last executing test programs:

27.061106169s ago: executing program 2 (id=192):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0xdc5b, 0x9360, 0x0, 0x0, 0x0, r0}, &(0x7f0000002000)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r1, 0x48e9, 0x0, 0x2, 0x0, 0x0)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r5 = dup(r4)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000180)=0x2660, 0x4)
recvmmsg(r4, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x20, 0x0)
write$cgroup_devices(r5, &(0x7f0000003600)=ANY=[@ANYBLOB='a'], 0x8)
sendto$inet6(r0, &(0x7f00000002c0)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x5, @loopback, 0xffffffff}, 0x1c)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000800000095000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='contention_end\x00', r6}, 0x18)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMSET(r7, 0x5418, &(0x7f0000000140)=0xffffbdfb)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000040)=0xb, 0x4)

26.229524772s ago: executing program 2 (id=194):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x13, 0x7, &(0x7f0000000540)=ANY=[@ANYRESDEC=r0, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x70, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000280)='rpcgss_svc_seqno_low\x00', r3, 0x0, 0x68f}, 0x18)
r4 = add_key$user(&(0x7f0000000200), &(0x7f0000000300), &(0x7f0000000940)="132bbb6a2a", 0x5, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={0x0, r4}, 0x0, 0x0, 0x0)
unshare(0x2a020400)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='signal_generate\x00', r6, 0x0, 0x4}, 0x18)
r7 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = socket(0x1d, 0x2, 0x7)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r8, 0x6b, 0x8, 0x0, 0x0)
ioctl$VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f0000000140)={0x3, 0x5, 0x2})
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r7, 0xc0585609, &(0x7f0000000040)={0x0, 0xa, 0x0, 0x0, 0x1f})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000001240)={0x200040000, 0x0, 0x0, 0x0, {0xfffffffd}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r10 = socket$packet(0x11, 0x3, 0x300)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="18000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000009008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000ffffffff850000003f27f1f2ebe284000000b70000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r10, 0x1, 0x32, &(0x7f0000000040)=r11, 0x4)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback, 0x4}, 0x1c)
unshare(0xc00)
unshare(0x10000000)
close(r5)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1311979521a9995df52b4ed8d1cc0000000000", @ANYRES16=r1, @ANYBLOB="01002abd7000fddbdf25200000000c00060001000000010000001c002d80050001000300000008000200000000000500040000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x8800}, 0x48040)

26.165780537s ago: executing program 2 (id=195):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000240)="b9ff03076804268c989e14f088a8", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, 0x0, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000000180), 0x1)
r4 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
lsm_set_self_attr(0x67, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x2b, 0xb, "42d741bfad370c2e999825"}, 0x2b, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
mknodat(r5, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
sendmsg$TIPC_NL_MON_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x78, 0x0, 0x800, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x64, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "aca837fc265949853300a3277fb0457c5408615ca4d67a13fe6007a331e17a1686b6"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x48040}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

26.069016578s ago: executing program 2 (id=196):
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='qnx6\x00', 0x200000, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="020100020a0000000000000000000000030005000000000002000000e000fc020000000000000000020013000400000027bd7000ff340000030006000000000002"], 0x50}}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xc, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = socket$tipc(0x1e, 0x5, 0x0)
listen(r3, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r4, &(0x7f0000002300)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x42, 0x200000}, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x404c800}, 0x0)
accept4(r3, 0x0, 0x0, 0x400000000000000)
r5 = dup(r2)
socket$igmp6(0xa, 0x3, 0x2)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r5}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r2, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r9 = socket$tipc(0x1e, 0x2, 0x0)
r10 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r10, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0xfffffffd}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x2, 0x2}, 0x10)
sendmsg$tipc(r9, &(0x7f0000000140)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x0, 0x2}, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20000050}, 0x0)
openat$binderfs(0xffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x802, 0x0)
socketpair(0x9, 0x6, 0x5, &(0x7f0000000000))

25.165560942s ago: executing program 2 (id=209):
openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000080001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
sendfile(r4, r4, 0x0, 0x101)
fdatasync(r4)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x8100, 0x0)
getdents(r5, &(0x7f0000001280)=""/4075, 0xffb)
getsockopt$inet_mreqsrc(r0, 0x0, 0x28, 0x0, &(0x7f00000002c0))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$ARPT_SO_GET_INFO(r6, 0x0, 0x60, &(0x7f0000000700)={'filter\x00', 0x0, [0x9, 0x9]}, &(0x7f0000000780)=0x44)
r7 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
symlink(&(0x7f00000049c0)='.\x00', &(0x7f00000059c0)='./file0\x00')
syz_init_net_socket$ax25(0x3, 0x3, 0xcd)

24.081203965s ago: executing program 2 (id=214):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
timer_settime(r2, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, &(0x7f0000000100))
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001", @ANYRES32=r0], 0xc4}, 0x1, 0x0, 0x0, 0x4000012}, 0x20050000)

9.104262221s ago: executing program 32 (id=214):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
timer_settime(r2, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, &(0x7f0000000100))
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001", @ANYRES32=r0], 0xc4}, 0x1, 0x0, 0x0, 0x4000012}, 0x20050000)

5.711154097s ago: executing program 3 (id=311):
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000100)="b8", 0x1, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x1, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x4}, 0x8) (async)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x4}, 0x8)
socket$alg(0x26, 0x5, 0x0) (async)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000002380)=0x200)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8676ff42fbe01f3d}, 0xc, &(0x7f0000000580)={&(0x7f0000000440)={0x68, 0x2, 0x6, 0x301, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x68}, 0x1, 0x0, 0x0, 0x11}, 0x40)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74) (async)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74)
syz_io_uring_setup(0x918, &(0x7f0000000300)={0x0, 0x98a9, 0x2, 0x1000001, 0xf7fffffb}, 0x0, &(0x7f0000000500))
socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000ac0)={0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r4, &(0x7f0000000000)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0002}}}, 0x14)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x28, 0x0, 0x200, 0x70bd27, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", "", "", "", "", ""]}, 0x28}}, 0x840)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70003000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x24000810)
r6 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x400000009) (async)
ioctl$TCFLSH(r6, 0x400455c8, 0x400000009)
ioctl$TIOCSTI(r6, 0x5412, 0x0)

5.470611017s ago: executing program 3 (id=313):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.numa_stat\x00', 0x26e1, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r0, 0xfffffffc)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ifreq(r2, 0x8948, &(0x7f0000000240)={'netpci0\x00', @ifru_flags=0x1000})
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001180)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_VALIDATE={0x8}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40004)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="285f5c3a9e00000093180d83e68e08b14670bb3d7d060eea93401331db2b7e4c1de0eb", @ANYRES16=r4, @ANYBLOB="070000000000000000000200000014000180060001000200000008000300ac1414aa"], 0x28}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x1802, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fb20a30b1a87a60030005000", @ANYRES16=r8, @ANYBLOB="01002cbd700000000000010000001c000180060001000200000008000300ac14141c0800060003000000"], 0x30}, 0x1, 0xff07}, 0x2000000)
sendto$inet6(r0, 0x0, 0x0, 0x20004011, &(0x7f0000000180)={0xa, 0x4e20, 0x1, @empty, 0x5}, 0x1c)
socket$inet_icmp_raw(0x2, 0x3, 0x1)

5.018127929s ago: executing program 3 (id=315):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x80008, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000200)='qrtr_ns_service_announce_del\x00', r2}, 0x18)
socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x85, &(0x7f00000004c0)={0x0, @in={{0x2, 0xeffe, @broadcast}}, 0x4, 0x7ffe}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x4008002, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)
r7 = socket(0x1d, 0x2, 0x6)
socket$inet_udplite(0x2, 0x2, 0x88)
bind$can_j1939(r7, 0x0, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000100)=@caif=@rfm={0x25, 0x5, "cdfaaf7254f4ef6249f068fcdd7e1cbd"}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000300)="27050200340f14000600002fb96dbcf706e10500000086dd000f1144ee162fd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000102821880b000000000000005743ce554b6df654cb0173677c4e2eaa2eb5035d135958831197684b763f499a2fafc724413afe7af5b53e61532895bae8d3f0f02cc4e729883f078a2552275a1486218834476323059f91a91c500e035c5c70afee9d16b5acd7cd4b94e3600c9c69aeb79e259488e089b1c59bc6fca826d38a7b3229ccd5b1bde01e63f1edd3c0f933e5c02936de55f2a4ee254bbe8aed1d2260c97783b615850d488b7f0c4a80715bed3cf1adb2dafbb7672328e2300fa2623704da7b9889a57e231be318f5eb6d294a302e753e75b741b63e898748f228e6752d15bf99e02c3d366fa091326029d899c493df701ad6c37c55598f3a19e748f58475398fda5f6153cb11a4ffde399dc21f96bed56d31fd6bfa0a75d0df449393aaf7c449", 0x163}, {&(0x7f0000000480)="1c393502dda1a67d93b1ceccbe972c4fef9c33ecf2d824f3a33513f45f472bbdc8e3a2275f2587f0da0b3ae419bed996116448f90d113ce98aa985f379d729430858f5cb9a668a1800bf2354b33cdff83033de518580a3080d7f4cc2406e071138439e1566dd17983ee153ab672f362d3292034a9952f18ec3d8b37bb3391096c1d4442a754899299321c03cbcfb98a26994b2a072c2b9d9c70d619545e5f61b050e40166d2ff57dcc008f24fd5339e7bc21e25863f80d2487c30b6bf781608a31d68e9319ab1712d8f5bdde849c040417c864cbfd3923dcb9fc6bdc2ea53334184b03efcb631dc68f0a7b6e13eea4b80d4237120e32932ca4e2b50bad0a35496d36a191d91f03b477b9587bc0ba489932e34f819fa1524ebad53a3d94b46c6aeff4f42fa067729fbb2862c09d337a75e0c8429d4bfe0dee2e1e23e8c22787178600ecca135623731e4701f35bd4e7c936a8ee274120e7662328a5aba1161b05889b045696721c79bff0547efe051f3c5de77fdd3c77afd41a1a7747a982b7efb013c9d6bac7d3ad1f9b7c3a5a1448b35696f03bca1c875e346edc55b7a271c3e5f3c0df72c8e4d7cccfa2e9b598f0ae06efbc1a5d5bd91aed6b32deccf7755cef50fab72633c802533b9d94f17f9be978f2514c47671575ee528fbdddc6194328e605e4d10e293756d20eb8a545f2bfe48df5d1d98a270458392a0a57647dcb8e35c0245b618452612d0429b9b9957a695c3289b4a59469691115e6ba204181708b9d1ae47418ed594b8128f20c100f5485a84e60d73ab818da73fab78caf42afd1f89cdb29dfdd6676c55ea00d35321bc4878170c62b056b4e03ae556ac804026cabcbc8e79e7a18f2f56442cd650aa2bc88f62ebb65bfafd3e5b4c62ac2e720ff0fdf03c46889df55ff91058319c953f90cd6e7f7b15d56a58ff6128357510c4c61fae925f3147ee3e72c8aa25434881d58c39092969ba1f7c444465f16d1f2561991e357bda928f2a50422f774f318fb41169a0d0324a8efd19b940a17c28cda06b750cd02155dbdbd1dc695e190a997ae8f4bb8766983d8db8678a78ae8f044b868549e9c60f7ce2925a36300ce07f304e75d285e914b3aec703969df969b2736dd99fcab1944c751f8ef4c34cbb86d5f27ef9982be245949d5579b540750d1eac428b0cd2541295b577573b27e9ecac3934987e85b44bc85e6e307cf6f5683bf1c817369d556a368bc5560a1737aa2bec3cac4689e04fbe851ed4b6c1a355950522f8918af3855fe97ec285da15a20e8119483e7419fa2b0639d5add10b396a8033ec2b98d9a9fca3fc4202d0a6bcfa55798eacacc78cb5c8b4f26222883707b61fa4c8efafb73a2ab89bb58b0c20364a6ad9c233dfb1bdbb87b8f91e3ab9790e876f906107183419aa7480e327388c01dc5f2d5bcb8a7565cddc4e1275741116416b66bf3adf9e7e31c3fc518740446ed2a394e7699baf9408c62b4c0e7a11dec8f4a67e78a3f00bedae9f55f36c52a1fd4ee3a8be7285f9ca898ee63d3718a7c4603bcb9a24537b34a41a6c0eee4cc609b014d3f4fb928aa7e3fa7a4f97dcef5c0e526b650284ffeda82f603ed9ea1eb6627d29d8bcd6c7e6fe128b1c4463b2cfe50c0ff9a46090635dde4b4d4a984e5a91f7486856cd2bf85088fa4b97b219628be8cdba7e54d00985a73fb5b0b4b0f96844e73a8ff7884bdee1a0d6e62decfeebfb56351c135e6580fd61ea806ee5592fe4ffba5c73b8a4a04d44aa52645320cb73fe0c5f14a971d3b3f64c85f5ebaab5e1a061f5186050230286331048e43368e45cfc88e8f4d0d3b1b86b64d5394bc68c2b754389b3c18a45c1edb0496dd88cb3113bbdf1a0f127eb8cd52caf8da95b83d0decad3775b2f2e43776d0d32d447cdd0b267b32775e3473f51a233f8c91a4c07ad669da1844f3d9554f399d43ca1eda29c5c761b3936f845f0c4d1c6a56b8b34b5ab3291e06cd86de6116fc3236a11343d6f4ad02199717054ac1f15471c5a2b8efe67bd4bea33c0ca36e2c4209026849de21c1da1057f353dc824947d75119e4501b98cb9e621d0644e3f4a75353093557afcee7da41ad368fe1cbb426922772b9b262a861fbce9ae86d6e8c5a8de6a1e8f03456c0a354277a2f3ff46a62b6d6cdee4febf23e2350f94b47a05a4d0e7da37a2e97b899d92ca1f3bd1cded5588593e8bb99b9dce0731fa1174de14b63be2bf7e424f870551f213fab437aac092c2e9798959fa3616465e2b36fd49cc9af902d47debec02558c036ed991f1a3895b37cd70f3c405cca362c885542fd976e73be4cf7580a0c4d5a9527c77c189573e3be07ed15472f6b012939abb5be9f3e8a5b720307fb2dbca48b35d121702cfb6b3690559b08fbeb77d53d37582d7f44fe269ac51665632bf070cfc7445741b70306cb3f19b7fbecd19a78092dfd086a0da019734d95660ba4e5ce5bcf25f09403c32e3ec902f3717cca0eca05e791c2b8c2b8988645afa2446d5218abce136c0db9afb95e4f4727a29cc567b3f73d5dbc1aeee746653a7f5c445add24a9c1b67d1bfeec85d2a6478e80c3acdb9439aa46c8cf14a98ffa89790ef7a94b3146088566812e28ccbafb466772b7fbb98dcf1e792eb6d0de0829c3c49c5ecdeea3e80017324a0fe724565c4e7a242764e9012442cae44b57c7121889c044be05b5eca70efb649bb528e751f072af93ae2c5053fdce196cce158136f904cf64f2cb8becc2d024f5ec32a38d78b87a4dfe7c53769dadef890efd160eb662cedb18a756aed83edfb9efbbb3648eb399e61f80077e64b95eae9d17083aed05cfc2e148621e36be1f41d373c721a11804fce269c688b0c647d6e1083e336d1f7f90a7a080a83397773cc351531070af5c1a1418f28dce95c01052a314a9ebe39cb9cddb8e7855e58c4a636b7f6250ecad312ede18664c03d92e330935295a35ea3e0306f25ca971300f782ae2f6e79a513732d22ef9b9bc41d17df3352a855cdd19b18f5abd6e6420f4f42f01750a64f6acdb6b46622fafebe3e913c64a1a6a59f980e97deae0dc83c12ccae6b430d7a28f21c3e0e38b32f3d5f1d44927fc34ed5c9ddb5be8eb936dbdcd327b63ea69d86c2da15cb834a18ee51a44f2da7b11d79486942fd04eade92fe5d93342970ca4cc73861b15facf97e9c53c15488c5630b17b9364c58652cfa6de0918327498ba8d6120d3be9139c51a6e9017525772397529ddd4fd1905614fd1cc7f1370a577ad10ec9ea742f9aedc9fee42c3df38f4b35cdfd70fd677bcd396b37c60e439693dcb1cf8590eaf770b3f74af21f5119ac238e82e92c83321b06f106530abbbd321c3e1dc948accdc21a586ff37253ad1d0c5bfb51541f876be1b6e4f490046204b9edfe9a9721b9019a495d1efed10d4570f4c75ac8b46cfe8899f6d92e862611b35be8931a2460dc646ed332b3046baf48613bbb543f4abda22d3d62a484665ba5bbf8fec1bb199b430a6e96cfad417a1644cc5f7f640004836c60f15a174eb7eb1750a71a141549f393c7d88b8729a33f841f7f8f2bd03dccaaa825f2e29105f6b4c11ac8e06bb3be9dfdecce66294a0be9dbc5f40123644fcac59ed0c968eb62fb14d111e900ad1c038f17d5471ab088f704de7db35753f818f55669a76e621b29d975253d177791e1434644a81b2b8bc4c8e147961b4f1b7f3e225571fecb10906957791b27d35a89e3ce84c91a2dc60aee460d8f41eb7b5e171516ef34d8c7dbbc8122cdeffa51b5a393d2cae7f69826d342d4d85b58ca7ddb0e688a15b39a00ef1aed5db337d1ab87e06f835663a496857fb6320e5ee9086f42588d9b8ea04ff3d9eac2b8ffd1155a504230103a68bd8b3c416a10d76cee236442a68393896587bc66c01a5f7f411325578d023d7619a89d0bcbbacae99b925fb72994e1ef4240cddad2294a56bec6d6243b95b04345c215bd48a3aa89786ba39b4d2f5015d8bd038c32a7b0eb02a4eb5a640371d9b4af540eb99a1e26547cc214da21e9538754a802972411a0bf416707b95457d0b77daac9bdf27a82b9aa7992ad1d3815f9a56a746eefa6f7e1913b6e3e859b2cc7797adcae825b7aad17c11e66597042c327a6473489a9664c5ce0ff8b1ecfb691daa0bd50c17f4597826553686bc2ee08eaca8dd6f77c626691699141a698e5b517e02130587ee503c7b5f638cbf32166b0d4ebe9222b6c9d50fb3db9d1ab060c31aabeef52cd51e5cf485eecc741e37a47c4996068f1d4b25f182b9d7bee4bec5cb070d3cea2f9762a41bb8d9ec5896ebcb2b17ca82f29bcce456412d8ed531afda50d259fcb7794216b6a9a873b6c3c4493c0c6d3e6a4f81f3b40dcc745a4e2383c678c472b1d5bf3ff02992bfe893a5bc96824039da1ee3cf8593e7d616d62f6e3c3e2c4e0cc58d5445998cf5b1c91c2468b2571b118709668efbbe72911f1bfa96b97c32f71cd7071f4c729e88631a89b53dd4bae6ef9c4ed082916e267479195599e9871b26b92c6885ded29f990070fddc4d8535088ddc70d6e83f797b6fa2260a92602eb9098e6db801cb7394f0c90fb5913b2f8d8d24c8f1056920e1facbe643dd49d8983b277da7282a986c28d5468aed9a4730579a20346d35f78b6bd2cacb4b9237fbfb0b7a2314105ff3b074a0e340b904e715e99c501e1435c15eaa262893c2883c90f26d2ff91792d46e4d867b62570e0c1e4739b8ac4fff8f778960de1ae40d4c85c51e1c60040bb2caeaf0c71dbb67c30715b8c14d6921831d7678522eeed29444df421ee206ca3be20d1b5fd2d2baf832f097fef590290eea77f8f3ed00b39841421b61f1c0d01def54bec0348be2216a8dad60838f3ad3595a744edeb6202dbcbd9c73a126a79cbefa43c7db0493103c2aa8fecb5cde1773ad0cdd03f5b0cfb0270642a96a9e14d116e9140501df48cdbf725611b398eb2b9e93f8da49e601099e0b2e880a95525b5f3f2edd74ae9d664a1f2e932489b61634ab53a1e2f3bf56add0a7f09c168538", 0xde7}], 0x2}, 0x800)
ioctl$sock_SIOCADDRT(r8, 0x890b, &(0x7f0000000040)={0x0, @phonet={0x23, 0xe, 0x9, 0x76}, @hci={0x1f, 0x3}, @in={0x2, 0x4e21, @empty}, 0xb, 0x0, 0x0, 0x0, 0x2, 0x0, 0x500000, 0x1000009, 0x1})
io_uring_setup(0x1ddf, &(0x7f0000001280)={0x0, 0x8045d4, 0x800, 0xffffffff})
r9 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80000)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r9, 0x8982, &(0x7f0000000040)={0x6, 'netdevsim0\x00', {0x7f}, 0x7})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="64000000020603f800000000000000000000000705000100070000000900020073797a310000000014000780080013000000000008001240000000000500050002000000050004000100000016000300686173683a6e65742c706f72742c6e6574"], 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
getsockopt$inet_buf(r7, 0x0, 0x2b, &(0x7f0000000140)=""/11, &(0x7f0000000180)=0xb)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

4.897875843s ago: executing program 3 (id=318):
openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000080001, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="200000000514210600000000000011000800010000000000080005"], 0x20}}, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
recvmmsg(r0, 0x0, 0x0, 0x12140, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/resume_offset', 0x101a02, 0x0)
fdatasync(r4)
mount(0x0, 0x0, &(0x7f0000000080)='proc\x00', 0x0, 0x0)
getsockopt$ARPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000700)={'filter\x00', 0x0, [0x9, 0x9]}, &(0x7f0000000780)=0x44)
r5 = memfd_create(&(0x7f0000000300)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xae\xd1md\xc8\x85\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;2\xb5\xe1jS\xeb\xbf%||\xa0\x8e\x01\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x4)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
symlink(&(0x7f00000049c0)='.\x00', &(0x7f00000059c0)='./file0\x00')
syz_init_net_socket$ax25(0x3, 0xe935773f26c2ec5d, 0xc4)

4.600700699s ago: executing program 1 (id=319):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r1, 0x0)
r2 = openat$pmem0(0xffffff9c, &(0x7f00000000c0), 0x165101, 0x0)
fanotify_init(0x40, 0x40000)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$inet_int(r4, 0x0, 0xc, 0x0, &(0x7f0000000040))
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x21, 0x101, 0xd, 0x4, 0x40c28, r1, 0x6, '\x00', r7, 0xffffffffffffffff, 0x9, 0x1, 0x3, 0x0, @void, @value, @void, @value}, 0x50)

4.29093499s ago: executing program 1 (id=322):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
r2 = fsopen(&(0x7f0000000080)='adfs\x00', 0x1)
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f00000002c0)={<r3=>0x0, 0x5, 0x5})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f00000006c0)={0x0, 0x0, {}, {0x0, @usage, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_BALANCE_V2(r2, 0xc4009420, &(0x7f0000000ac0)={0x10, 0x1, {0x8000000000000000, @struct={0xb4, 0x7}, r3, 0xe, 0x1, 0x1, 0x1721ceec, 0x683b16f0, 0x40, @usage, 0x5, 0x10000, [0x5, 0x3, 0x5, 0x429, 0x7ff, 0x1ff]}, {0xffffffff, @usage=0x8, 0x0, 0x10, 0x2, 0xfffffffffffffff8, 0x10, 0x700000000000, 0x3, @struct={0x0, 0x3}, 0x1000, 0x3, [0x2, 0x2, 0x400, 0x5, 0xfffffffffffffffb, 0x6]}, {0xec, @struct={0x5, 0x5}, r4, 0xa, 0x9, 0x3, 0x4, 0x3, 0x2, @usage=0x10001, 0xffffffff, 0x1, [0x4, 0x7, 0x1, 0x8, 0x3, 0x4]}, {0x3, 0x3, 0x1}})
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000e00)={<r5=>0x0, "ffc21214c0429da91fe860221a3c5faf"})
ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000340)={0x1c, 0x1, {0x2, @usage=0x7fffffffffffffff, r4, 0x7, 0xfffffffffffffffa, 0x1, 0x6, 0x3, 0x0, @usage=0xf, 0x6, 0x3, [0x308, 0xbb60, 0x800000000000000, 0x4, 0x2, 0x2]}, {0x8, @struct={0x51f, 0x1}, 0x0, 0x1, 0x7, 0x4, 0xffff, 0x5, 0xa0, @struct={0x1000, 0x2cc}, 0x7ff, 0x7, [0xffffffffffffa1b8, 0xa48a, 0x90c3, 0x8000000000000001, 0xffffffffffff7fff, 0x6]}, {0x1, @struct={0x2b80000, 0x300}, r5, 0xbf30, 0x8, 0xfffffffffffffffc, 0x2, 0xfffffffffffffffe, 0x8, @usage=0x3, 0x2, 0x1, [0x400, 0x5, 0x56, 0x8000800000, 0x8, 0x8001]}, {0x7, 0x5, 0x5}})
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2101, 0x0)
ioctl$TCSETAF(r6, 0x5408, &(0x7f0000000080)={0x4e00, 0x0, 0x730, 0xbdff, 0x10, "fdffffffffffffff"})
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r8, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="ff0742"], 0x44}}, 0x0)
r10 = openat$nci(0xffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$nci(r10, &(0x7f0000000180)=ANY=[@ANYBLOB="61050604020202050809057e4d969959f439081a164861064dd302eb3b6307b3778df3e2cd4b5058555b2f14bd1b772df48dd882cfe9e628ecdbdbe67381c133efc8c898e31ff304c05207f44ec50fafb63178f2b6ada67ab7b37276f3426c5c2d3048e7d023ca25a24790348a1baff272499267047fd4a026a6915c4c6e90e0d64306060909e717482b6e4ba98d531ac53df42a65e76af95da7145cfc12438fb9ec1de6566b13a381d8a9c8b4feabf3784e3e59c69c3e579cb7426e7b40927429bc74e77a1818b9cb05bc960e3ac4f20ad9f2474948d3d2ade962452d2ad02ff54da81e35bd065f6cddf2c6830ab809cc44910c69d1e1669973efe2e8138483da075d4159d0396e92261e52e23228e4d50ef6f073876912d5636a66ecaca2057ce5d9057ef709dd06294c3db3cc7078f8ef7b4eb16869128b7cd0e7903d79d40160aaf7a2af48a8fadaade9c928352bb074f0c65ef6106b8ab41112d6e2ea0871f7144b7c61ec8b66cf46466c5b0000000000000000"], 0x176)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r11 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r12 = dup(r11)
write$6lowpan_enable(r12, &(0x7f0000000000)='0', 0xfffffd74)
r13 = syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0x400, 0x1, 0x1000001, 0xf7fffffc}, &(0x7f0000000180)=<r14=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r14, 0x4, &(0x7f0000000080)=0xfffffbfd, 0x0, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="c50a0000000000006113b800000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
io_uring_register$IORING_REGISTER_PERSONALITY(r13, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r13, 0x9, 0x0, 0x0)
io_uring_enter(r13, 0x47f6, 0x0, 0x0, 0x0, 0x0)
io_uring_setup(0x54a0, &(0x7f0000000000)={0x0, 0x70e5, 0x2, 0x2, 0xf2})

4.000199959s ago: executing program 3 (id=323):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x5, 0xe4}]}, 0x8)
io_setup(0x6, &(0x7f0000000800)=<r1=>0x0)
io_pgetevents(r1, 0x6, 0x6, &(0x7f0000000840)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000940), &(0x7f00000009c0)={&(0x7f0000000980)={[0x7, 0x9]}, 0x8})
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f0000000040)=0x1000, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r4}, 0xc)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400200142603600e122f00160006000400a8000600200003400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xfb}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)
sendmmsg$inet(r0, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001280)="bb2d839f3bf337ccd0d8f3513ab30aba4b00b6f0ef506a60f4082ace5a8a10d80d8d595071f2ff529ff6996481ffc7e4de448343b85079722c4f1a1ce360836392283201a1a5ac0b6e24ccf9f075c64fe58b7a37d37019a49908876bc37c9f304eeefed8a6d8cae3ca0f81e900c8735b8b3063967b68a1567e30726f2c0edb6c85e78619700b0645b728a0c88b22d18366a6db2e391401feb630396bf42b987b102eb2d0a804e188648df6c8ddd79e0fde3893930e06e91c39cc01d239a1c20cb0cee84da924212382163c6638e798d66660c356195a56523456052c42aca7c8404e259561dfea5cbdc21a31b7e7eb73a710b68ba2ae2eff86d3d4fbda8b72014f5de839d48acbc9d217f7ac0b3362a66f3a7d04277cc4b918687ed082170f98dc54bd56f28ea3fecc4e86e1820ed811919dac4d09c18e27c4d839c7ac015d34522c7d87ae968dc872d97db81da9a4b6f631535348d9d44ca3fe846f6706fd3d3bd2f62f2d046a2973c9e8c6ccbf96fd0060d532433732627bf213a35870cea250f79ac773b8adba386e0ae960801b073646dcfe7c89f0cb410d22146cb3109bb9a12649e943104875c0272dfdfac5998854c0f62438909522fba45a4ac83b917a6d9a45704fefe035986b7ae676dd6b8094d2ce7ed64f0aaf138cc827553d74b2c04488d849df41fb98a6c966c07cbb1a9fe3ee5e41c3082c51b37f9df811461cf123830ee606c7b5816b6b86b21860177bfc3fd9aeb689dbb39963a55cee2afe7352200f719a3c0fe44e059446bd7226d9e814d2358c2524c0103c48f7516cc69eb04815bbef84a5bd840a5131f45c335ef8939d6100cf89160f5f1c5aec60e479d18f4680a5a525964fbf2371c1493df2c3e67f98645f329d984250dc98a48a5ab14624438ad259145794a22055ace7d33b5218ed2bda0a528bee49e4e4ae3068477da429945eef0e06128a3202f62634d8faba02e7a951fd2ceba99d2a1488872c66ceef1c5ba5a3e4a523be24c7c2de0316ae12a66d11a8089888c1e2635206ad43da841b07324fdb18eaf8d8a41a8eee7e9cd948967234049bf5ff3c8ce9cd708cf33fca2896221990573c08ef7eb0843189f7033f93b753a40c49bfc92effc9a663fbd1389f1719d14b3d33558bc1ca6c7a66c3ce93151091b23b0efdc14b6e4af3bd914ae73ef2c823346af97d7d2a53f644ba75587ab85e95c43244ba1c97cd1e692bd3e781c21b937e005c9b617ef80b0b39be0da367d2d6320a9d9efa49b574239631adb87f1b5028ee294136a8ba08b36a4faa93dc03960054a7d8655beae9a5b59db4880ba897ee9bdae083bc90567876375c747e6e19876f3ec81d6306fe252c5b7339c3f8aa409a2b745db9709e0152974db8463d16f16174be5ca677ce5bccdedc1c916919a4c919a92f0529ccca4f5c15546347cbfb94924541d8d8c1ad22bd579a620195ba98c4e1aac394c483d5ec233b7d645893ce835c19f5f58179d838d8ff31391beab43f5d01ce477cb305804b2ce0412788b2e516d049a2b55aa7bf673ade77522ef7299da43acc8cb6c6be9b9bbe90c0347a87eaa000383afd0b6ff6c3e53f11ae2449bfb75b717bd5f2068680e5677782a9fecfed818e69a54849a25ba9fc1894a43076860e1beb0149baf2bef5c712a295b5c8f27fbd75f738100c2e9d2e358b5c8805d1f8f94bea753fb4c3e72802844f7f54b1120310fc1d9bceac33a1e0dad1ac318b03e39e63845ef90b7c14d543e5248626a4deb328d3ababa54de95d6b9d4947f9afbe64fa36d731670adb4efd53f981f1acaa5361293e6b1c67ed7acef1bbc61e3b92dba85773bb83850b9ec0ce204c0e109284e0de7a9007e1a0227d5a9061602fa40728e6e9e0e198bafbfe4e06450a44a8cb98ba38d02744ca3aff2dcc74054ee57cfef01af36cd5d4768ebbe1f60d302d0c56de5de0b52b15ccc824f9376fd28a303d3c9f274967f288d0775349885dbe6d4d0d921ea05130a5abd835c09a5afcf42d74db5eb2ed5b382691657ce5d101d97c4c30f9e48618fb7d9b1332f3457602306d908ac58d33f267d016a49d9f176376be5cc176df7ba603e0eae0d3aa1d0e4aba2b3e367e09d3ea776fa77a417707359532177826cc3dc36d265b2ee0ad921d787e3f88a8e4e9b21376aea3e399631998eb5f3d10a1c9e9d8337d3e820323c99985b3e98a8075ea0dbad82a243ab80704caad7e7b304c39eb437e067eae93d6772c33d744f79283f118ed07d7fe00d406c305724ab15ec417f7354b3411731bf5d08c336f10c6ce92720e4cdd0f939ebc47b4556d6b8e0e539c8bbaa2f5b1e24301985e1984a99a4b81122d6454030976159e588382dd3c0fd55517cfda7273ce59befee278b95891ee05093c0f569cecdc163d293f892f4f2f0ab7b25db89f3ae8ccb774474d760486b4332c7f730da0635370059ee117b18fcdff0f1aed557d45dca6de57fd5001b0d8626113c357945d86e832969d781beef6b6952d7950f087f00c40386fd3783618dbec56a5ca2e84acddb6dd70463a1948a69d2f84d9584cae4765122619682ce5904192ff41656832e68a6a5a47973e46db0ec39e3d66fdd529925073315e726923e431d7678123d181c0a2622fcc39129dc63bf836ab382a0f4d98aeb2be99e9e2f587739c5a60ecf321e9dfb789599049dfb8b8ea1277ca39610c2b5d2f9faa9b4d26d58f5dd40979ff3c01032bade242d16b7ceaf257f636127e802b4355df9ac09b722cab9e8003c81c78e62505f453efb80e47b6e048eb11a0cd4410463c3be4beb497fd1b9df7cd400f72703bf686bd5cbdb0adc7adbb628d6e596bfa182bbe7d68fbe89be52ed78402d585c24a325e55413733f20f73436abd2fdd98d3c7b86faac581e96b77253cb50be6ab295e51ee86125ab94a3a10a845405ddeb6e7be00a5423519c38dc20c15070348ff8fae50ddba6ca49eb0ef5e55d2b63eb8885316f9346f7d75fcf6cf14e158baa04ad0764f4fe5c1ab7a66aa5475a57adcf536295591210b753ab1168187e53cd76be619510c220d49767497d3ec726283b58498bfbcb4c0f5466aae4617a1aea5294ae0fc4dbc91ab4e7191bff31c18b5ba40d14083adf8c940", 0x8aa}], 0x1}}], 0x1, 0x40000d0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000840)='\t&', 0x62, 0x40040011, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x7)

3.740146404s ago: executing program 3 (id=325):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
get_thread_area(&(0x7f0000000000)={0x6, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ftruncate(r5, 0x2007ffb)
r6 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
sendto$llc(r6, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x10)
getsockname(r2, 0x0, &(0x7f0000000140)=0xfffffffffffffef4)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r4, 0xc0405519, &(0x7f00000000c0)={0x2, 0x5, 0x7, 0x7, 'syz0\x00', 0x4})
close(r5)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r7, 0xffffffffffffffff, &(0x7f000000d000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000000)="260f01cfbaf80c66b835b9ca8166efbafc0cec66640f32baf80c66b83065cd8966efbafc0c66b88f9b000066efbaf80c66b8a8a86e8866efbafc0c66b80100000066efbaf80c66b8983d448366efbafc0cb000eeea012b5d00660ff96700c4e2bddfdd0f01c2", 0x66}], 0x1, 0x74, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = dup(0xffffffffffffffff)
write$6lowpan_enable(r9, 0x0, 0x0)

3.686362904s ago: executing program 1 (id=326):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x4b5, &(0x7f0000002340)={0x0, 0x86e1, 0x1, 0x9, 0xfffffffc}, &(0x7f0000010080), &(0x7f0000000400))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20) (fail_nth: 3)

3.453775146s ago: executing program 1 (id=327):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x40000, 0x0)
creat(&(0x7f0000000300)='./file0\x00', 0xe5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r1 = socket(0x10, 0x803, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x3c, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1}})
dup(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4050}, 0x26004090)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
fsetxattr$system_posix_acl(r0, &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010001000000000002000400", @ANYRES32=0x0, @ANYBLOB="0400010000000000100002000d00000020"], 0x2c, 0x2)
ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
poll(0x0, 0x0, 0xfffffc01)
r6 = fcntl$getown(r5, 0x9)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x12, 0x0, @tid=r6}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
close(r5)

3.04109536s ago: executing program 4 (id=330):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000580)=0x281)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0xfffffffe, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TCFLSH(r1, 0x540b, 0x2)

2.928189676s ago: executing program 4 (id=332):
socket$inet_mptcp(0x2, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
ppoll(0x0, 0x0, 0x0, &(0x7f0000000140)={[0x41]}, 0x8)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffff9, 0x10100, 0x0, 0xd3, 0x0, r1}, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x8230}, 0x3})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
rt_sigsuspend(&(0x7f0000000180)={[0x8, 0x2]}, 0x8)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r11, 0x4008ae9c, &(0x7f00000000c0)={0x14, 0x5, 0xd})
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000007b01"])
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r12 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@getneightbl={0x14, 0x42, 0x400}, 0x14}}, 0x0)

1.060600145s ago: executing program 4 (id=335):
openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000080001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
sendfile(r4, r4, 0x0, 0x101)
fdatasync(r4)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x8100, 0x0)
getdents(r5, &(0x7f0000001280)=""/4075, 0xffb)
getsockopt$inet_mreqsrc(r0, 0x0, 0x28, 0x0, &(0x7f00000002c0))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$ARPT_SO_GET_INFO(r6, 0x0, 0x60, &(0x7f0000000700)={'filter\x00', 0x0, [0x9, 0x9]}, &(0x7f0000000780)=0x44)
r7 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
symlink(&(0x7f00000049c0)='.\x00', &(0x7f00000059c0)='./file0\x00')
syz_init_net_socket$ax25(0x3, 0x3, 0xcd)

548.686048ms ago: executing program 0 (id=337):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

548.447791ms ago: executing program 0 (id=338):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
r1 = socket$packet(0x11, 0x3, 0x300)
memfd_create(&(0x7f0000000000)='/::-,,*\x00', 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000100)={r2, 0x2, 0x6}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

458.396882ms ago: executing program 1 (id=339):
openat$tun(0xffffffffffffff9c, 0x0, 0x12000, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0xc0200, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x97, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000300)='./file0\x00')
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x20000002)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$netlink(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000002d002100000000000000000004"], 0x1c}], 0x1}, 0x0)

380.37534ms ago: executing program 0 (id=340):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x2)
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$VHOST_VDPA_SET_GROUP_ASID(r1, 0x4008af7c, &(0x7f0000000080)={0x2, 0x9})
close_range(r3, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, 0x0, &(0x7f0000000300)=0x700)

378.469473ms ago: executing program 0 (id=341):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000580)=0x281)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0xfffffffe, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TCFLSH(r1, 0x540b, 0x2)

320.194101ms ago: executing program 1 (id=342):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x30}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xa0402, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f00000001c0)={0x5c, 0x0, "5a77bd038786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500031681905db88235f8a5447dd2a2fd6e91626f068881e50f68530c2b01a100efb76cba10ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd100800000000000000e4a62fb73c33424b437bb192c9b06ea6ed04983fe5c5ca033dfce0a82577ef14eee5e6be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b394de70420d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca147df97db"})
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendto$unix(r4, 0x0, 0x0, 0x800, 0x0, 0x0)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0x1)
syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x906f, 0x10100, 0x2, 0x56}, &(0x7f0000000100), &(0x7f0000000080)=<r5=>0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x6, 0x0, 0x0, 0x0, {}, 0x1})
r6 = socket(0x21, 0x2, 0x10000000000002)
connect$rxrpc(0xffffffffffffffff, &(0x7f0000000340)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e1f, 0x9, @private1, 0x6}}, 0x24)
sendmmsg(r6, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1000000300000000"], 0x10, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x10003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000004700)={'team0\x00', <r7=>0x0})
r8 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, 0x0, 0xffffffffffffff6d)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0500000804000000040000000400000000", @ANYBLOB="00002202f5355ac6cf2e5f"], 0x48)
timer_create(0x0, 0x0, &(0x7f0000000300))
r9 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ip6_mr_cache\x00')
pread64(r9, &(0x7f0000000040)=""/7, 0x7, 0x0)
syz_usb_connect$cdc_ncm(0x5, 0x5a, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r7, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)

319.894557ms ago: executing program 0 (id=343):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
finit_module(0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x0, 0x0})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0414"], 0x9)
r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004882, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x330b)
io_submit(0x0, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x1008, r0, &(0x7f0000000000)="98", 0x3e8000072a, 0x7000000, 0x0, 0x10}])
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x800452d2, 0x0)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x238, &(0x7f0000000740)={0x0, 0x1c22, 0x10100, 0x0, 0x17f, 0x0, r3}, &(0x7f0000000700)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
bpf$MAP_CREATE(0x600000000000000, &(0x7f0000000580)=@base={0xf, 0x4, 0x4, 0x20002, 0x0, 0x1, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$int_in(r1, 0x5452, &(0x7f0000000080)=0x4)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x5, 0xe4}]}, 0x8)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0x0, 0x60, &(0x7f0000000200)={'filter\x00', 0x7, 0x4, 0x4b0, 0x0, 0x0, 0x10c, 0x3d0, 0x3d0, 0x3d0, 0x4, 0x0, {[{{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @empty, @dev={0xac, 0x14, 0x14, 0xd}, 0x4, 0xffffffff}}}, {{@arp={@remote, @rand_addr=0x64010101, 0x0, 0x975b7c59a753477c, 0x1, 0xc, {@mac, {[0x0, 0xff, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, {[0xff, 0xff, 0xff, 0x0, 0xff, 0xff]}}, 0x1, 0x1, 0x4b00, 0x1ff, 0x401, 0x0, 'pimreg\x00', 'netdevsim0\x00', {0xff}, {0xff}}, 0xbc, 0xe0}, @unspec=@NFQUEUE1={0x24, 'NFQUEUE\x00', 0x1, {0x5, 0x6}}}, {{@uncond, 0xbc, 0x1e4}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x8, 'system_u:object_r:update_modules_exec_t:s0\x00'}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x4fc)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r6, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001280)="bb2d839f3bf337ccd0d8f3513ab30aba4b00b6f0ef506a60f4082ace5a8a10d80d8d595071f2ff529ff6996481ffc7e4de448343b85079722c4f1a1ce360836392283201a1a5ac0b6e24ccf9f075c64fe58b7a37d37019a49908876bc37c9f304eeefed8a6d8cae3ca0f81e900c8735b8b3063967b68a1567e30726f2c0edb6c85e78619700b0645b728a0c88b22d18366a6db2e391401feb630396bf42b987b102eb2d0a804e188648df6c8ddd79e0fde3893930e06e91c39cc01d239a1c20cb0cee84da924212382163c6638e798d66660c356195a56523456052c42aca7c8404e259561dfea5cbdc21a31b7e7eb73a710b68ba2ae2eff86d3d4fbda8b72014f5de839d48acbc9d217f7ac0b3362a66f3a7d04277cc4b918687ed082170f98dc54bd56f28ea3fecc4e86e1820ed811919dac4d09c18e27c4d839c7ac015d34522c7d87ae968dc872d97db81da9a4b6f631535348d9d44ca3fe846f6706fd3d3bd2f62f2d046a2973c9e8c6ccbf96fd0060d532433732627bf213a35870cea250f79ac773b8adba386e0ae960801b073646dcfe7c89f0cb410d22146cb3109bb9a12649e943104875c0272dfdfac5998854c0f62438909522fba45a4ac83b917a6d9a45704fefe035986b7ae676dd6b8094d2ce7ed64f0aaf138cc827553d74b2c04488d849df41fb98a6c966c07cbb1a9fe3ee5e41c3082c51b37f9df811461cf123830ee606c7b5816b6b86b21860177bfc3fd9aeb689dbb39963a55cee2afe7352200f719a3c0fe44e059446bd7226d9e814d2358c2524c0103c48f7516cc69eb04815bbef84a5bd840a5131f45c335ef8939d6100cf89160f5f1c5aec60e479d18f4680a5a525964fbf2371c1493df2c3e67f98645f329d984250dc98a48a5ab14624438ad259145794a22055ace7d33b5218ed2bda0a528bee49e4e4ae3068477da429945eef0e06128a3202f62634d8faba02e7a951fd2ceba99d2a1488872c66ceef1c5ba5a3e4a523be24c7c2de0316ae12a66d11a8089888c1e2635206ad43da841b07324fdb18eaf8d8a41a8eee7e9cd948967234049bf5ff3c8ce9cd708cf33fca2896221990573c08ef7eb0843189f7033f93b753a40c49bfc92effc9a663fbd1389f1719d14b3d33558bc1ca6c7a66c3ce93151091b23b0efdc14b6e4af3bd914ae73ef2c823346af97d7d2a53f644ba75587ab85e95c43244ba1c97cd1e692bd3e781c21b937e005c9b617ef80b0b39be0da367d2d6320a9d9efa49b574239631adb87f1b5028ee294136a8ba08b36a4faa93dc03960054a7d8655beae9a5b59db4880ba897ee9bdae083bc90567876375c747e6e19876f3ec81d6306fe252c5b7339c3f8aa409a2b745db9709e0152974db8463d16f16174be5ca677ce5bccdedc1c916919a4c919a92f0529ccca4f5c15546347cbfb94924541d8d8c1ad22bd579a620195ba98c4e1aac394c483d5ec233b7d645893ce835c19f5f58179d838d8ff31391beab43f5d01ce477cb305804b2ce0412788b2e516d049a2b55aa7bf673ade77522ef7299da43acc8cb6c6be9b9bbe90c0347a87eaa000383afd0b6ff6c3e53f11ae2449bfb75b717bd5f2068680e5677782a9fecfed818e69a54849a25ba9fc1894a43076860e1beb0149baf2bef5c712a295b5c8f27fbd75f738100c2e9d2e358b5c8805d1f8f94bea753fb4c3e72802844f7f54b1120310fc1d9bceac33a1e0dad1ac318b03e39e63845ef90b7c14d543e5248626a4deb328d3ababa54de95d6b9d4947f9afbe64fa36d731670adb4efd53f981f1acaa5361293e6b1c67ed7acef1bbc61e3b92dba85773bb83850b9ec0ce204c0e109284e0de7a9007e1a0227d5a9061602fa40728e6e9e0e198bafbfe4e06450a44a8cb98ba38d02744ca3aff2dcc74054ee57cfef01af36cd5d4768ebbe1f60d302d0c56de5de0b52b15ccc824f9376fd28a303d3c9f274967f288d0775349885dbe6d4d0d921ea05130a5abd835c09a5afcf42d74db5eb2ed5b382691657ce5d101d97c4c30f9e48618fb7d9b1332f3457602306d908ac58d33f267d016a49d9f176376be5cc176df7ba603e0eae0d3aa1d0e4aba2b3e367e09d3ea776fa77a417707359532177826cc3dc36d265b2ee0ad921d787e3f88a8e4e9b21376aea3e399631998eb5f3d10a1c9e9d8337d3e820323c99985b3e98a8075ea0dbad82a243ab80704caad7e7b304c39eb437e067eae93d6772c33d744f79283f118ed07d7fe00d406c305724ab15ec417f7354b3411731bf5d08c336f10c6ce92720e4cdd0f939ebc47b4556d6b8e0e539c8bbaa2f5b1e24301985e1984a99a4b81122d6454030976159e588382dd3c0fd55517cfda7273ce59befee278b95891ee05093c0f569cecdc163d293f892f4f2f0ab7b25db89f3ae8ccb774474d760486b4332c7f730da0635370059ee117b18fcdff0f1aed557d45dca6de57fd5001b0d8626113c357945d86e832969d781beef6b6952d7950f087f00c40386fd3783618dbec56a5ca2e84acddb6dd70463a1948a69d2f84d9584cae4765122619682ce5904192ff41", 0x726}], 0x1}}], 0x1, 0x40000d0)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r6, &(0x7f0000000840)='\t&', 0x62, 0x40040011, 0x0, 0x0)

140.99545ms ago: executing program 4 (id=344):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket(0x2, 0xa, 0x0)
ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000000)) (async)
ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000000))
ioctl$TCSETS(r0, 0x560d, &(0x7f0000000000)={0x10, 0x1, 0x9, 0x3, 0x15, "007de521ec070ef4f834bbeda7f6647bbfdef7"})

70.535882ms ago: executing program 4 (id=345):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000002c0)=@nat={'nat\x00', 0x2, 0x5, 0x444, 0x2dc, 0x0, 0xffffffff, 0x2dc, 0x1e8, 0x3d4, 0x3d4, 0xffffffff, 0x3d4, 0x3d4, 0x5, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0xff000000, 'pim6reg\x00', 'dvmrp0\x00'}, 0xac030000, 0xc8, 0xfc, 0x0, {}, [@common=@addrtype={{0x2c}, {0x6, 0x818, 0x1, 0x1}}, @common=@unspec=@connmark={{0x2c}, {0x400, 0xfffffffe}}]}, @SNAT0={0x34, 'SNAT\x00', 0x0, {0x1, {0x0, @broadcast, @private=0xa010102, @gre_key=0x400, @port=0x4e23}}}}, {{@uncond, 0x0, 0x94, 0xc8, 0x0, {}, [@common=@unspec=@state={{0x24}}]}, @MASQUERADE={0x34, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @broadcast, @empty, @port, @icmp_id=0x68}}}}, {{@uncond, 0x0, 0xc0, 0xf4, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x0, [0x4e21, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e22]}}]}, @SNAT0={0x34, 'SNAT\x00', 0x0, {0x1, {0x10, @broadcast, @local, @icmp_id, @port=0x2}}}}, {{@uncond, 0x0, 0xc4, 0xf8, 0x0, {}, [@common=@addrtype={{0x2c}, {0x0, 0x0, 0x0, 0x1}}, @common=@unspec=@cpu={{0x28}}]}, @SNAT0={0x34, 'SNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @multicast1}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x4a0)

70.139615ms ago: executing program 4 (id=346):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000840), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000500)={'wpan4\x00', <r3=>0x0})
r4 = gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r2, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_PID={0x8, 0x1c, r4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) (fail_nth: 8)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000000)={0x40, r0, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x3}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x40}, 0x1, 0x0, 0x0, 0x400c080}, 0x10)

0s ago: executing program 0 (id=347):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa067707"], 0xfdef)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$X25_QBITINCL(r0, 0x106, 0x1, 0x0, &(0x7f0000000100))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000240)=ANY=[@ANYRES16=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="150000000800000008"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="180000000000000000000000000000008214c2a6", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000005000000b7000000000000009500000000000000"], 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r4)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x8, 0x1ffffffffffffd6f, &(0x7f0000000c80)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r5, 0x0, 0x0}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r3, 0x0, 0x0}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1, 0x0, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r6 = accept4$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000300)=0x14, 0x0)
setsockopt$packet_int(r6, 0x107, 0xb, &(0x7f0000000340)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x400000000000041, 0x0)
r10 = userfaultfd(0x80001)
setrlimit(0x1d, &(0x7f0000000580)={0x7})
ioctl$UFFDIO_API(r10, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x7c8})

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:2544' (ED25519) to the list of known hosts.
[   48.102070][ T5929] cgroup: Unknown subsys name 'net'
[   48.204697][ T5929] cgroup: Unknown subsys name 'cpuset'
[   48.208396][ T5929] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   49.108042][ T5929] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   52.920305][ T5945] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   52.926273][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   52.928958][ T5948] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   52.930849][ T5949] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   52.934586][ T5949] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   52.937389][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   52.938189][ T5953] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   52.940659][ T5952] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   52.942873][ T5953] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   52.946687][ T5952] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   52.948069][ T5953] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   52.950936][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   52.952847][ T5953] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   52.956889][ T5949] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   52.958871][ T5953] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   52.962895][ T5949] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   52.965335][ T5953] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   52.971579][ T5949] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   52.973007][ T5957] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   52.979222][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   53.256895][ T5940] chnl_net:caif_netlink_parms(): no params data found
[   53.418038][ T5954] chnl_net:caif_netlink_parms(): no params data found
[   53.447291][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.450344][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.454317][ T5940] bridge_slave_0: entered allmulticast mode
[   53.459863][ T5940] bridge_slave_0: entered promiscuous mode
[   53.544074][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.547201][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.550236][ T5940] bridge_slave_1: entered allmulticast mode
[   53.554328][ T5940] bridge_slave_1: entered promiscuous mode
[   53.579194][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   53.600507][ T5941] chnl_net:caif_netlink_parms(): no params data found
[   53.659322][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.677074][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.679315][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.682273][ T5954] bridge_slave_0: entered allmulticast mode
[   53.684815][ T5954] bridge_slave_0: entered promiscuous mode
[   53.728206][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.748357][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.751265][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.754540][ T5954] bridge_slave_1: entered allmulticast mode
[   53.757542][ T5954] bridge_slave_1: entered promiscuous mode
[   53.805341][ T5940] team0: Port device team_slave_0 added
[   53.844369][ T5940] team0: Port device team_slave_1 added
[   53.847552][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.887151][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.910362][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.913786][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.921530][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.926243][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.928398][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.936976][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.004759][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.007167][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.009411][ T5950] bridge_slave_0: entered allmulticast mode
[   54.012240][ T5950] bridge_slave_0: entered promiscuous mode
[   54.031346][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.036736][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.039126][ T5941] bridge_slave_0: entered allmulticast mode
[   54.042894][ T5941] bridge_slave_0: entered promiscuous mode
[   54.046376][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.048669][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.050963][ T5941] bridge_slave_1: entered allmulticast mode
[   54.053908][ T5941] bridge_slave_1: entered promiscuous mode
[   54.058223][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.060530][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.064701][ T5950] bridge_slave_1: entered allmulticast mode
[   54.067293][ T5950] bridge_slave_1: entered promiscuous mode
[   54.072163][ T5954] team0: Port device team_slave_0 added
[   54.128353][ T5954] team0: Port device team_slave_1 added
[   54.210587][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.216811][ T5940] hsr_slave_0: entered promiscuous mode
[   54.219867][ T5940] hsr_slave_1: entered promiscuous mode
[   54.226036][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.244766][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.265058][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.268881][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.271008][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.279844][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.284917][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.287035][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.295155][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.373198][ T5941] team0: Port device team_slave_0 added
[   54.392379][ T5950] team0: Port device team_slave_0 added
[   54.396331][ T5950] team0: Port device team_slave_1 added
[   54.422588][ T5941] team0: Port device team_slave_1 added
[   54.526572][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.528805][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.537021][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.545848][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.548031][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.556057][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.582608][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.585541][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.596402][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.606369][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.609234][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.619532][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.636557][ T5954] hsr_slave_0: entered promiscuous mode
[   54.639774][ T5954] hsr_slave_1: entered promiscuous mode
[   54.644522][ T5954] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.647856][ T5954] Cannot create hsr debugfs directory
[   54.783554][ T5950] hsr_slave_0: entered promiscuous mode
[   54.786783][ T5950] hsr_slave_1: entered promiscuous mode
[   54.789716][ T5950] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.793306][ T5950] Cannot create hsr debugfs directory
[   54.799861][ T5941] hsr_slave_0: entered promiscuous mode
[   54.803162][ T5941] hsr_slave_1: entered promiscuous mode
[   54.806105][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.809269][ T5941] Cannot create hsr debugfs directory
[   54.982360][ T5294] Bluetooth: hci3: command tx timeout
[   54.992426][ T5294] Bluetooth: hci1: command tx timeout
[   55.061867][ T5294] Bluetooth: hci0: command tx timeout
[   55.071795][ T5294] Bluetooth: hci2: command tx timeout
[   55.148555][ T5940] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   55.163885][ T5940] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   55.170051][ T5940] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   55.181997][ T5940] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   55.216697][ T5941] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   55.223406][ T5941] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   55.229506][ T5941] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   55.236377][ T5941] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   55.279680][ T5954] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   55.288312][ T5954] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   55.295119][ T5954] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   55.301636][ T5954] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   55.384630][ T5950] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   55.393774][ T5950] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   55.399702][ T5950] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   55.406175][ T5950] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   55.427535][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.460693][ T5940] 8021q: adding VLAN 0 to HW filter on device team0
[   55.479656][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.487773][ T1231] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.490900][ T1231] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.504827][ T1231] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.507156][ T1231] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.525585][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.536418][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[   55.554725][   T93] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.557021][   T93] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.572246][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.574635][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.584449][ T5954] 8021q: adding VLAN 0 to HW filter on device team0
[   55.604216][  T106] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.607254][  T106] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.614239][  T106] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.617236][  T106] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.634974][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.676948][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   55.705929][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.708975][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.717825][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.721822][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.779088][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.834597][ T5940] veth0_vlan: entered promiscuous mode
[   55.843443][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.847718][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.850789][ T5940] veth1_vlan: entered promiscuous mode
[   55.890406][ T5954] veth0_vlan: entered promiscuous mode
[   55.900621][ T5941] veth0_vlan: entered promiscuous mode
[   55.904032][ T5940] veth0_macvtap: entered promiscuous mode
[   55.908357][ T5954] veth1_vlan: entered promiscuous mode
[   55.913013][ T5940] veth1_macvtap: entered promiscuous mode
[   55.919397][ T5941] veth1_vlan: entered promiscuous mode
[   55.926918][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.936807][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.949765][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.959512][ T5940] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.963159][ T5940] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.965892][ T5940] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.968594][ T5940] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.995265][ T5941] veth0_macvtap: entered promiscuous mode
[   56.000048][ T5954] veth0_macvtap: entered promiscuous mode
[   56.015581][ T5941] veth1_macvtap: entered promiscuous mode
[   56.021538][ T5954] veth1_macvtap: entered promiscuous mode
[   56.047858][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.047956][ T5950] veth0_vlan: entered promiscuous mode
[   56.051200][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.064899][ T5950] veth1_vlan: entered promiscuous mode
[   56.082613][  T106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.084307][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.085852][  T106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.099182][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.105163][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.113918][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.124690][ T5941] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.127447][ T5941] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.130296][ T5941] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.133690][ T5941] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.138970][ T5954] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.144113][ T5954] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.147594][ T5954] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.148300][ T5940] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   56.151130][ T5954] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.189248][ T5950] veth0_macvtap: entered promiscuous mode
[   56.209589][ T5950] veth1_macvtap: entered promiscuous mode
[   56.227738][   T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.231376][   T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.248832][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.264390][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.265158][  T106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.271816][  T106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.279795][ T5950] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.283164][ T5950] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.285838][ T5950] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.288569][ T5950] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.302023][ T1231] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.305229][ T1231] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.321133][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.323726][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.362476][   T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.364863][   T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.383632][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.386476][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.074687][ T5945] Bluetooth: hci3: command tx timeout
[   57.076700][ T5294] Bluetooth: hci1: command tx timeout
[   57.151767][ T5294] Bluetooth: hci2: command tx timeout
[   57.153562][ T5294] Bluetooth: hci0: command tx timeout
[   57.490481][ T6016] process 'syz.1.2' launched '/dev/fd/10' with NULL argv: empty string added
[   57.951773][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   58.100444][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   58.211369][ T6036] loop4: detected capacity change from 0 to 524255232
[   58.252888][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   58.262077][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   58.266307][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   58.269968][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   58.273810][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   58.311988][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   58.364004][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   58.367876][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   58.966788][ T6029] kexec: Could not allocate control_code_buffer
[   59.001991][ T6044] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8'.
[   59.024816][ T6044] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   59.151827][ T5294] Bluetooth: hci1: command tx timeout
[   59.153691][ T5294] Bluetooth: hci3: command tx timeout
[   59.221803][ T5945] Bluetooth: hci0: command tx timeout
[   59.231782][ T5945] Bluetooth: hci2: command tx timeout
[   60.541367][ T6071] random: crng reseeded on system resumption
[   60.738281][   T40] audit: type=1326 audit(1747439315.013:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6070 comm="syz.0.15" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x0
[   60.877992][ T6074] netlink: 44 bytes leftover after parsing attributes in process `syz.1.16'.
[   60.946332][ T6074] bridge1: entered promiscuous mode
[   60.948023][ T6074] bridge1: entered allmulticast mode
[   61.062349][ T6081] loop4: detected capacity change from 0 to 524255232
[   61.124321][ T6074] bridge_slave_0: left allmulticast mode
[   61.126159][ T6074] bridge_slave_0: left promiscuous mode
[   61.128797][ T6074] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.223077][ T5945] Bluetooth: hci3: command tx timeout
[   61.225102][ T5945] Bluetooth: hci1: command tx timeout
[   61.321757][ T5945] Bluetooth: hci0: command tx timeout
[   61.323413][ T5294] Bluetooth: hci2: command tx timeout
[   61.403995][ T6074] bridge_slave_1: left allmulticast mode
[   61.405952][ T6074] bridge_slave_1: left promiscuous mode
[   61.408817][ T6074] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.469592][ T6074] bond0: (slave bond_slave_0): Releasing backup interface
[   61.476851][ T6074] bond0: (slave bond_slave_1): Releasing backup interface
[   61.489380][ T6074] team0: Port device team_slave_0 removed
[   61.500073][ T6074] team0: Port device team_slave_1 removed
[   61.503376][ T6074] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   61.505817][ T6074] batman_adv: batadv0: Removing interface: batadv_slave_0
[   61.509358][ T6074] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   61.512731][ T6074] batman_adv: batadv0: Removing interface: batadv_slave_1
[   61.681087][ T6088] trusted_key: syz.1.18 sent an empty control message without MSG_MORE.
[   61.867920][ T6094] Zero length message leads to an empty skb
[   62.335315][ T6101] loop4: detected capacity change from 0 to 524255232
[   62.429544][ T6103] ERROR: device name not specified.
[   62.670663][ T6080] kexec: Could not allocate control_code_buffer
[   62.755839][ T6126] syz.2.27: attempt to access beyond end of device
[   62.755839][ T6126] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[   63.332413][ T6134] netlink: 'syz.3.28': attribute type 1 has an invalid length.
[   63.355583][ T6134] ieee802154 phy0 wpan0: encryption failed: -22
[   63.444184][ T6139] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   63.450962][ T6139] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   63.794340][ T6146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.33'.
[   64.033643][ T6154] ALSA: mixer_oss: invalid index 40000
[   64.517180][ T6162] random: crng reseeded on system resumption
[   64.550009][ T6162] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.756448][ T6162] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.904128][ T6162] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.932481][ T6172] netlink: 36 bytes leftover after parsing attributes in process `syz.1.40'.
[   64.987485][ T6162] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.096755][ T6176] FAULT_INJECTION: forcing a failure.
[   65.096755][ T6176] name failslab, interval 1, probability 0, space 0, times 1
[   65.101300][ T6176] CPU: 0 UID: 0 PID: 6176 Comm: syz.0.42 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[   65.101315][ T6176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   65.101321][ T6176] Call Trace:
[   65.101326][ T6176]  <TASK>
[   65.101330][ T6176]  dump_stack_lvl+0x16c/0x1f0
[   65.101349][ T6176]  should_fail_ex+0x512/0x640
[   65.101365][ T6176]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   65.101377][ T6176]  should_failslab+0xc2/0x120
[   65.101391][ T6176]  __kmalloc_cache_noprof+0x6a/0x3e0
[   65.101401][ T6176]  ? __xa_alloc_cyclic+0x1f3/0x340
[   65.101411][ T6176]  ? __xdp_reg_mem_model+0x134/0x680
[   65.101428][ T6176]  __xdp_reg_mem_model+0x134/0x680
[   65.101443][ T6176]  ? __pfx___xdp_reg_mem_model+0x10/0x10
[   65.101463][ T6176]  ? page_pool_list+0x1ca/0x240
[   65.101475][ T6176]  xdp_reg_mem_model+0x22/0x70
[   65.101489][ T6176]  bpf_test_run_xdp_live+0x1c7/0x500
[   65.101504][ T6176]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   65.101519][ T6176]  ? find_held_lock+0x2b/0x80
[   65.101532][ T6176]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   65.101554][ T6176]  ? 0xffffffffa0206480
[   65.101563][ T6176]  ? 0xffffffffa0206480
[   65.101571][ T6176]  ? 0xffffffffa0206480
[   65.101577][ T6176]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   65.101598][ T6176]  bpf_prog_test_run_xdp+0x824/0x1540
[   65.101616][ T6176]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   65.101642][ T6176]  ? __might_fault+0x90/0x190
[   65.101657][ T6176]  ? fput+0x70/0xf0
[   65.101670][ T6176]  ? __bpf_prog_get+0xa0/0x290
[   65.101682][ T6176]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   65.101699][ T6176]  __sys_bpf+0x1485/0x4d80
[   65.101716][ T6176]  ? __pfx___sys_bpf+0x10/0x10
[   65.101734][ T6176]  ? ksys_write+0x190/0x240
[   65.101747][ T6176]  ? __mutex_unlock_slowpath+0x161/0x6a0
[   65.101771][ T6176]  ? fput+0x70/0xf0
[   65.101783][ T6176]  ? ksys_write+0x1b9/0x240
[   65.101792][ T6176]  ? __pfx_ksys_write+0x10/0x10
[   65.101805][ T6176]  __ia32_sys_bpf+0x76/0xe0
[   65.101821][ T6176]  __do_fast_syscall_32+0x73/0x120
[   65.101839][ T6176]  do_fast_syscall_32+0x32/0x80
[   65.101855][ T6176]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   65.101868][ T6176] RIP: 0023:0xf70de579
[   65.101876][ T6176] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   65.101886][ T6176] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[   65.101896][ T6176] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[   65.101902][ T6176] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[   65.101908][ T6176] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   65.101913][ T6176] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   65.101919][ T6176] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   65.101931][ T6176]  </TASK>
[   65.107771][ T6162] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.207939][ T6162] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.221379][ T6162] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.258760][ T6162] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.410868][ T6180] netlink: 32 bytes leftover after parsing attributes in process `syz.3.44'.
[   65.532611][ T6194] FAULT_INJECTION: forcing a failure.
[   65.532611][ T6194] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   65.538642][ T6194] CPU: 3 UID: 0 PID: 6194 Comm: syz.0.49 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[   65.538679][ T6194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   65.538690][ T6194] Call Trace:
[   65.538695][ T6194]  <TASK>
[   65.538703][ T6194]  dump_stack_lvl+0x16c/0x1f0
[   65.538734][ T6194]  should_fail_ex+0x512/0x640
[   65.538763][ T6194]  should_fail_alloc_page+0xe7/0x130
[   65.538788][ T6194]  prepare_alloc_pages+0x3c2/0x610
[   65.538819][ T6194]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[   65.538843][ T6194]  ? unwind_get_return_address+0x59/0xa0
[   65.538864][ T6194]  ? arch_stack_walk+0xa6/0x100
[   65.538892][ T6194]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   65.538916][ T6194]  ? __pfx_stack_trace_save+0x10/0x10
[   65.538936][ T6194]  ? stack_depot_save_flags+0x28/0xa50
[   65.538968][ T6194]  ? kasan_save_stack+0x42/0x60
[   65.538986][ T6194]  ? kasan_save_stack+0x33/0x60
[   65.539003][ T6194]  ? interleave_nodes+0x16b/0x410
[   65.539025][ T6194]  ? __get_vm_area_node+0x1ca/0x330
[   65.539055][ T6194]  ? policy_nodemask+0xea/0x4e0
[   65.539078][ T6194]  alloc_pages_mpol+0x1fb/0x550
[   65.539102][ T6194]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   65.539129][ T6194]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[   65.539148][ T6194]  alloc_pages_noprof+0x131/0x390
[   65.539171][ T6194]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[   65.539189][ T6194]  get_free_pages_noprof+0xc/0x40
[   65.539211][ T6194]  kasan_populate_vmalloc_pte+0x2d/0x160
[   65.539238][ T6194]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[   65.539256][ T6194]  __apply_to_page_range+0x617/0xd60
[   65.539284][ T6194]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[   65.539307][ T6194]  ? __pfx___apply_to_page_range+0x10/0x10
[   65.539333][ T6194]  ? alloc_vmap_area+0x872/0x2970
[   65.539365][ T6194]  alloc_vmap_area+0x919/0x2970
[   65.539399][ T6194]  ? __pfx_alloc_vmap_area+0x10/0x10
[   65.539431][ T6194]  __get_vm_area_node+0x1ca/0x330
[   65.539462][ T6194]  __vmalloc_node_range_noprof+0x277/0x1540
[   65.539482][ T6194]  ? packet_set_ring+0xb07/0x18d0
[   65.539515][ T6194]  ? packet_set_ring+0xb07/0x18d0
[   65.539546][ T6194]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   65.539574][ T6194]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   65.539597][ T6194]  ? rcu_is_watching+0x12/0xc0
[   65.539615][ T6194]  ? trace_kmalloc+0x2b/0xd0
[   65.539637][ T6194]  ? __kmalloc_noprof+0x242/0x510
[   65.539658][ T6194]  ? packet_set_ring+0xb07/0x18d0
[   65.539682][ T6194]  vzalloc_noprof+0x6b/0x90
[   65.539700][ T6194]  ? packet_set_ring+0xb07/0x18d0
[   65.539724][ T6194]  packet_set_ring+0xb07/0x18d0
[   65.539758][ T6194]  packet_setsockopt+0x121b/0x3360
[   65.539791][ T6194]  ? __pfx_packet_setsockopt+0x10/0x10
[   65.539822][ T6194]  ? aa_sk_perm+0x2f4/0xb10
[   65.539846][ T6194]  ? __lock_acquire+0x5ca/0x1ba0
[   65.539869][ T6194]  ? __pfx_aa_sk_perm+0x10/0x10
[   65.539892][ T6194]  ? find_held_lock+0x2b/0x80
[   65.539916][ T6194]  ? __pfx_packet_setsockopt+0x10/0x10
[   65.539942][ T6194]  do_sock_setsockopt+0x224/0x470
[   65.539968][ T6194]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   65.540027][ T6194]  __sys_setsockopt+0x120/0x1a0
[   65.540053][ T6194]  __ia32_sys_setsockopt+0xbc/0x160
[   65.540073][ T6194]  ? lockdep_hardirqs_on+0x7c/0x110
[   65.540098][ T6194]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   65.540124][ T6194]  __do_fast_syscall_32+0x73/0x120
[   65.540152][ T6194]  do_fast_syscall_32+0x32/0x80
[   65.540179][ T6194]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   65.540202][ T6194] RIP: 0023:0xf70de579
[   65.540217][ T6194] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   65.540239][ T6194] RSP: 002b:00000000f50ad55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[   65.540256][ T6194] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000107
[   65.540267][ T6194] RDX: 0000000000000005 RSI: 00000000800000c0 RDI: 000000000000001c
[   65.540278][ T6194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   65.540288][ T6194] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   65.540298][ T6194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   65.540322][ T6194]  </TASK>
[   65.540701][ T6194] syz.0.49: vmalloc error: size 16777216, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   65.692914][ T6194] CPU: 3 UID: 0 PID: 6194 Comm: syz.0.49 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[   65.692940][ T6194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   65.692946][ T6194] Call Trace:
[   65.692951][ T6194]  <TASK>
[   65.692955][ T6194]  dump_stack_lvl+0x16c/0x1f0
[   65.692974][ T6194]  warn_alloc+0x248/0x3a0
[   65.692988][ T6194]  ? __pfx_warn_alloc+0x10/0x10
[   65.693001][ T6194]  ? kfree+0x2b6/0x4d0
[   65.693013][ T6194]  ? __get_vm_area_node+0x208/0x330
[   65.693033][ T6194]  __vmalloc_node_range_noprof+0xd31/0x1540
[   65.693048][ T6194]  ? packet_set_ring+0xb07/0x18d0
[   65.693067][ T6194]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   65.693085][ T6194]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   65.693098][ T6194]  ? rcu_is_watching+0x12/0xc0
[   65.693108][ T6194]  ? trace_kmalloc+0x2b/0xd0
[   65.693122][ T6194]  ? __kmalloc_noprof+0x242/0x510
[   65.693133][ T6194]  ? packet_set_ring+0xb07/0x18d0
[   65.693147][ T6194]  vzalloc_noprof+0x6b/0x90
[   65.693157][ T6194]  ? packet_set_ring+0xb07/0x18d0
[   65.693171][ T6194]  packet_set_ring+0xb07/0x18d0
[   65.693191][ T6194]  packet_setsockopt+0x121b/0x3360
[   65.693211][ T6194]  ? __pfx_packet_setsockopt+0x10/0x10
[   65.693235][ T6194]  ? aa_sk_perm+0x2f4/0xb10
[   65.693249][ T6194]  ? __lock_acquire+0x5ca/0x1ba0
[   65.693263][ T6194]  ? __pfx_aa_sk_perm+0x10/0x10
[   65.693276][ T6194]  ? find_held_lock+0x2b/0x80
[   65.693289][ T6194]  ? __pfx_packet_setsockopt+0x10/0x10
[   65.693305][ T6194]  do_sock_setsockopt+0x224/0x470
[   65.693321][ T6194]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   65.693344][ T6194]  __sys_setsockopt+0x120/0x1a0
[   65.693359][ T6194]  __ia32_sys_setsockopt+0xbc/0x160
[   65.693370][ T6194]  ? lockdep_hardirqs_on+0x7c/0x110
[   65.693385][ T6194]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   65.693402][ T6194]  __do_fast_syscall_32+0x73/0x120
[   65.693419][ T6194]  do_fast_syscall_32+0x32/0x80
[   65.693435][ T6194]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   65.693448][ T6194] RIP: 0023:0xf70de579
[   65.693457][ T6194] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   65.693467][ T6194] RSP: 002b:00000000f50ad55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[   65.693476][ T6194] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000107
[   65.693483][ T6194] RDX: 0000000000000005 RSI: 00000000800000c0 RDI: 000000000000001c
[   65.693488][ T6194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   65.693494][ T6194] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   65.693500][ T6194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   65.693512][ T6194]  </TASK>
[   65.693530][ T6194] Mem-Info:
[   65.699487][ T6199] x_tables: ip6_tables: ipcomp match: only valid for protocol 108
[   65.701189][ T6194] active_anon:5937 inactive_anon:1817 isolated_anon:0
[   65.701189][ T6194]  active_file:1710 inactive_file:42331 isolated_file:0
[   65.701189][ T6194]  unevictable:1762 dirty:1801 writeback:0
[   65.701189][ T6194]  slab_reclaimable:7178 slab_unreclaimable:53558
[   65.701189][ T6194]  mapped:22812 shmem:2319 pagetables:816
[   65.701189][ T6194]  sec_pagetables:298 bounce:0
[   65.701189][ T6194]  kernel_misc_reclaimable:0
[   65.701189][ T6194]  free:66286 free_pcp:476 free_cma:0
[   65.795296][ T6194] Node 0 active_anon:1796kB inactive_anon:7188kB active_file:680kB inactive_file:1188kB unevictable:3512kB isolated(anon):0kB isolated(file):0kB mapped:1100kB dirty:20kB writeback:0kB shmem:3552kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9552kB pagetables:1248kB sec_pagetables:1132kB all_unreclaimable? no Balloon:0kB
[   65.807183][ T6194] Node 1 active_anon:21952kB inactive_anon:80kB active_file:6160kB inactive_file:168136kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:90148kB dirty:7184kB writeback:0kB shmem:5724kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2548kB pagetables:1940kB sec_pagetables:60kB all_unreclaimable? no Balloon:0kB
[   65.817428][ T6194] Node 0 DMA free:2576kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:4kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   65.825803][ T6194] lowmem_reserve[]: 0 293 293 293 293
[   65.827576][ T6194] Node 0 DMA32 free:19040kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB active_anon:4440kB inactive_anon:7188kB active_file:680kB inactive_file:1184kB unevictable:3512kB writepending:16kB present:1032196kB managed:300212kB mlocked:56kB bounce:0kB free_pcp:2936kB local_pcp:60kB free_cma:0kB
[   65.836728][ T6194] lowmem_reserve[]: 0 0 0 0 0
[   65.838335][ T6194] Node 1 DMA32 free:239668kB boost:18432kB min:65580kB low:77364kB high:89148kB reserved_highatomic:0KB active_anon:22052kB inactive_anon:80kB active_file:6160kB inactive_file:168136kB unevictable:3536kB writepending:7184kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:220kB local_pcp:16kB free_cma:0kB
[   65.847505][ T6194] lowmem_reserve[]: 0 0 0 0 0
[   65.849088][ T6194] Node 0 DMA: 11*4kB (UM) 19*8kB (UM) 11*16kB (U) 1*32kB (M) 2*64kB (U) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2068kB
[   65.853652][ T6194] Node 0 DMA32: 648*4kB (UH) 224*8kB (UEH) 59*16kB (UEH) 40*32kB (UEH) 28*64kB (UMEH) 13*128kB (UEH) 9*256kB (UE) 5*512kB (UMH) 2*1024kB (U) 0*2048kB 0*4096kB = 16976kB
[   65.858931][ T6194] Node 1 DMA32: 3*4kB (UME) 445*8kB (UME) 889*16kB (UME) 910*32kB (UME) 578*64kB (UME) 140*128kB (UME) 81*256kB (UME) 67*512kB (UME) 37*1024kB (UM) 14*2048kB (UM) 2*4096kB (U) = 231620kB
[   65.864746][ T6194] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   65.867664][ T6194] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   65.870507][ T6194] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   65.873482][ T6194] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   65.876353][ T6194] 48784 total pagecache pages
[   65.877837][ T6194] 34 pages in swap cache
[   65.879166][ T6194] Free swap  = 122632kB
[   65.880475][ T6194] Total swap = 124996kB
[   65.881871][ T6194] 524155 pages RAM
[   65.883656][ T6194] 0 pages HighMem/MovableOnly
[   65.885156][ T6194] 208191 pages reserved
[   65.886471][ T6194] 0 pages cma reserved
[   66.390574][ T6209] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[   66.466728][ T6213] binder: BINDER_SET_CONTEXT_MGR already set
[   66.468869][ T6213] binder: 6212:6213 ioctl 4018620d 80000040 returned -16
[   66.753870][   T29] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   66.961871][ T5946] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[   67.081032][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   67.084670][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   67.088377][   T29] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   67.093945][   T29] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   67.097797][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.106458][   T29] usb 7-1: config 0 descriptor??
[   67.584689][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.587098][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.589972][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.596624][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.599233][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.601726][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.604081][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.606550][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.608961][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.611422][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.614153][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.617442][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.620748][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.627250][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.648674][   T29] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   67.654647][   T29] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[   67.686662][   T29] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   67.789322][   T34] usb 7-1: USB disconnect, device number 2
[   68.321741][   T29] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   68.452280][   T29] usb 8-1: device descriptor read/64, error -71
[   68.490405][ T6254] netlink: 4 bytes leftover after parsing attributes in process `syz.0.69'.
[   68.691915][   T29] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   68.822470][   T29] usb 8-1: device descriptor read/64, error -71
[   68.942148][   T29] usb usb8-port1: attempt power cycle
[   68.973063][   T40] audit: type=1326 audit(1747439323.253:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   68.980889][   T40] audit: type=1326 audit(1747439323.253:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   68.989559][   T40] audit: type=1326 audit(1747439323.253:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=254 compat=1 ip=0xf70de579 code=0x7ffc0000
[   68.997215][   T40] audit: type=1326 audit(1747439323.253:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   69.005584][   T40] audit: type=1326 audit(1747439323.253:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   69.014365][   T40] audit: type=1326 audit(1747439323.253:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf70de579 code=0x7ffc0000
[   69.022630][   T40] audit: type=1326 audit(1747439323.263:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   69.030721][   T40] audit: type=1326 audit(1747439323.263:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6263 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf70de579 code=0x7ffc0000
[   69.037267][   T40] audit: type=1326 audit(1747439323.263:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   69.045984][   T40] audit: type=1326 audit(1747439323.283:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.70" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70de579 code=0x7ffc0000
[   69.331715][   T29] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   69.352370][   T29] usb 8-1: device descriptor read/8, error -71
[   69.761756][   T29] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   69.782265][   T29] usb 8-1: device descriptor read/8, error -71
[   69.867808][   T34] IPVS: starting estimator thread 0...
[   69.902372][   T29] usb usb8-port1: unable to enumerate USB device
[   69.962997][ T6279] IPVS: using max 42 ests per chain, 100800 per kthread
[   70.151166][ T6287] netlink: 32 bytes leftover after parsing attributes in process `syz.1.77'.
[   70.156964][ T6287] ipt_ECN: cannot use operation on non-tcp rule
[   70.164357][ T6287] netlink: 52 bytes leftover after parsing attributes in process `syz.1.77'.
[   70.167224][ T6287] netlink: 52 bytes leftover after parsing attributes in process `syz.1.77'.
[   70.341054][ T6297] netlink: 40 bytes leftover after parsing attributes in process `syz.0.81'.
[   70.344860][ T6297] netlink: 40 bytes leftover after parsing attributes in process `syz.0.81'.
[   70.829780][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[   70.833012][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[   72.548291][ T6346] fuse: Bad value for 'rootmode'
[   72.559346][ T6342] e1000e 0000:00:02.0 eth1: NIC Link is Down
[   72.970912][ T6369] netlink: 4 bytes leftover after parsing attributes in process `syz.2.96'.
[   73.611589][ T6397] netlink: 57284 bytes leftover after parsing attributes in process `syz.1.99'.
[   73.712337][ T6397] hsr_slave_0 (unregistering): left promiscuous mode
[   73.924325][ T6405] netlink: 'syz.1.102': attribute type 1 has an invalid length.
[   73.939961][ T6405] 8021q: adding VLAN 0 to HW filter on device bond1
[   73.964081][ T6405] bond1: (slave geneve2): making interface the new active one
[   73.969822][ T6405] bond1: (slave geneve2): Enslaving as an active interface with an up link
[   74.021744][ T5946] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   74.174012][ T5946] usb 5-1: config 0 has no interfaces?
[   74.176220][ T5946] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[   74.192031][ T5946] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.197501][ T5946] usb 5-1: config 0 descriptor??
[   74.255003][ T6417] can0: slcan on ttyS3.
[   74.340094][ T6417] can0 (unregistered): slcan off ttyS3.
[   74.397210][ T6425] loop8: detected capacity change from 0 to 8
[   74.401006][ T5947] Dev loop8: unable to read RDB block 8
[   74.402881][ T5947]  loop8: unable to read partition table
[   74.403658][ T5946] usb 5-1: USB disconnect, device number 2
[   74.405168][ T5947] loop8: partition table beyond EOD, truncated
[   74.419645][ T6425] Dev loop8: unable to read RDB block 8
[   74.421439][ T6425]  loop8: unable to read partition table
[   74.425280][ T6425] loop8: partition table beyond EOD, truncated
[   74.427779][ T6425] loop_reread_partitions: partition scan of loop8 (�被x�^>�� �) failed (rc=-5)
[   74.456996][ T6425] netlink: 4 bytes leftover after parsing attributes in process `syz.3.108'.
[   74.511182][ T1017] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   74.774963][   T13] Bluetooth: hci4: Frame reassembly failed (-84)
[   74.782777][   T13] Bluetooth: hci4: Frame reassembly failed (-84)
[   75.430337][ T6464] netlink: 10240 bytes leftover after parsing attributes in process `syz.1.117'.
[   75.510427][ T6468] warning: `syz.2.119' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   75.514856][ T6468] netlink: 28 bytes leftover after parsing attributes in process `syz.2.119'.
[   75.522528][ T6470] netlink: 'syz.1.120': attribute type 1 has an invalid length.
[   75.525925][ T6470] netlink: 224 bytes leftover after parsing attributes in process `syz.1.120'.
[   75.553775][ T6472] FAULT_INJECTION: forcing a failure.
[   75.553775][ T6472] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   75.558155][ T6472] CPU: 3 UID: 0 PID: 6472 Comm: syz.2.121 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[   75.558170][ T6472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.558176][ T6472] Call Trace:
[   75.558181][ T6472]  <TASK>
[   75.558185][ T6472]  dump_stack_lvl+0x16c/0x1f0
[   75.558206][ T6472]  should_fail_ex+0x512/0x640
[   75.558226][ T6472]  _copy_from_iter+0x2a4/0x15b0
[   75.558245][ T6472]  ? __alloc_skb+0x200/0x380
[   75.558259][ T6472]  ? __pfx__copy_from_iter+0x10/0x10
[   75.558282][ T6472]  netlink_sendmsg+0x829/0xdd0
[   75.558299][ T6472]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.558314][ T6472]  ? __import_iovec+0x1c8/0x660
[   75.558327][ T6472]  ____sys_sendmsg+0xa98/0xc70
[   75.558345][ T6472]  ? __pfx_____sys_sendmsg+0x10/0x10
[   75.558361][ T6472]  ? get_compat_msghdr+0x11a/0x170
[   75.558379][ T6472]  ___sys_sendmsg+0x134/0x1d0
[   75.558393][ T6472]  ? __pfx____sys_sendmsg+0x10/0x10
[   75.558423][ T6472]  __sys_sendmsg+0x16d/0x220
[   75.558436][ T6472]  ? __pfx___sys_sendmsg+0x10/0x10
[   75.558452][ T6472]  ? rcu_is_watching+0x12/0xc0
[   75.558469][ T6472]  ? rcu_is_watching+0x12/0xc0
[   75.558481][ T6472]  __do_fast_syscall_32+0x73/0x120
[   75.558499][ T6472]  do_fast_syscall_32+0x32/0x80
[   75.558516][ T6472]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   75.558529][ T6472] RIP: 0023:0xf704e579
[   75.558537][ T6472] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   75.558551][ T6472] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   75.558566][ T6472] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080007c40
[   75.558576][ T6472] RDX: 0000000060040840 RSI: 0000000000000000 RDI: 0000000000000000
[   75.558586][ T6472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   75.558597][ T6472] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   75.558606][ T6472] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   75.558629][ T6472]  </TASK>
[   75.678425][ T6480] netlink: 'syz.1.123': attribute type 4 has an invalid length.
[   75.739511][ T6485] netlink: 28 bytes leftover after parsing attributes in process `syz.0.125'.
[   76.620181][ T5946] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   76.628973][ T5946] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   76.754716][ T6498] fido_id[6498]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   76.822362][ T5294] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   76.824477][ T5945] Bluetooth: hci4: command 0x1003 tx timeout
[   76.825076][ T6509] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[   77.489025][ T6528] lo speed is unknown, defaulting to 1000
[   77.492049][ T6528] lo speed is unknown, defaulting to 1000
[   77.499779][ T6528] lo speed is unknown, defaulting to 1000
[   77.734930][ T6528] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   77.780424][ T6528] lo speed is unknown, defaulting to 1000
[   77.792387][ T6528] lo speed is unknown, defaulting to 1000
[   77.797000][ T6528] lo speed is unknown, defaulting to 1000
[   77.801379][ T6528] lo speed is unknown, defaulting to 1000
[   77.930129][ T6534] syz.2.140 uses obsolete (PF_INET,SOCK_PACKET)
[   78.012583][ T6538] tun0: tun_chr_ioctl cmd 1074025675
[   78.014490][ T6538] tun0: persist disabled
[   78.259802][ T6546] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[   78.368479][ T6551] batman_adv: batadv0: Adding interface: dummy0
[   78.371598][ T6551] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.393740][ T6551] batman_adv: batadv0: Interface activated: dummy0
[   78.415570][ T6553] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   78.460577][ T6555] lo speed is unknown, defaulting to 1000
[   78.603042][ T6568] 9pnet_fd: Insufficient options for proto=fd
[   78.677750][ T6571] netlink: 24 bytes leftover after parsing attributes in process `syz.1.151'.
[   78.917987][ T6581] pim6reg1: entered promiscuous mode
[   78.919964][ T6581] pim6reg1: entered allmulticast mode
[   79.018394][ T6588] FAULT_INJECTION: forcing a failure.
[   79.018394][ T6588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.023142][ T6588] CPU: 0 UID: 0 PID: 6588 Comm: syz.2.153 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[   79.023157][ T6588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.023163][ T6588] Call Trace:
[   79.023167][ T6588]  <TASK>
[   79.023171][ T6588]  dump_stack_lvl+0x16c/0x1f0
[   79.023191][ T6588]  should_fail_ex+0x512/0x640
[   79.023209][ T6588]  _copy_from_user+0x2e/0xd0
[   79.023226][ T6588]  video_usercopy+0x723/0x1440
[   79.023243][ T6588]  ? __pfx___video_do_ioctl+0x10/0x10
[   79.023258][ T6588]  ? __pfx_video_usercopy+0x10/0x10
[   79.023277][ T6588]  ? hook_file_ioctl_common+0x145/0x410
[   79.023293][ T6588]  v4l2_ioctl+0x1bd/0x250
[   79.023305][ T6588]  ? fput+0x51/0xf0
[   79.023319][ T6588]  v4l2_compat_ioctl32+0x214/0x2c0
[   79.023332][ T6588]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[   79.023344][ T6588]  __ia32_compat_sys_ioctl+0x24c/0x360
[   79.023361][ T6588]  __do_fast_syscall_32+0x73/0x120
[   79.023378][ T6588]  do_fast_syscall_32+0x32/0x80
[   79.023395][ T6588]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.023408][ T6588] RIP: 0023:0xf704e579
[   79.023416][ T6588] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.023426][ T6588] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   79.023436][ T6588] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c008561c
[   79.023442][ T6588] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[   79.023447][ T6588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.023453][ T6588] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.023459][ T6588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.023471][ T6588]  </TASK>
[   79.404728][ T6604] Driver unsupported XDP return value 0 on prog  (id 28) dev N/A, expect packet loss!
[   79.717399][ T6630] netlink: 88 bytes leftover after parsing attributes in process `syz.3.162'.
[   79.731335][ T6630] netlink: 88 bytes leftover after parsing attributes in process `syz.3.162'.
[   79.758215][ T6622] netlink: 'syz.3.162': attribute type 5 has an invalid length.
[   80.072762][ T6640] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.166'.
[   80.270487][ T6643] team0 (unregistering): Port device team_slave_0 removed
[   80.276146][ T6643] team0 (unregistering): Port device team_slave_1 removed
[   80.445958][ T6651] x_tables: ip_tables: MASQUERADE target: used from hooks INPUT, but only usable from POSTROUTING
[   80.691950][   T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   80.851936][   T24] usb 5-1: Using ep0 maxpacket: 8
[   80.857537][   T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[   80.863389][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[   80.868060][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   80.871529][   T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   80.880682][   T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   80.886139][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.066610][ T1323] cfg80211: failed to load regulatory.db
[   81.107436][   T24] usb 5-1: usb_control_msg returned -71
[   81.109714][   T24] usbtmc 5-1:16.0: can't read capabilities
[   81.121468][   T24] usb 5-1: USB disconnect, device number 3
[   81.410917][ T6665] FAULT_INJECTION: forcing a failure.
[   81.410917][ T6665] name failslab, interval 1, probability 0, space 0, times 0
[   81.420803][ T6665] CPU: 1 UID: 0 PID: 6665 Comm: syz.2.175 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[   81.420826][ T6665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.420837][ T6665] Call Trace:
[   81.420843][ T6665]  <TASK>
[   81.420849][ T6665]  dump_stack_lvl+0x16c/0x1f0
[   81.420879][ T6665]  should_fail_ex+0x512/0x640
[   81.420902][ T6665]  ? fs_reclaim_acquire+0xae/0x150
[   81.420928][ T6665]  ? tomoyo_encode2+0x100/0x3e0
[   81.420951][ T6665]  should_failslab+0xc2/0x120
[   81.420970][ T6665]  __kmalloc_noprof+0xd2/0x510
[   81.420988][ T6665]  ? d_absolute_path+0x136/0x1a0
[   81.421012][ T6665]  tomoyo_encode2+0x100/0x3e0
[   81.421038][ T6665]  tomoyo_encode+0x29/0x50
[   81.421059][ T6665]  tomoyo_realpath_from_path+0x18f/0x6e0
[   81.421086][ T6665]  tomoyo_path_number_perm+0x245/0x580
[   81.421105][ T6665]  ? tomoyo_path_number_perm+0x237/0x580
[   81.421129][ T6665]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   81.421173][ T6665]  ? find_held_lock+0x2b/0x80
[   81.421189][ T6665]  ? hook_file_ioctl_common+0x145/0x410
[   81.421209][ T6665]  ? __fget_files+0x204/0x3c0
[   81.421227][ T6665]  ? __fget_files+0x20e/0x3c0
[   81.421240][ T6665]  ? fput+0x50/0xf0
[   81.421280][ T6665]  security_file_ioctl_compat+0x9b/0x240
[   81.421310][ T6665]  __ia32_compat_sys_ioctl+0xc3/0x360
[   81.421337][ T6665]  __do_fast_syscall_32+0x73/0x120
[   81.421364][ T6665]  do_fast_syscall_32+0x32/0x80
[   81.421388][ T6665]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   81.421408][ T6665] RIP: 0023:0xf704e579
[   81.421422][ T6665] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   81.421438][ T6665] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   81.421453][ T6665] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c01c64a3
[   81.421462][ T6665] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[   81.421473][ T6665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   81.421481][ T6665] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   81.421490][ T6665] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.421512][ T6665]  </TASK>
[   81.421544][ T6665] ERROR: Out of memory at tomoyo_realpath_from_path.
[   81.854929][ T6675] netlink: 4 bytes leftover after parsing attributes in process `syz.0.178'.
[   82.007399][ T6656] kexec: Could not allocate control_code_buffer
[   82.066873][ T6679] netlink: 4 bytes leftover after parsing attributes in process `syz.3.181'.
[   82.121727][   T34] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   82.272943][   T34] usb 7-1: Using ep0 maxpacket: 16
[   82.275953][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   82.279480][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   82.282877][   T34] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[   82.286722][   T34] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[   82.289502][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.294477][   T34] usb 7-1: config 0 descriptor??
[   82.707373][   T34] shield 0003:0955:7214.0004: unknown main item tag 0x0
[   82.709609][   T34] shield 0003:0955:7214.0004: unknown main item tag 0x0
[   82.711958][   T34] shield 0003:0955:7214.0004: unknown main item tag 0x0
[   82.714271][   T34] shield 0003:0955:7214.0004: unknown main item tag 0x0
[   82.716652][   T34] shield 0003:0955:7214.0004: unknown main item tag 0x0
[   82.726106][   T34] input: HID 0955:7214 Haptics as /devices/virtual/input/input6
[   82.766470][   T34] shield 0003:0955:7214.0004: Registered Thunderstrike controller
[   82.769072][   T34] shield 0003:0955:7214.0004: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0
[   82.904676][ T6677] random: crng reseeded on system resumption
[   82.916103][   T76] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[   82.920062][ T5984] usb 7-1: USB disconnect, device number 3
[   82.922594][   T76] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[   82.926861][   T76] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   82.930339][   T76] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   82.995894][ T6694] lo speed is unknown, defaulting to 1000
[   83.105419][ T6701] netlink: 12 bytes leftover after parsing attributes in process `syz.3.186'.
[   84.566052][ T6728] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[   84.571085][ T6728] qnx6: wrong signature (magic) in superblock #1.
[   84.575177][ T6728] qnx6: unable to read the first superblock
[   85.047147][ T6739] openvswitch: netlink: Key 32 has unexpected len 5 expected 2
[   85.169860][ T6709] kexec: Could not allocate control_code_buffer
[   85.210171][ T6745] netlink: 24 bytes leftover after parsing attributes in process `syz.0.201'.
[   85.457509][ T6759] netlink: 22 bytes leftover after parsing attributes in process `syz.1.203'.
[   85.616823][ T6778] netlink: 'syz.0.210': attribute type 10 has an invalid length.
[   85.619366][ T6778] netlink: 40 bytes leftover after parsing attributes in process `syz.0.210'.
[   85.653681][ T6778] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   86.603064][ T6794] lo speed is unknown, defaulting to 1000
[   86.638821][ T6795] =======================================================
[   86.638821][ T6795] WARNING: The mand mount option has been deprecated and
[   86.638821][ T6795]          and is ignored by this kernel. Remove the mand
[   86.638821][ T6795]          option from the mount to silence this warning.
[   86.638821][ T6795] =======================================================
[   86.660164][ T6795] option changes via remount are deprecated (pid=6793 comm=syz.3.213)
[   86.669895][ T6797] option changes via remount are deprecated (pid=6793 comm=syz.3.213)
[   86.977884][ T6788] kexec: Could not allocate control_code_buffer
[   87.462571][ T6818] openvswitch: netlink: Key 6 has unexpected len 91 expected 2
[   87.661769][ T1323] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[   87.843030][ T1323] usb 6-1: Invalid ep0 maxpacket: 64
[   87.859194][ T6827] random: crng reseeded on system resumption
[   87.991705][ T1323] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[   88.162062][ T1323] usb 6-1: Invalid ep0 maxpacket: 64
[   88.164152][ T1323] usb usb6-port1: attempt power cycle
[   88.508856][ T6831] netlink: 'syz.0.223': attribute type 16 has an invalid length.
[   88.511345][ T6831] netlink: 'syz.0.223': attribute type 5 has an invalid length.
[   88.513796][ T1323] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[   88.533142][ T1323] usb 6-1: Invalid ep0 maxpacket: 64
[   88.557893][ T6833] netlink: 'syz.0.224': attribute type 10 has an invalid length.
[   88.561340][ T6833] netlink: 40 bytes leftover after parsing attributes in process `syz.0.224'.
[   88.565210][ T6833] batadv0: entered promiscuous mode
[   88.567505][ T6833] batadv0: entered allmulticast mode
[   88.570357][ T6833] bridge0: port 3(batadv0) entered blocking state
[   88.573437][ T6833] bridge0: port 3(batadv0) entered disabled state
[   88.578733][ T6833] bridge0: port 3(batadv0) entered blocking state
[   88.581582][ T6833] bridge0: port 3(batadv0) entered forwarding state
[   88.588264][ T6833] netlink: 'syz.0.224': attribute type 10 has an invalid length.
[   88.591137][ T6833] bridge0: port 3(batadv0) entered disabled state
[   88.593387][ T6833] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.596253][ T6833] FAULT_INJECTION: forcing a failure.
[   88.596253][ T6833] name failslab, interval 1, probability 0, space 0, times 0
[   88.600359][ T6833] CPU: 2 UID: 0 PID: 6833 Comm: syz.0.224 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[   88.600373][ T6833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.600379][ T6833] Call Trace:
[   88.600384][ T6833]  <TASK>
[   88.600388][ T6833]  dump_stack_lvl+0x16c/0x1f0
[   88.600408][ T6833]  should_fail_ex+0x512/0x640
[   88.600426][ T6833]  should_failslab+0xc2/0x120
[   88.600441][ T6833]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   88.600454][ T6833]  ? __alloc_skb+0x2b2/0x380
[   88.600467][ T6833]  __alloc_skb+0x2b2/0x380
[   88.600479][ T6833]  ? __pfx___alloc_skb+0x10/0x10
[   88.600491][ T6833]  ? __pfx_br_set_state+0x10/0x10
[   88.600503][ T6833]  ? mark_held_locks+0x49/0x80
[   88.600520][ T6833]  br_info_notify+0x10f/0x2e0
[   88.600537][ T6833]  br_stp_disable_port+0xca/0x1d0
[   88.600551][ T6833]  br_stp_disable_bridge+0xca/0x180
[   88.600566][ T6833]  ? __pfx_br_dev_stop+0x10/0x10
[   88.600579][ T6833]  br_dev_stop+0x26/0x1b0
[   88.600592][ T6833]  __dev_close_many+0x29b/0x770
[   88.600609][ T6833]  ? __pfx___dev_close_many+0x10/0x10
[   88.600626][ T6833]  ? __local_bh_enable_ip+0xa4/0x120
[   88.600640][ T6833]  __dev_change_flags+0x4d8/0x720
[   88.600653][ T6833]  ? __pfx___dev_change_flags+0x10/0x10
[   88.600667][ T6833]  ? __pfx_validate_linkmsg+0x10/0x10
[   88.600682][ T6833]  netif_change_flags+0x8d/0x160
[   88.600695][ T6833]  do_setlink.constprop.0+0xddf/0x44b0
[   88.600711][ T6833]  ? __lock_acquire+0xaa4/0x1ba0
[   88.600725][ T6833]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   88.600742][ T6833]  ? __mutex_trylock_common+0xe9/0x250
[   88.600756][ T6833]  ? __pfx___mutex_trylock_common+0x10/0x10
[   88.600771][ T6833]  ? __pfx___might_resched+0x10/0x10
[   88.600784][ T6833]  ? rcu_is_watching+0x12/0xc0
[   88.600794][ T6833]  ? trace_contention_end+0xdd/0x130
[   88.600808][ T6833]  ? __mutex_lock+0x1ca/0xb90
[   88.600824][ T6833]  ? rcu_is_watching+0x12/0xc0
[   88.600833][ T6833]  ? rtnl_newlink+0x600/0x2000
[   88.600845][ T6833]  ? trace_cap_capable+0x18d/0x200
[   88.600857][ T6833]  ? __pfx___mutex_lock+0x10/0x10
[   88.600872][ T6833]  ? apparmor_capable+0x114/0x1d0
[   88.600890][ T6833]  ? netlink_ns_capable+0xfa/0x130
[   88.600912][ T6833]  rtnl_newlink+0x1446/0x2000
[   88.600941][ T6833]  ? __pfx_rtnl_newlink+0x10/0x10
[   88.600966][ T6833]  ? kasan_quarantine_put+0x10a/0x240
[   88.600984][ T6833]  ? lockdep_hardirqs_on+0x7c/0x110
[   88.601012][ T6833]  ? kfree_skbmem+0x1a4/0x1f0
[   88.601030][ T6833]  ? __lock_acquire+0x5ca/0x1ba0
[   88.601044][ T6833]  ? rcu_is_watching+0x12/0xc0
[   88.601054][ T6833]  ? trace_cap_capable+0x18d/0x200
[   88.601076][ T6833]  ? find_held_lock+0x2b/0x80
[   88.601085][ T6833]  ? __pfx_rtnl_newlink+0x10/0x10
[   88.601098][ T6833]  ? __pfx_rtnl_newlink+0x10/0x10
[   88.601110][ T6833]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   88.601123][ T6833]  ? __pfx_rtnl_newlink+0x10/0x10
[   88.601136][ T6833]  rtnetlink_rcv_msg+0x95e/0xe90
[   88.601151][ T6833]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   88.601171][ T6833]  netlink_rcv_skb+0x16d/0x440
[   88.601184][ T6833]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   88.601198][ T6833]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   88.601219][ T6833]  ? netlink_deliver_tap+0x1ae/0xd30
[   88.601235][ T6833]  netlink_unicast+0x53a/0x7f0
[   88.601250][ T6833]  ? __pfx_netlink_unicast+0x10/0x10
[   88.601267][ T6833]  netlink_sendmsg+0x8d1/0xdd0
[   88.601283][ T6833]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.601298][ T6833]  ? __import_iovec+0x1c8/0x660
[   88.601312][ T6833]  ____sys_sendmsg+0xa98/0xc70
[   88.601329][ T6833]  ? __pfx_____sys_sendmsg+0x10/0x10
[   88.601344][ T6833]  ? get_compat_msghdr+0x11a/0x170
[   88.601362][ T6833]  ___sys_sendmsg+0x134/0x1d0
[   88.601375][ T6833]  ? __pfx____sys_sendmsg+0x10/0x10
[   88.601403][ T6833]  __sys_sendmsg+0x16d/0x220
[   88.601415][ T6833]  ? __pfx___sys_sendmsg+0x10/0x10
[   88.601433][ T6833]  ? rcu_is_watching+0x12/0xc0
[   88.601445][ T6833]  __do_fast_syscall_32+0x73/0x120
[   88.601462][ T6833]  do_fast_syscall_32+0x32/0x80
[   88.601478][ T6833]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   88.601491][ T6833] RIP: 0023:0xf70de579
[   88.601501][ T6833] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   88.601510][ T6833] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   88.601520][ T6833] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000600
[   88.601526][ T6833] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   88.601532][ T6833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   88.601537][ T6833] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   88.601543][ T6833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   88.601555][ T6833]  </TASK>
[   88.661763][ T1323] usb 6-1: new low-speed USB device number 6 using dummy_hcd
[   88.663451][ T6833] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.692166][ T1323] usb 6-1: Invalid ep0 maxpacket: 64
[   88.702633][ T6833] bridge0: port 3(batadv0) entered blocking state
[   88.703961][ T1323] usb usb6-port1: unable to enumerate USB device
[   88.705182][ T6833] bridge0: port 3(batadv0) entered forwarding state
[   88.787391][ T6833] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.790419][ T6833] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.793734][ T6833] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.796699][ T6833] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.816163][ T6833] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   88.883220][ T6837] No control pipe specified
[   88.991942][  T106] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   88.996005][  T106] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   90.221856][ T6863] netlink: 4 bytes leftover after parsing attributes in process `syz.1.231'.
[   90.418281][ T6869] overlayfs: failed to resolve './file1': -2
[   90.470054][ T6872] overlayfs: failed to resolve './file1': -2
[   90.576428][ T6877] 9pnet: Unknown protocol version 9p20\++}
[   90.578667][ T6878] 9pnet: Unknown protocol version 9p20\++}
[   91.721886][  T835] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   91.916053][  T835] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   91.919857][  T835] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.923537][  T835] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.926878][  T835] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   91.934694][  T835] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   91.943594][  T835] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   91.952342][  T835] usb 6-1: Manufacturer: syz
[   91.956755][  T835] usb 6-1: config 0 descriptor??
[   92.393259][  T835] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[   92.395841][  T835] appleir 0003:05AC:8243.0005: No inputs registered, leaving
[   92.457245][  T835] appleir 0003:05AC:8243.0005: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[   93.752331][ T1456] usb 6-1: reset high-speed USB device number 7 using dummy_hcd
[   93.923210][ T6918] lo speed is unknown, defaulting to 1000
[   94.206847][ T6925] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7
[   95.578253][ T6942] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[   95.592550][ T6942] qnx6: wrong signature (magic) in superblock #1.
[   95.594744][ T6942] qnx6: unable to read the first superblock
[   95.637557][ T6944] lo speed is unknown, defaulting to 1000
[   95.764788][   T24] usb 6-1: USB disconnect, device number 7
[   96.549519][ T6957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.253'.
[   96.860669][ T6962] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   96.867206][ T6962] veth1_to_bond: entered allmulticast mode
[   96.869398][ T6962] veth1_to_bond: entered promiscuous mode
[   96.952876][ T6961] veth1_to_bond: left promiscuous mode
[   96.955564][ T6961] veth1_to_bond: left allmulticast mode
[   98.484453][   T93] Bluetooth: (null): Invalid header checksum
[   98.494114][   T93] Bluetooth: (null): Invalid header checksum
[   98.592130][ T1231] Bluetooth: (null): Invalid header checksum
[   98.682156][ T6998] sp0: Synchronizing with TNC
[   98.717962][ T6998] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   98.871417][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.268'.
[   98.889040][ T7001] input: syz1 as /devices/virtual/input/input8
[   99.030047][ T7003] Invalid source name
[  100.042612][ T7034] FAULT_INJECTION: forcing a failure.
[  100.042612][ T7034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.046670][ T7034] CPU: 3 UID: 0 PID: 7034 Comm: syz.0.278 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[  100.046685][ T7034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.046691][ T7034] Call Trace:
[  100.046695][ T7034]  <TASK>
[  100.046699][ T7034]  dump_stack_lvl+0x16c/0x1f0
[  100.046719][ T7034]  should_fail_ex+0x512/0x640
[  100.046738][ T7034]  _copy_from_user+0x2e/0xd0
[  100.046756][ T7034]  __sys_bpf+0x21d/0x4d80
[  100.046773][ T7034]  ? __pfx___sys_bpf+0x10/0x10
[  100.046789][ T7034]  ? ksys_write+0x190/0x240
[  100.046802][ T7034]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  100.046826][ T7034]  ? fput+0x70/0xf0
[  100.046839][ T7034]  ? ksys_write+0x1b9/0x240
[  100.046848][ T7034]  ? __pfx_ksys_write+0x10/0x10
[  100.046861][ T7034]  __ia32_sys_bpf+0x76/0xe0
[  100.046877][ T7034]  __do_fast_syscall_32+0x73/0x120
[  100.046895][ T7034]  do_fast_syscall_32+0x32/0x80
[  100.046911][ T7034]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  100.046924][ T7034] RIP: 0023:0xf70de579
[  100.046932][ T7034] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  100.046942][ T7034] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  100.046951][ T7034] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[  100.046958][ T7034] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  100.046964][ T7034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  100.046969][ T7034] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  100.046975][ T7034] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  100.046993][ T7034]  </TASK>
[  100.118467][ T7037] netlink: 'syz.0.279': attribute type 10 has an invalid length.
[  100.123917][ T7037] batman_adv: batadv0: Interface deactivated: dummy0
[  100.134083][ T7037] batman_adv: batadv0: Removing interface: dummy0
[  100.141209][ T6232] libceph: connect (1)[c::]:6789 error -101
[  100.142524][ T7037] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  100.146176][ T6232] libceph: mon0 (1)[c::]:6789 connect error
[  100.153974][ T6232] libceph: connect (1)[c::]:6789 error -101
[  100.156613][ T7031] ceph: No mds server is up or the cluster is laggy
[  100.159784][ T6232] libceph: mon0 (1)[c::]:6789 connect error
[  100.993301][ T7053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.283'.
[  101.244690][ T7060] netlink: 128 bytes leftover after parsing attributes in process `syz.0.285'.
[  101.389017][ T7066] fuse: Bad value for 'user_id'
[  101.391421][ T7066] fuse: Bad value for 'user_id'
[  101.743447][ T5945] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  101.746813][ T5945] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  101.749393][ T5945] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  101.752888][ T5945] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  101.755650][ T5945] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  101.777724][ T7077] lo speed is unknown, defaulting to 1000
[  101.837684][ T7081] syz.1.295 (7081): drop_caches: 2
[  101.860354][ T7081] syz.1.295 (7081): drop_caches: 2
[  101.918572][ T7077] chnl_net:caif_netlink_parms(): no params data found
[  101.999147][ T1143] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.063806][ T7077] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.067019][ T7077] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.070196][ T7077] bridge_slave_0: entered allmulticast mode
[  102.074984][ T7077] bridge_slave_0: entered promiscuous mode
[  102.079876][ T7077] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.084305][ T7077] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.087399][ T7077] bridge_slave_1: entered allmulticast mode
[  102.091512][ T7077] bridge_slave_1: entered promiscuous mode
[  102.134441][ T1143] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.187555][ T7077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.192920][ T7077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.230061][ T1143] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.244498][ T7077] team0: Port device team_slave_0 added
[  102.248234][ T7077] team0: Port device team_slave_1 added
[  102.281370][ T7077] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.283963][ T7077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.292049][ T7077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.296231][ T7077] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.298375][ T7077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.307152][ T7077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.316014][ T1143] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.373658][ T7077] hsr_slave_0: entered promiscuous mode
[  102.375898][ T7077] hsr_slave_1: entered promiscuous mode
[  102.377972][ T7077] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  102.380826][ T7077] Cannot create hsr debugfs directory
[  102.483356][ T1143] bridge_slave_1: left allmulticast mode
[  102.485177][ T1143] bridge_slave_1: left promiscuous mode
[  102.487458][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.495277][ T1143] bridge_slave_0: left allmulticast mode
[  102.497080][ T1143] bridge_slave_0: left promiscuous mode
[  102.499012][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.768534][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.785052][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.790013][ T1143] bond0 (unregistering): Released all slaves
[  102.921262][ T7114] bond0: (slave bridge0): Releasing backup interface
[  102.926081][ T7114] bridge0: port 3(batadv0) entered disabled state
[  102.928769][ T7114] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.931169][ T7114] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.955333][ T7114] bond0: (slave dummy0): Releasing backup interface
[  102.968479][ T7114] bridge0: port 3(batadv0) entered disabled state
[  102.977514][ T7120] netlink: 32 bytes leftover after parsing attributes in process `syz.1.303'.
[  102.977890][ T7114] bridge_slave_0: left allmulticast mode
[  102.984356][ T7114] bridge_slave_0: left promiscuous mode
[  102.986432][ T7114] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.995871][ T7114] bridge_slave_1: left allmulticast mode
[  102.997739][ T7114] bridge_slave_1: left promiscuous mode
[  102.999901][ T7114] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.012079][ T7114] bond0: (slave bond_slave_0): Releasing backup interface
[  103.019856][ T7114] bond0: (slave bond_slave_1): Releasing backup interface
[  103.028977][ T7114] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.031415][ T7114] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.044655][ T7114] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.053006][ T7114] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.070814][ T6232] lo speed is unknown, defaulting to 1000
[  103.077355][ T7108] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  103.079821][ T7108] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  103.113921][ T7108] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  103.116102][ T7108] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  103.121205][ T7108] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  103.123265][ T7108] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  103.301028][ T7077] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  103.318439][ T7077] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  103.334154][ T7077] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  103.343487][ T7077] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  103.365550][ T7108] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  103.367602][ T7108] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  103.438293][ T7077] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.475976][ T7077] 8021q: adding VLAN 0 to HW filter on device team0
[  103.483333][ T1231] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.486275][ T1231] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.499437][ T1231] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.501779][ T1231] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.657721][ T7077] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.761007][ T7146] syzkaller1: entered promiscuous mode
[  103.763063][ T7146] syzkaller1: entered allmulticast mode
[  103.870781][ T7077] veth0_vlan: entered promiscuous mode
[  103.877740][ T7077] veth1_vlan: entered promiscuous mode
[  103.890479][ T7077] veth0_macvtap: entered promiscuous mode
[  103.896869][ T7077] veth1_macvtap: entered promiscuous mode
[  103.915288][ T7077] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.923534][ T7077] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.928651][ T7077] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.931463][ T7077] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.934625][ T7077] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.937446][ T7077] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.093715][ T1143] hsr_slave_0: left promiscuous mode
[  104.101860][ T1143] hsr_slave_1: left promiscuous mode
[  104.106508][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.110106][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.115153][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.121704][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.158378][ T1143] veth1_macvtap: left promiscuous mode
[  104.160516][ T1143] veth0_macvtap: left promiscuous mode
[  104.162942][ T1143] veth1_vlan: left promiscuous mode
[  104.164889][ T1143] veth0_vlan: left promiscuous mode
[  104.832336][ T1143] team0 (unregistering): Port device team_slave_1 removed
[  104.933199][ T1143] team0 (unregistering): Port device team_slave_0 removed
[  105.574120][  T106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.576631][  T106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.609134][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.629100][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.731446][ T7210] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  105.735185][ T7210] qnx6: wrong signature (magic) in superblock #1.
[  105.737350][ T7210] qnx6: unable to read the first superblock
[  106.028545][ T7232] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  106.069291][ T1143] IPVS: stop unused estimator thread 0...
[  106.655377][ T7260] netlink: 'syz.3.323': attribute type 21 has an invalid length.
[  106.657815][ T7260] netlink: 128 bytes leftover after parsing attributes in process `syz.3.323'.
[  106.660605][ T7260] netlink: 'syz.3.323': attribute type 4 has an invalid length.
[  106.663753][ T7260] netlink: 'syz.3.323': attribute type 3 has an invalid length.
[  106.666127][ T7260] netlink: 3 bytes leftover after parsing attributes in process `syz.3.323'.
[  106.769243][   T40] kauditd_printk_skb: 19 callbacks suppressed
[  106.769256][   T40] audit: type=1326 audit(1747439361.043:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.780283][   T40] audit: type=1326 audit(1747439361.043:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.797528][ T7267] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(17)
[  106.800077][ T7267] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  106.801803][   T40] audit: type=1326 audit(1747439361.043:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=114 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.809125][   T40] audit: type=1326 audit(1747439361.043:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.809949][ T7267] vhci_hcd vhci_hcd.0: Device attached
[  106.816727][   T40] audit: type=1326 audit(1747439361.043:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.824823][   T40] audit: type=1326 audit(1747439361.053:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.831485][   T40] audit: type=1326 audit(1747439361.053:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.837917][ T7267] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(19)
[  106.838371][   T40] audit: type=1326 audit(1747439361.053:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.840088][ T7267] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  106.840131][ T7267] vhci_hcd vhci_hcd.0: Device attached
[  106.846766][   T40] audit: type=1326 audit(1747439361.053:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.857486][   T40] audit: type=1326 audit(1747439361.053:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.0.324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  106.880660][ T7267] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(21)
[  106.882824][ T7267] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  106.885397][ T7267] vhci_hcd vhci_hcd.0: Device attached
[  106.890028][ T7267] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(23)
[  106.892182][ T7267] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  106.897455][ T7267] vhci_hcd vhci_hcd.0: Device attached
[  106.900804][ T7267] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(25)
[  106.902896][ T7267] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  106.915471][ T7267] vhci_hcd vhci_hcd.0: Device attached
[  106.923191][ T7267] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  106.930903][ T7267] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  106.941216][ T7267] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  106.956957][ T7267] vhci_hcd vhci_hcd.0: pdev(0) rhport(7) sockfd(33)
[  106.959698][ T7267] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  106.973061][ T7267] vhci_hcd vhci_hcd.0: Device attached
[  106.997233][ T7282] vhci_hcd: connection closed
[  106.998852][  T106] vhci_hcd: stop threads
[  107.003695][  T106] vhci_hcd: release socket
[  107.005121][ T7269] vhci_hcd: connection closed
[  107.005149][ T7272] vhci_hcd: connection closed
[  107.005473][ T7275] vhci_hcd: connection closed
[  107.010031][ T7279] vhci_hcd: connection closed
[  107.012843][  T106] vhci_hcd: disconnect device
[  107.016138][  T106] vhci_hcd: stop threads
[  107.017519][  T106] vhci_hcd: release socket
[  107.019891][  T106] vhci_hcd: disconnect device
[  107.021567][  T106] vhci_hcd: stop threads
[  107.023591][  T106] vhci_hcd: release socket
[  107.025047][  T106] vhci_hcd: disconnect device
[  107.027876][  T106] vhci_hcd: stop threads
[  107.029247][  T106] vhci_hcd: release socket
[  107.031286][  T106] vhci_hcd: disconnect device
[  107.034587][ T7293] FAULT_INJECTION: forcing a failure.
[  107.034587][ T7293] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.035101][  T106] vhci_hcd: stop threads
[  107.039060][ T7293] CPU: 1 UID: 0 PID: 7293 Comm: syz.1.326 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[  107.039076][ T7293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.039082][ T7293] Call Trace:
[  107.039086][ T7293]  <TASK>
[  107.039091][ T7293]  dump_stack_lvl+0x16c/0x1f0
[  107.039111][ T7293]  should_fail_ex+0x512/0x640
[  107.039130][ T7293]  _copy_from_user+0x2e/0xd0
[  107.039148][ T7293]  __io_register_rsrc_update+0x6ea/0x1190
[  107.039171][ T7293]  ? __pfx___io_register_rsrc_update+0x10/0x10
[  107.039188][ T7293]  ? find_held_lock+0x2b/0x80
[  107.039198][ T7293]  ? __might_fault+0xe3/0x190
[  107.039210][ T7293]  ? __might_fault+0xe3/0x190
[  107.039221][ T7293]  ? __might_fault+0x13b/0x190
[  107.039238][ T7293]  io_register_rsrc_update+0x11b/0x180
[  107.039256][ T7293]  ? __pfx_io_register_rsrc_update+0x10/0x10
[  107.039274][ T7293]  ? __mutex_trylock_common+0xe9/0x250
[  107.039289][ T7293]  ? __pfx___mutex_trylock_common+0x10/0x10
[  107.039305][ T7293]  __io_uring_register+0x1ca/0x2310
[  107.039316][ T7293]  ? trace_contention_end+0xdd/0x130
[  107.039330][ T7293]  ? __pfx___io_uring_register+0x10/0x10
[  107.039339][ T7293]  ? __mutex_lock+0x1ca/0xb90
[  107.039357][ T7293]  ? __ia32_sys_io_uring_register+0x159/0x280
[  107.039369][ T7293]  ? __pfx___mutex_lock+0x10/0x10
[  107.039388][ T7293]  ? __fget_files+0x20e/0x3c0
[  107.039398][ T7293]  ? fput+0x50/0xf0
[  107.039414][ T7293]  __ia32_sys_io_uring_register+0x169/0x280
[  107.039427][ T7293]  __do_fast_syscall_32+0x73/0x120
[  107.039444][ T7293]  do_fast_syscall_32+0x32/0x80
[  107.039461][ T7293]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  107.039474][ T7293] RIP: 0023:0xf70de579
[  107.039483][ T7293] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  107.039492][ T7293] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 00000000000001ab
[  107.039502][ T7293] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000010
[  107.039508][ T7293] RDX: 0000000080000600 RSI: 0000000000000020 RDI: 0000000000000000
[  107.039514][ T7293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  107.039520][ T7293] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  107.039525][ T7293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  107.039538][ T7293]  </TASK>
[  107.116803][   T76] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  107.119184][   T76] usb 37-1: enqueue for inactive port 0
[  107.122757][  T106] vhci_hcd: release socket
[  107.124255][  T106] vhci_hcd: disconnect device
[  107.170198][ T7302] netlink: 'syz.1.327': attribute type 4 has an invalid length.
[  107.192162][   T76] vhci_hcd: vhci_device speed not set
[  107.441891][ T5984] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  107.572629][ T7287] vhci_hcd: connection closed
[  107.575780][ T1143] vhci_hcd: stop threads
[  107.578705][ T1143] vhci_hcd: release socket
[  107.588662][ T1143] vhci_hcd: disconnect device
[  107.605737][ T5984] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  107.609153][ T5984] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  107.621749][ T5984] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  107.624551][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.637517][ T7302] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  107.657329][ T5984] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  108.079119][ T7349] FAULT_INJECTION: forcing a failure.
[  108.079119][ T7349] name failslab, interval 1, probability 0, space 0, times 0
[  108.083277][ T7349] CPU: 0 UID: 0 PID: 7349 Comm: syz.0.333 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[  108.083303][ T7349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.083309][ T7349] Call Trace:
[  108.083313][ T7349]  <TASK>
[  108.083317][ T7349]  dump_stack_lvl+0x16c/0x1f0
[  108.083337][ T7349]  should_fail_ex+0x512/0x640
[  108.083353][ T7349]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  108.083368][ T7349]  should_failslab+0xc2/0x120
[  108.083382][ T7349]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  108.083393][ T7349]  ? inode_set_ctime_current+0x2a1/0x8f0
[  108.083405][ T7349]  ? __d_alloc+0x31/0xaa0
[  108.083418][ T7349]  __d_alloc+0x31/0xaa0
[  108.083431][ T7349]  d_alloc_pseudo+0x1c/0xc0
[  108.083445][ T7349]  alloc_file_pseudo+0xcf/0x230
[  108.083460][ T7349]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  108.083474][ T7349]  ? hugetlbfs_get_inode+0x31f/0x730
[  108.083487][ T7349]  ? rcu_is_watching+0x12/0xc0
[  108.083499][ T7349]  hugetlb_file_setup+0x4cd/0x620
[  108.083515][ T7349]  ksys_mmap_pgoff+0x189/0x5c0
[  108.083531][ T7349]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  108.083548][ T7349]  __do_fast_syscall_32+0x73/0x120
[  108.083565][ T7349]  do_fast_syscall_32+0x32/0x80
[  108.083581][ T7349]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  108.083595][ T7349] RIP: 0023:0xf70de579
[  108.083603][ T7349] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  108.083629][ T7349] RSP: 002b:00000000f508455c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  108.083640][ T7349] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000002000
[  108.083647][ T7349] RDX: 0000000001000006 RSI: 0000000000040032 RDI: 00000000ffffffff
[  108.083653][ T7349] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  108.083658][ T7349] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  108.083664][ T7349] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  108.083677][ T7349]  </TASK>
[  109.112174][ T7355] xt_CT: No such helper "snmp"
[  109.303344][ T7359] fuseblk: Unknown parameter 'f`0xffffffffffffffff'
[  110.101448][ T7375] syzkaller0: entered allmulticast mode
[  110.109685][ T7375] syzkaller0 (unregistering): left allmulticast mode
[  110.183731][ T1456] usb 6-1: USB disconnect, device number 8
[  110.241496][ T7377] netlink: 8 bytes leftover after parsing attributes in process `syz.1.339'.
[  110.380758][ T7386] netlink: 4 bytes leftover after parsing attributes in process `syz.1.342'.
[  110.635508][ T7400] FAULT_INJECTION: forcing a failure.
[  110.635508][ T7400] name failslab, interval 1, probability 0, space 0, times 0
[  110.639676][ T7400] CPU: 2 UID: 0 PID: 7400 Comm: syz.4.346 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[  110.639690][ T7400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.639696][ T7400] Call Trace:
[  110.639700][ T7400]  <TASK>
[  110.639705][ T7400]  dump_stack_lvl+0x16c/0x1f0
[  110.639724][ T7400]  should_fail_ex+0x512/0x640
[  110.639740][ T7400]  ? __kmalloc_noprof+0xbf/0x510
[  110.639753][ T7400]  ? kobject_rename+0xf1/0x260
[  110.639762][ T7400]  should_failslab+0xc2/0x120
[  110.639776][ T7400]  __kmalloc_noprof+0xd2/0x510
[  110.639788][ T7400]  ? kobject_get_path+0x8e/0x2a0
[  110.639806][ T7400]  kobject_rename+0xf1/0x260
[  110.639816][ T7400]  ? __pfx_kobject_rename+0x10/0x10
[  110.639828][ T7400]  ? kernfs_put+0x35/0x60
[  110.639841][ T7400]  device_rename+0x130/0x230
[  110.639852][ T7400]  cfg802154_switch_netns+0x1d0/0x470
[  110.639873][ T7400]  nl802154_wpan_phy_netns+0x134/0x2b0
[  110.639886][ T7400]  genl_family_rcv_msg_doit+0x209/0x2f0
[  110.639905][ T7400]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  110.639920][ T7400]  ? rcu_is_watching+0x12/0xc0
[  110.639936][ T7400]  ? bpf_lsm_capable+0x9/0x10
[  110.639947][ T7400]  ? security_capable+0x7e/0x260
[  110.639961][ T7400]  genl_rcv_msg+0x55c/0x800
[  110.639979][ T7400]  ? __pfx_genl_rcv_msg+0x10/0x10
[  110.639995][ T7400]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  110.640007][ T7400]  ? __pfx_nl802154_wpan_phy_netns+0x10/0x10
[  110.640018][ T7400]  ? __pfx_nl802154_post_doit+0x10/0x10
[  110.640030][ T7400]  ? __lock_acquire+0xaa4/0x1ba0
[  110.640047][ T7400]  netlink_rcv_skb+0x16d/0x440
[  110.640061][ T7400]  ? __pfx_genl_rcv_msg+0x10/0x10
[  110.640077][ T7400]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  110.640098][ T7400]  ? __pfx_down_read+0x10/0x10
[  110.640109][ T7400]  ? netlink_deliver_tap+0x1ae/0xd30
[  110.640129][ T7400]  genl_rcv+0x28/0x40
[  110.640143][ T7400]  netlink_unicast+0x53a/0x7f0
[  110.640158][ T7400]  ? __pfx_netlink_unicast+0x10/0x10
[  110.640176][ T7400]  netlink_sendmsg+0x8d1/0xdd0
[  110.640193][ T7400]  ? __pfx_netlink_sendmsg+0x10/0x10
[  110.640208][ T7400]  ? __import_iovec+0x1c8/0x660
[  110.640222][ T7400]  ____sys_sendmsg+0xa98/0xc70
[  110.640237][ T7400]  ? gfs2_create_inode+0x8c0/0x32c0
[  110.640251][ T7400]  ? __pfx_____sys_sendmsg+0x10/0x10
[  110.640266][ T7400]  ? get_compat_msghdr+0x11a/0x170
[  110.640285][ T7400]  ___sys_sendmsg+0x134/0x1d0
[  110.640299][ T7400]  ? __pfx____sys_sendmsg+0x10/0x10
[  110.640330][ T7400]  __sys_sendmsg+0x16d/0x220
[  110.640343][ T7400]  ? __pfx___sys_sendmsg+0x10/0x10
[  110.640365][ T7400]  ? rcu_is_watching+0x12/0xc0
[  110.640382][ T7400]  __do_fast_syscall_32+0x73/0x120
[  110.640404][ T7400]  do_fast_syscall_32+0x32/0x80
[  110.640425][ T7400]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  110.640438][ T7400] RIP: 0023:0xf7fd5579
[  110.640447][ T7400] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  110.640456][ T7400] RSP: 002b:00000000f50d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  110.640467][ T7400] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280
[  110.640473][ T7400] RDX: 0000000004000000 RSI: 0000000000000000 RDI: 0000000000000000
[  110.640479][ T7400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  110.640484][ T7400] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  110.640490][ T7400] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  110.640503][ T7400]  </TASK>
[  110.640899][ T7400] ------------[ cut here ]------------
[  110.761719][ T7400] WARNING: CPU: 2 PID: 7400 at net/ieee802154/core.c:258 cfg802154_switch_netns+0x3b1/0x470
[  110.764909][ T7400] Modules linked in:
[  110.766743][ T7400] CPU: 2 UID: 0 PID: 7400 Comm: syz.4.346 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[  110.771932][ T7400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.775275][ T7400] RIP: 0010:cfg802154_switch_netns+0x3b1/0x470
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  110.777214][ T7400] Code: 34 e9 8c 48 8b 7b 20 e8 4d 75 29 fe 31 ff 89 c5 89 c6 e8 42 b4 9a f6 85 ed 0f 84 0f ff ff ff e9 01 ff ff ff e8 f0 b8 9a f6 90 <0f> 0b 90 e9 2a fe ff ff 4c 89 ef e8 5f 3e ff f6 e9 ad fc ff ff e8
[  110.783617][ T7400] RSP: 0018:ffffc90025e074f8 EFLAGS: 00010293
[  110.786027][ T7400] RAX: 0000000000000000 RBX: 00000000fffffff4 RCX: ffffffff8b1ff55b
[  110.788532][ T7400] RDX: ffff888022a64880 RSI: ffffffff8b1ff730 RDI: 0000000000000005
[  110.791028][ T7400] RBP: ffff8880450ee198 R08: 0000000000000005 R09: 0000000000000000
[  110.794435][ T7400] R10: 00000000fffffff4 R11: 0000000000000000 R12: 0000000000000000
[  110.796933][ T7400] R13: ffff888026225e00 R14: ffff8880450ee078 R15: ffff8880450ee000
[  110.799403][ T7400] FS:  0000000000000000(0000) GS:ffff8880979e9000(0063) knlGS:00000000f50d5b40
[  110.802340][ T7400] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  110.804466][ T7400] CR2: 00000000f50d4fac CR3: 00000000647b7000 CR4: 0000000000352ef0
[  110.806961][ T7400] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  110.809463][ T7400] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  110.812069][ T7400] Call Trace:
[  110.813145][ T7400]  <TASK>
[  110.814659][ T7400]  nl802154_wpan_phy_netns+0x134/0x2b0
[  110.816407][ T7400]  genl_family_rcv_msg_doit+0x209/0x2f0
[  110.818179][ T7400]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  110.820101][ T7400]  ? rcu_is_watching+0x12/0xc0
[  110.821912][ T7400]  ? bpf_lsm_capable+0x9/0x10
[  110.823425][ T7400]  ? security_capable+0x7e/0x260
[  110.825018][ T7400]  genl_rcv_msg+0x55c/0x800
[  110.826483][ T7400]  ? __pfx_genl_rcv_msg+0x10/0x10
[  110.828090][ T7400]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  110.829799][ T7400]  ? __pfx_nl802154_wpan_phy_netns+0x10/0x10
[  110.831962][ T7400]  ? __pfx_nl802154_post_doit+0x10/0x10
[  110.833736][ T7400]  ? __lock_acquire+0xaa4/0x1ba0
[  110.835335][ T7400]  netlink_rcv_skb+0x16d/0x440
[  110.837074][ T7400]  ? __pfx_genl_rcv_msg+0x10/0x10
[  110.838685][ T7400]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  110.840382][ T7400]  ? __pfx_down_read+0x10/0x10
[  110.842153][ T7400]  ? netlink_deliver_tap+0x1ae/0xd30
[  110.843850][ T7400]  genl_rcv+0x28/0x40
[  110.845144][ T7400]  netlink_unicast+0x53a/0x7f0
[  110.846671][ T7400]  ? __pfx_netlink_unicast+0x10/0x10
[  110.848372][ T7400]  netlink_sendmsg+0x8d1/0xdd0
[  110.849901][ T7400]  ? __pfx_netlink_sendmsg+0x10/0x10
[  110.851707][ T7400]  ? __import_iovec+0x1c8/0x660
[  110.853267][ T7400]  ____sys_sendmsg+0xa98/0xc70
[  110.854798][ T7400]  ? gfs2_create_inode+0x8c0/0x32c0
[  110.856459][ T7400]  ? __pfx_____sys_sendmsg+0x10/0x10
[  110.858161][ T7400]  ? get_compat_msghdr+0x11a/0x170
[  110.859859][ T7400]  ___sys_sendmsg+0x134/0x1d0
[  110.861495][ T7400]  ? __pfx____sys_sendmsg+0x10/0x10
[  110.863502][ T7400]  __sys_sendmsg+0x16d/0x220
[  110.865026][ T7400]  ? __pfx___sys_sendmsg+0x10/0x10
[  110.866663][ T7400]  ? rcu_is_watching+0x12/0xc0
[  110.868241][ T7400]  __do_fast_syscall_32+0x73/0x120
[  110.869895][ T7400]  do_fast_syscall_32+0x32/0x80
[  110.871487][ T7400]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  110.873619][ T7400] RIP: 0023:0xf7fd5579
[  110.874935][ T7400] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  110.881162][ T7400] RSP: 002b:00000000f50d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  110.883869][ T7400] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280
[  110.886375][ T7400] RDX: 0000000004000000 RSI: 0000000000000000 RDI: 0000000000000000
[  110.888882][ T7400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  110.891393][ T7400] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  110.894008][ T7400] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  110.896525][ T7400]  </TASK>
[  110.897545][ T7400] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  110.899907][ T7400] CPU: 2 UID: 0 PID: 7400 Comm: syz.4.346 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[  110.904292][ T7400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.907660][ T7400] Call Trace:
[  110.908741][ T7400]  <TASK>
[  110.909701][ T7400]  dump_stack_lvl+0x3d/0x1f0
[  110.911243][ T7400]  panic+0x71c/0x800
[  110.912527][ T7400]  ? __pfx_panic+0x10/0x10
[  110.913956][ T7400]  ? show_trace_log_lvl+0x29b/0x3e0
[  110.915623][ T7400]  ? check_panic_on_warn+0x1f/0xb0
[  110.917285][ T7400]  ? cfg802154_switch_netns+0x3b1/0x470
[  110.919055][ T7400]  check_panic_on_warn+0xab/0xb0
[  110.920672][ T7400]  __warn+0xf6/0x3c0
[  110.922011][ T7400]  ? cfg802154_switch_netns+0x3b1/0x470
[  110.923789][ T7400]  report_bug+0x3c3/0x580
[  110.925187][ T7400]  ? cfg802154_switch_netns+0x3b1/0x470
[  110.926937][ T7400]  handle_bug+0x184/0x210
[  110.928324][ T7400]  exc_invalid_op+0x17/0x50
[  110.929779][ T7400]  asm_exc_invalid_op+0x1a/0x20
[  110.931377][ T7400] RIP: 0010:cfg802154_switch_netns+0x3b1/0x470
[  110.933348][ T7400] Code: 34 e9 8c 48 8b 7b 20 e8 4d 75 29 fe 31 ff 89 c5 89 c6 e8 42 b4 9a f6 85 ed 0f 84 0f ff ff ff e9 01 ff ff ff e8 f0 b8 9a f6 90 <0f> 0b 90 e9 2a fe ff ff 4c 89 ef e8 5f 3e ff f6 e9 ad fc ff ff e8
[  110.939360][ T7400] RSP: 0018:ffffc90025e074f8 EFLAGS: 00010293
[  110.941348][ T7400] RAX: 0000000000000000 RBX: 00000000fffffff4 RCX: ffffffff8b1ff55b
[  110.943941][ T7400] RDX: ffff888022a64880 RSI: ffffffff8b1ff730 RDI: 0000000000000005
[  110.946421][ T7400] RBP: ffff8880450ee198 R08: 0000000000000005 R09: 0000000000000000
[  110.948905][ T7400] R10: 00000000fffffff4 R11: 0000000000000000 R12: 0000000000000000
[  110.951421][ T7400] R13: ffff888026225e00 R14: ffff8880450ee078 R15: ffff8880450ee000
[  110.953906][ T7400]  ? cfg802154_switch_netns+0x1db/0x470
[  110.955666][ T7400]  ? cfg802154_switch_netns+0x3b0/0x470
[  110.957439][ T7400]  ? cfg802154_switch_netns+0x3b0/0x470
[  110.959190][ T7400]  nl802154_wpan_phy_netns+0x134/0x2b0
[  110.960940][ T7400]  genl_family_rcv_msg_doit+0x209/0x2f0
[  110.962695][ T7400]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  110.964618][ T7400]  ? rcu_is_watching+0x12/0xc0
[  110.966209][ T7400]  ? bpf_lsm_capable+0x9/0x10
[  110.967724][ T7400]  ? security_capable+0x7e/0x260
[  110.969317][ T7400]  genl_rcv_msg+0x55c/0x800
[  110.970816][ T7400]  ? __pfx_genl_rcv_msg+0x10/0x10
[  110.972442][ T7400]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  110.974177][ T7400]  ? __pfx_nl802154_wpan_phy_netns+0x10/0x10
[  110.976079][ T7400]  ? __pfx_nl802154_post_doit+0x10/0x10
[  110.977847][ T7400]  ? __lock_acquire+0xaa4/0x1ba0
[  110.979437][ T7400]  netlink_rcv_skb+0x16d/0x440
[  110.980989][ T7400]  ? __pfx_genl_rcv_msg+0x10/0x10
[  110.982564][ T7400]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  110.984259][ T7400]  ? __pfx_down_read+0x10/0x10
[  110.985814][ T7400]  ? netlink_deliver_tap+0x1ae/0xd30
[  110.987503][ T7400]  genl_rcv+0x28/0x40
[  110.988797][ T7400]  netlink_unicast+0x53a/0x7f0
[  110.990325][ T7400]  ? __pfx_netlink_unicast+0x10/0x10
[  110.992057][ T7400]  netlink_sendmsg+0x8d1/0xdd0
[  110.993582][ T7400]  ? __pfx_netlink_sendmsg+0x10/0x10
[  110.995291][ T7400]  ? __import_iovec+0x1c8/0x660
[  110.996856][ T7400]  ____sys_sendmsg+0xa98/0xc70
[  110.998389][ T7400]  ? gfs2_create_inode+0x8c0/0x32c0
[  111.000059][ T7400]  ? __pfx_____sys_sendmsg+0x10/0x10
[  111.001751][ T7400]  ? get_compat_msghdr+0x11a/0x170
[  111.003377][ T7400]  ___sys_sendmsg+0x134/0x1d0
[  111.004891][ T7400]  ? __pfx____sys_sendmsg+0x10/0x10
[  111.006568][ T7400]  __sys_sendmsg+0x16d/0x220
[  111.008057][ T7400]  ? __pfx___sys_sendmsg+0x10/0x10
[  111.009692][ T7400]  ? rcu_is_watching+0x12/0xc0
[  111.011237][ T7400]  __do_fast_syscall_32+0x73/0x120
[  111.012879][ T7400]  do_fast_syscall_32+0x32/0x80
[  111.014437][ T7400]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.016445][ T7400] RIP: 0023:0xf7fd5579
[  111.017761][ T7400] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  111.023822][ T7400] RSP: 002b:00000000f50d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  111.026425][ T7400] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280
[  111.028924][ T7400] RDX: 0000000004000000 RSI: 0000000000000000 RDI: 0000000000000000
[  111.031440][ T7400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  111.033949][ T7400] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  111.036434][ T7400] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.038931][ T7400]  </TASK>
[  111.040530][ T7400] Kernel Offset: disabled
[  111.041927][ T7400] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:49:25  Registers:
info registers vcpu 0

CPU#0
RAX=00000000001e049f RBX=0000000000000000 RCX=ffffffff8b6983e9 RDX=0000000000000000
RSI=ffffffff8dbdcd2f RDI=ffffffff8bf47460 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10
R8 =0000000000000001 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90851f10 R15=0000000000000000
RIP=ffffffff8b696c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977e9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000057d954c0 CR3=00000000647b7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000024a881 RBX=0000000000000001 RCX=ffffffff8b6983e9 RDX=0000000000000000
RSI=ffffffff8dbdcd2f RDI=ffffffff8bf47460 RBP=ffffed1003b52488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000000
R12=0000000000000001 R13=ffff88801da92440 R14=ffffffff90851f10 R15=0000000000000000
RIP=ffffffff8b696c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978e9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c2d9fcc CR3=0000000067a28000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000049 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854c43f5 RDI=ffffffff9ade2c40 RBP=ffffffff9ade2c00 RSP=ffffc90025e06e60
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000049 R14=ffffffff9ade2c00 R15=ffffffff854c4390
RIP=ffffffff854c441f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880979e9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50d4fac CR3=00000000647b7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000121373 RBX=0000000000000003 RCX=ffffffff8b6983e9 RDX=0000000000000000
RSI=ffffffff8dbdcd2f RDI=ffffffff8bf47460 RBP=ffffed10037e4000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a65bd R10=ffff88802b532deb R11=0000000000000000
R12=0000000000000003 R13=ffff88801bf20000 R14=ffffffff90851f10 R15=0000000000000000
RIP=ffffffff8b696c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ae9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f202b8fee9c CR3=0000000066e27000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000