000000000000
RSI=ffffffff8dbdc8a7 RDI=ffffffff8bf472e0 RBP=ffffed1003b51488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000000
R12=0000000000000001 R13=ffff88801da8a440 R14=ffffffff90851e10 R15=0000000000000000
RIP=ffffffff8b695c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978ea000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f75000 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73a2ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000000 RBX=ffff88802b423de5 RCX=ffffffff819a5f81 RDX=ffff888022d84e58
RSI=ffffffff819a5f8f RDI=ffff888022d84e58 RBP=0000000000000000 RSP=ffffc9000783f498
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000011f1b
R12=ffffc9000783f718 R13=ffff888022d84880 R14=ffffffff8dbaea77 R15=ffffc9000783f718
RIP=ffffffff819a5fab RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979ea000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c294f9a CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000084419b RBX=0000000000000003 RCX=ffffffff8b6973e9 RDX=0000000000000000
RSI=ffffffff8dbdc8a7 RDI=ffffffff8bf472e0 RBP=ffffed10037e3000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a65bd R10=ffff88802b532deb R11=0000000000000000
R12=0000000000000003 R13=ffff88801bf18000 R14=ffffffff90851e10 R15=0000000000000000
RIP=ffffffff8b695c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097aea000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7f85000 CR3=000000002171a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555e41c2ac50 0000555e41c2ac50
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe41266ea0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 78656e75203a3569 6368203a68746f6f 7465756c42205d32 35393554205b5d34
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030203030203030 2030302036322034 6220643820303020 3030203030203030
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2036322034622064 3820303920303920 3039203039203363 203935206135203e
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 64353c2030382064 6320343320663020 3565203938203535 2032352031352030
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3020303020303020 3030203030203030 2030302030302030 3020303020303020
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000