last executing test programs:

6.110203303s ago: executing program 2 (id=383):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x804, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040)='./bus\x00')
write$binfmt_script(r4, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
close_range(r3, r4, 0x0)

5.069743836s ago: executing program 2 (id=390):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000000)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000500))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x6, 0x2, 0x7, 0x6, 0x5, 0x1, 0x0, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff)
r1 = openat(0xffffffffffffff9c, 0x0, 0x401c2, 0x0)
ftruncate(r1, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
socket$kcm(0x10, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = socket$kcm(0x29, 0x5, 0x0)
pipe(0x0)
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0xf3e, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000100))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x1e}, 0x94)
ioctl$HIDIOCGCOLLECTIONINDEX(0xffffffffffffffff, 0x40184810, &(0x7f0000000140)={0x2, 0x100, 0x1, 0x1, 0x3})

3.901358505s ago: executing program 2 (id=392):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x1f, 0x4, &(0x7f0000000b40)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="0000000300000000000000050000a3492b469660008ec7a1bd4c00000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback=0x33}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="1100f4ffffffffffffff0000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="580000000001010400000000141a0000020000002400018014b300018008000100e000e0bc44a153000108000200e00000010c000280ac21ad2936c01662759607000000000000180002800c000280050001000007000000000000000000000000074000000001c0fcf7067c75cb6fdcc0424ad148591916acddb7b1"], 0x58}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
socket$inet6(0xa, 0x2, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000780)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008050006d40ce2465c86160a49583d13a4a8d7c7a9da114989004438b42779b1fcdb17f644fca24138be4a5f255bf2715d607f38dd379dcd4a9edc766b52ce1438aef33ce752387c5668b857b31c2ca3e58847a366a191add84664e5ff86fd1976b6a50d5cab6af3840958ba64f6e2d8655b37e442c7082ba30176d29f95469bdcee0ab727cf1944097455d218ff684377f2a6581f0d25fa1811c57590702747"], 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="fcffffff040000000800000008d00c0ebf30351987e7ce1d264569a20952984328a81652932b3ca906a18028bbe41f85b3d4a37d0c516a05ebf53a7847368ea7d0d3386753d9819ba42005f8187b646d290f7eae6ea6ae274dcbebf5d91a7c49af72b48cb0083b6a580fdfdfc67a1fee4cdb8de102"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="360000000000000000000000000000008500000050000000181177d09e820000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRES16=r5, @ANYRESDEC=r5, @ANYBLOB="7e592e22a185b1685155a3e7c49f0d84432a951da40ed20a825f561261"], &(0x7f0000001b80)='GPL\x00', 0x4000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='sys_enter\x00', r7}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)

1.904552198s ago: executing program 1 (id=399):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
syz_open_procfs(r1, &(0x7f00000003c0)='net/netlink\x00') (async)
syz_open_procfs(r1, &(0x7f00000003c0)='net/netlink\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x40) (async)
mkdir(&(0x7f0000000080)='./file0\x00', 0x40)
socket(0x80000000000000a, 0x2, 0x0) (async)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x66}}}}, 0x104)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0xffff, 0x0, @loopback, 0x4}}}, 0x104)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='veth0_to_team\x00', 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
accept4(r3, 0x0, 0x0, 0x800) (async)
r4 = accept4(r3, 0x0, 0x0, 0x800)
recvmmsg$unix(r4, 0x0, 0x0, 0x10000, 0x0) (async)
recvmmsg$unix(r4, 0x0, 0x0, 0x10000, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x4, 0x3, 0x2}, 0x18, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$pokeuser(0x6, r5, 0x118, 0x4) (async)
ptrace$pokeuser(0x6, r5, 0x118, 0x4)
ptrace$pokeuser(0x6, r5, 0x102, 0x5ffffffd) (async)
ptrace$pokeuser(0x6, r5, 0x102, 0x5ffffffd)
r6 = open(&(0x7f0000000280)='.\x00', 0x80, 0x122)
fcntl$notify(r6, 0x402, 0x8000003d) (async)
fcntl$notify(r6, 0x402, 0x8000003d)
fcntl$setown(r3, 0x8, r5) (async)
fcntl$setown(r3, 0x8, r5)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000002e40)='./file0\x00', 0xc0240, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r6, 0xc0184800, &(0x7f0000000100)={0x2, r7, 0x80000})
sendmsg$netlink(r8, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newtfilter={0x78, 0x2c, 0x4, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x3, 0xffe0}, {0x0, 0x4}, {0x4, 0xf}}, [@TCA_RATE={0x6, 0x5, {0xc, 0x4}}, @TCA_RATE={0x6, 0x5, {0x31, 0x1}}, @filter_kind_options=@f_u32={{0x8}, {0x3c, 0x2, [@TCA_U32_POLICE={0x38, 0x6, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x2}, @TCA_POLICE_RESULT={0x8, 0x5, 0x3}, @TCA_POLICE_RESULT={0x8, 0x5, 0x57}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x80}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3}, @TCA_POLICE_PEAKRATE64={0xc}]}]}}]}, 0x78}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})

1.855894727s ago: executing program 1 (id=400):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x10000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000b00)=ANY=[@ANYBLOB="880200001b0000042bbd7000fedbdf25fe800000000000000000000000000027ac04cb174beb16c4a133202fbecb1414aa0000000000000000000000004e2300", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="060000000000000005000000000000000500000000000000000100000000000000010000000000000000010000000000060000000000000000000000000000000500000000000000010000000000000000080000000000000b000000000000005e07000000000000010101029800000007011400686d6163287368613129000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d805000080010000a38fe8c1de610b311a04c33016384fd9c977d92d370fea4eb32fb46258c6f68798d07d770b955a709f01c3105328cfa9ede0c6a6bccbc7fd7d20e6b8b9c28e664a3df2eeb9ca474ad77116e1e4e8286ffa20d7f949435d6501d4fdcdef5fc87b37fa963e9341ad26ee0a807087d74be8393586dc5a95efc240e56e17113623124ffbfb32c8512593946956bcc5a7acabf8711ee5fb36ced4e470eff411ec3d5fa64f81d6992cbb1f6fdf5a5bd75acc246577d37232ff3442fff25d00bb001400736861312d61767832000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007803000000000000f723078b03634602cba44cdd572035dc118c7a26e6806841d2db85d34bcb15845464bfd8b3b8524b77e4e405fd1301d7073bf8a71a130e8e1e76f2c4e76a243e2e6984e01a31313f330f117c487e835d039af3890a2b93014181b5471a201a3533eebe4625143d71ce597a6c644b5e000c000f000400000000000000"], 0x288}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket(0x10, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r5, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f00000001c0)={0xfffffe13, 0x0})
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x10, 0x0)
mkdir(&(0x7f0000000300)='\x00', 0x108)
mount$overlay(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040)='./bus\x00')
write$binfmt_script(r5, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
close_range(r4, r5, 0x0)

1.788485127s ago: executing program 1 (id=402):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{&(0x7f0000000080)={0x2, 0x4e20, @rand_addr=0x3}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)='`', 0x1}], 0x1}}, {{&(0x7f00000006c0)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)="ed", 0x1}], 0x1, &(0x7f0000000380)=[@ip_retopts={{0xc, 0x84, 0x8}}], 0xc}}], 0x2, 0x40010)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000240)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
openat$binder_debug(0xffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x100, 0x3, 0x3}, &(0x7f00000001c0), &(0x7f0000000040))
io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000040), 0x1)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r6, @ANYBLOB="0524060000000001300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x0)
r7 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r8}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5}]}}}]}, 0x3c}}, 0x0)

1.785825907s ago: executing program 1 (id=403):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=@newsa={0xec, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in=@broadcast, 0x0, 0xfffd, 0x0, 0x20, 0x0, 0x0, 0x0, 0x84}, {@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x100004d5, 0x6c}, @in6=@dev={0xfe, 0x80, '\x00', 0x1f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, {0x8000, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0xffffffff}, 0x70bd2b, 0x0, 0x2, 0x0, 0x0, 0x2a}}, 0xec}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028000000", @ANYRES32, @ANYBLOB="00ff000000000000000000000000002300000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r1, &(0x7f0000000240), 0xfffffecc)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x3)

1.489629857s ago: executing program 3 (id=404):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x0, 0x40, 0x0, 0x3, 0x11, "7e12ddc5a89047bf00"})
r2 = syz_open_pts(r1, 0x0)
dup2(r2, r1)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f0000000000)="3a3f74000000000400", 0x10)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f0000000080)="aefa90823281cd24143b69c19cbebeef", 0x10)
fcntl$setstatus(r2, 0x4, 0x2000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4)
setsockopt$packet_fanout_data(r4, 0x107, 0x16, &(0x7f0000000080)={0x0, 0x0}, 0x10)
socket$packet(0x11, 0x3, 0x300)
r5 = socket$netlink(0x10, 0x3, 0x4)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x800, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x1)
ioctl$TCGETS(r6, 0x5401, &(0x7f00000001c0))
write(r5, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27)
write$UHID_INPUT(r0, &(0x7f0000000480)={0x8, {"488085fddf7e1378d3ad4adb6e165913c1f7ae15c9b4ed75d7413838ff0d9381cead5adbe8228d9ba29fe815a6f64afca949ca64011b9d8c93b4272d6428962fe017b1cb68796b7b800b25eb3013496be2e3e973309e6842f2df0e5309a233d16ced2bc26cd6f7db616268621fe160c1644afc707a535571e0a936469f5dd6d60c6962109cd8de336fc0938bcd412788f01c1d84e33d5eaa3e140944ddefde0366395044cf0f095786b3f1fd27c0eaf2d0df657acf52c9220297bc28779a85ac06d4f14c31cbfced5519b61ddf599c08c7f10e385e4a6637e44ce117631e6d561c5118ad8e21bba948e572e54c67516e0f2a504f05f23e00d9b04160dac7e52d6caacf617d94e200e9c97771d56fe7b2ad6b69247904463f36b11e74b41ea9e63e77ded5af1406fe0f01f2350e756fd41c94f9dee22f611720853d7f8fd755903f1c3e044bd704bd4255c570cc0c82cacec7b9b7720cd6d5b2cd96e583ff1ddb0ad39155daa2f29a4461298b44ea802bbac9b1f552cf0279f52ff200178468b94b293f7052817d89adb9130a3eaec5ceeeb386a31a7d9807f069ad07e3488e99a0b7f7f92fc2a63226175432a93ae4dc820e702d21bdec10a773c7b3de3f0ec4b5f8af60a159aaa4231ed4e79883acf5d2eed3a0fd3445d46d7fbbd47f2c610d96d6435293b103db15b8e7383e63e9d672410f5248183d4e608e7aee4d9dbfd040fb3fae39faec3cc0f5410d0d479bc1b7addd255ba502a52fa858eb6574530fd16c01e1138b19258e1c40b9a29a8672f418159f663bc8fe634e3a0d23dde1ced471cfb1decc1a9464667771b795229b1906651e9e5e4402c7e75182b1432acb4b54c499358585aa83fca804fbdd12dfd3b9e95b0ac718cadb879a2898d86c4ed914a59918df6ba519de4599f662811202158e418cef0d103ed4e77833d4dea6e59f7fef1c86f818121655dd1b2cb3717c892a289797049911356b5dd5dc0c50caadd0dd0318994d730fd6e6953e01730fb2682ab3f7ca8b4d596574456f59b95f34ff6f79db68b495010b8816a7b55229b35a2790f25c42ef1efcc5271c66500fc285de61516fc401518ba1ae388f90b0a5760e01031ceed37d1eb8a792f4a196a9fa0ff1579358bfe5c63744027d1a01e0a4602c79c2fe727034a4d810f0a2c30dc5a4c122e510e4d6348774754bf1f924c1d5a31dccf345a6c752389cc38e46e968e3b2815e2ecc3e5827f198f5d836b5783e9d7cc5bc5ba1715d23a4c35157b28e997010c627cbcebda89d08ac88e3d2f387c87af78b2a565dd5704bf3c12e4019d91890ad4f660345b384b59fad6d9f56f1fcf35babe5a9fbd8dd3908be450edf05ca8a3154fb3ac1af485508c61a7ba322ac06928e7d660fee6bfef74c9c4f22bbab318077446163a3230a3d486ce6d71aed12e2581e4208eed1a540560921ac89e9372482594351a5ff0cf9e95e80f0a69c4d621638c9056ae0bdfc44895f061767aba8400da865b73b5488c690694af744372c00d87bba4664a60f13f1453337113055d7b659a87208c1e663e4d35f0ebcfe70459f5ec5812434468cec38d3fbcf90598de986b3d49ad45e7b3b230fc389b5278ed6242abe9c44a8c74438968cc9b7a253d89c5b14f7a917b86a6d51f5d5380f2a7606dbe1867fd781fab284d153e20f5bf1a2c8156b93e60dc8945eb8385d937537b785f6f6af81ea0131398c77819ddea78eadf6b6f019db772e69e9cde3540ddc95625987b4a4e1dbbf15bc0217abac6cc3ff0650ed11fa612b90afaab842be4c2bd9967702b023e8ecd5f4a0e62af56f7320241a8516bcdf344a4421eed035b8c5a126820c5dc3962f5df4bf369bd6260eb09aa8e1310bf6f28aba0e3236f699721daa26950de7fa8fd8c3d2adebc101e304d0ed1af839c74b6cc42a6d7244f6b31ed08f6f12f62569b2c0602cc371962bff74b9b3c5f6326247d4ffec7f2d0a073e5a678e76f4243533001b1c0de6739c5c6ec0195fa9a8e898c2068bb614c40c403324e84cdbc530121217ba49f300aa8d5056d170d0a6bc8827ee20d55401b9f401b12e212cf630781139978b5fb38fdf768fec87b79f7a70d6083c3df98019ebd09b7941708e06c8d9fa930a1fdb993e0061343c87b4cf47dd36f9a3d603ca986f5144af403b7b04a93f5808a8c192df5e4c17af1ec23eddd1e7fc91109e6a4cfe5e23435bcabf3915ce5242cb6f7974e97c8ad3773e3a510afa52c4193c36fd1b99a02ece5b19ad35eb8fa97b57fd1641b463de79cdd2aac5d5b4060a040ad1d5752d70015b74d556fb4ef0cc8747591edc8858707616104f0ec342fb3a9b95df31b6f84e56387aae80a72d8dd670be7aaeef54065d6e2d7837481ce5622ee3c115d02d50efdb20aaf25b636d6d6c7e49f50a4b30ae243ecf1187ffe851c52bb1849c5e5c0979b758b747aebfdab58d8fd60f83dd4e7cba38b4ccf03506398eab901595dc2de27ab231abdddffc9d120abd8025b77ac47f39b6373a38a09bc045559578ccdf0402385177d499333d06d2cd3f604689d50dcd01b04ffbcb545385da389e4b6102ee77febb8a34a906f822601e61d2d3fc9e206caf3753f65422a5ff31dc3b3c4d09aa9a90f9ebc858ee2e4df6a730948e436586c665a3c64aab00aa757d252eec5b8bea5035a5b9f644cb84a991286edc2a394cef9fd40ad085aa99680aea363dc163c2ef40e0f289e0b79dc600f31ae510bbd74f963632ff25230a1ec866fed0db0d0af59c5b9f4a18659f5a218c3d0db80700719a61e59efbd5f996145139e565020090bf504eb7453775b8c6190ff51d4c04ce9384060f1dd34799fee04c0f951ae15cb589f80dc544c05421d60f51cbc78df7dceff213575bfebe2bb307d196ef0a5cf3c2608fbb969a574e6dce9132246447a84cab6dd4923281cf40bc19c29585a02bc0d2d491907e5b528a1cfc7b2fe88dc2520ea49903423cb7a0d23530daa7217e7f312d4ec67c02fc74ab8d91b8ead50bfe9508b0f7d70e88868ee1a5f38349054374ae463d1148e0ca238c0f9fe7b40f6fba87498697f3220612ea66feb18a29f1df04234ac3d69e0706d0deef321d09ee16de188a32f4c41635cf48ee35a42140fc08b42c2e0e289a3c73fd4b0e656a72b29b99093127a17aaa199610787787abb0f4613dd03332a9306b9b5e98e9c839ffce5e72c44b288593bee47253613dc0fc3e583ab9aac7e1a161dfc36bd038d533eb6829b22dc1a01f055c16f83c1b1abe049b5744508456658c6df44c13d6ab1a18d76a55740cdcfca4a1dd81b54d9c4e71cef9f4b55f1ebc7751766175d631f9607f22a613377f6d96afaddbc66cbeef20ae578468f33265516ee711e2591e1af272a35bf5cedc78aec6e330bf6f3f3b9cdb7d373754125c9caea6a4d344d098c7332175b09441cc11040e5b71e9b975b2aaaaa5f8c5f502b00ad3ade9de204602aa227c9f11da55107b79802c09d246050c6580d92559a47935cfb59b47e88aa8095ea1ac34578697ffe89c440a2369f6661db2c24f1056d553e200184b927b359efba5db1e69e7f2cf5e4dd9c9bbc3e085fc38c43f436aa47abcc1e9986fc0226262588110c5b27c6fe9b8072cd8204c500883d3b9feaed80d5d87929d01b9bad995ed58a1be3ccad600840c6424625f4f4c221c8e1cd11af1a5ac153954ac6b441692f296ac2d529233d317fecf3fbfa53f77c8ea47d1385e3ca4b8b55fd2467cac15af1bfa04fb41784305a4b9aed6880cfba9629d6dabd22b2bd90c1aad0f2e0dff0777112b1e313447cf9417a52a58b17cc73ab03d4841ec9b1dc3f75d0fb5ece65c99982b338bb2f42b68104d94c826247814bd68e7c9664e8b2a9fdaf7fde4730960b43a496cb818badfbc97d1e51aa7817657e49536e69cacb3c4abb27dfe10d5c962fabdd3056d290a2b969e7f61d17b57c8e099db6ab8f0fdda7412b393af60e3299478744e9071801c4c39b0c87d4f237ade73b955812f254e641844e985d40f3e4df51bf7a9c81f02d22ad8296fe94d4664f3c0d113974ba222dab68c4407e9d5359205a5fec059d4370e0d15fd040ced32baa7e8586d38680a4c2e4e5679c0d374636e9dc0fd9a06808671f08e8c19b0bed18540de8107855f410f8954e078755a8c7b0822c25e2534887c9593aa1e008e78244cfec5b347a847ecf61cb207dcb2170b663a54d98ffeea991a9d944e4a8302bf37231bf3558c6b2fcaf925becb663bb574341bc81bbc50e9f0108c5d8a7783caf25bcb3bc24368e8a4915785652877555d22f7d6cbcb12049180ee4c49502d41c0fb00e31f3835b53e622e85290ee5a641eb9215567fed4782484ba8ccb43d81d3ef3ca5d8a2e3389864c15946e3d5dad607447f35a5396c27e99e20a1b98393169d85e788e9c4f9367649b308094479bc0ad8d68f0dc655724e2d9f599557f567fe7fd11f87b37df7ce0530e40d7e0ab06c2b273716e2598bd6e816c18c2e3c038b199e58424a5d72759af13e121e21d263fa0f24577a32b4356919cc22c5d1929b15590a53861aaf68aaa9ed404d1e64c3c6b0fa19e0a5299bd46867aff993b87ce96fd493fa2b125ea23907f9598acc33cd7e90c2383d5af5d232d979766ac2743c93d947db811d38df20742fa1db7c6f2306ec008ca9d53faf1a7cc2372d42437f906ef6ff9db785ac575c97e4f568e57414a0881ffe1b8dee59240305e28ab5f4f2c990c959009b022a656386229c7a71b3fcbc381a1f3511751ef19653d8e7dd0de12f630c719413a84b385802f5e8e2680cc2afa7fbb1cd1193a1e5af32ad07b24ba1c05904d3325634d10aa685d97f9c1d58377cfa46f17f0f57c7d48ce0917a8b4f5bccdf60e52764b7a826e6ccab1b70821a74cc5cc2e15532d3ef346aaf9c31fe0e0776bb1e3f4f5f276bcf53f5ea9018609b18b47497dba8e73676d2fc2fba47472ffba25ba7ddca1e9754b516eff05a05eaba9e7752f8d97f99684e3a53ded2d2c1913a6e488c65f57f8d85d261c762c37015c756e0aeed54edda41236bae33ed83c688478bcd94ce9e67971c0f8e588f1a3a4cd3f7da5e571c1984d9c9a10bb7eaf8414cbabf5fb97a17a67d10ae1a7ab96a8df88da1e82e797e67b534f765a5dcac76bb769d9547f375cfbea8d9f434f48d60e05df8797919fef5cb01a04177ed092a37f71f7948279bc4c35e3239e943a1507cff0b7152dd95c27e573e0191cfe1bc9f3862e5329ddcd160c61fc5bb82b57d8086e1e74abfc36bb43404357c50eb150fcaea9aac90fa0c413ea9f8538055a45b77d5a7548f6a4f2414714495576a1de459a55ab298a2a2fa33459da0d205e4b91d340c0721226e546f323bb878605590b66516fa51fd635e5eaa580486f6fb543b6b5236871aa3dedcb44e7d73d9bf704420fc0bb9b1a0f21e848ed9161e9bf1ae3bc628861b5007f0a38884a178dc85dbf034e9234fe603698cda4811dfcb73253335ca7cee533957578a9b97f149ae6dbd43c4aae8a16da135830f7a1c5b913838d5c28936f45f2d9ed991ec7a3ab83df4dd6fe2ff720a6b8abf40927bf8835bfa25effb92eadea47ae1629193ee5707767b13771cb105f231be2af8380a85b9de42f682d22d17c926ccbe39ea3fa7a5d3c0f6b3dc7802b927a36cd04ade3e02bf8ce06a52585388fb8f49df4dda68e9eb426da9c0909d5b9cf4b16c2e3f78331c8683a1698033ea0b1ed4dd33edeecd89c4f14caf84d52336e500", 0x1000}}, 0x1006)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_GET_MSRS_cpu(r9, 0xc008ae88, &(0x7f0000000300)={0x1, 0x0, [{0x571, 0x0, 0x2ed2}]})
mq_timedreceive(r0, 0x0, 0x0, 0x3ff, &(0x7f0000000040))
openat$qrtrtun(0xffffff9c, &(0x7f0000000000), 0x22002)
clock_gettime(0x0, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0f000000042ddf84c4000000f0ffffff00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)

1.31924989s ago: executing program 2 (id=405):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000280)={0x30, 0x5, 0xf800, {0x0, 0x1, 0x3}}, 0x30)
read$FUSE(r0, &(0x7f0000004180)={0x2020, 0x0, <r1=>0x0}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_OPEN(r0, &(0x7f00000002c0)={0x20, 0x0, r1}, 0x20)

1.259412452s ago: executing program 3 (id=407):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x3b94, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000040)={0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001010000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r2}, 0x10) (async)
r3 = socket(0x22, 0x1, 0x8d)
setsockopt$MRT6_TABLE(r3, 0x29, 0xcf, &(0x7f0000000180)=0xfc, 0x4) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x16, 0x0, 0x100000, 0x7fff}, 0x48) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x18) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

1.019946739s ago: executing program 3 (id=408):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x3)
r1 = userfaultfd(0x80801)
r2 = getpid()
r3 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, r2)
prctl$PR_SET_PTRACER(0x59616d61, r3)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
fspick(0xffffffffffffffff, 0x0, 0x1)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r4, &(0x7f0000000040)='\x00', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000080)='cubic\x00', 0x6)
shutdown(r4, 0x1)
io_uring_enter(0xffffffffffffffff, 0x7f5f, 0x0, 0x0, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)

1.019406585s ago: executing program 2 (id=410):
r0 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x8983, &(0x7f0000000000)={0x1, 'vlan1\x00', {}, 0xc2c})
ppoll(&(0x7f0000000100)=[{0xffffffffffffffff, 0x2a0}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f00000016c0)={0x10, 0x0, 0x25dfdbfb, 0x40000044}, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWSETELEM={0x0, 0xc, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_SET_ELEM_LIST_TABLE={0x0, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x84}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r5 = epoll_create(0xf29)
epoll_pwait(r5, &(0x7f0000000140)=[{}], 0x1, 0x0, &(0x7f0000000180)={[0xcfd6, 0x6392]}, 0x8)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x40000)
read(r6, 0x0, 0x0)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000440)={0x53, 0xfffffffffffffffd, 0xde, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000480)="851c1fce5d50c0f263cf4c5e0df120dba9746c655955f78fda636e529f91c5bb201e0362c6f8b5f5a73bf14d7e6aef47de6fa1c208064222069697390d7c8eb1c86b4dcbd08e9a936bd1afbce7f7e66905a0fb6784e7187f52f25c1dedbbcd26c52385ac5ed5b3a39967786544a2423e714e13201868a3dbf7ed5b7ded2cdcdb47564c7198bf8e023cf41c791c41601196a020faad6a3273f24f09b534e4efebe8d28bd695df825e697affb568fe86e843699dd722e944fcfa58b312d5aa090d399e2a185c3ca8e40f640f957d08c20f75ab0000001fd7451cbf1a079c2c", 0x0, 0x10, 0x0, 0x4000000, 0x0})
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_OBJ_TYPE={0x0, 0xf, 0x1, 0x0, 0xa}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @queue={{0xa}, @void}}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_FLAGS={0x36, 0x3, 0x1, 0x0, 0x11c}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x1709}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000851}, 0x0)

889.64111ms ago: executing program 1 (id=411):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000)
r0 = socket$netlink(0x10, 0x3, 0x4)
write(r0, &(0x7f0000000040)="2700000014000707030e0000120f0a00116100000000000000b112ff000000008a15bd750800396e", 0x28)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r2 = socket(0x2, 0x805, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @empty}]}, &(0x7f00000007c0)=0x10)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f00000006c0)={0x0, 'bridge0\x00', {0x101}, 0x2})
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="1b0b04000300000008001b"], 0x28}, 0x1, 0x0, 0x0, 0x68010}, 0x0)
write$tun(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="020304000100090104006bd648c610112f01fe80000000000000000000000000002eff0200000000"], 0x1043)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000900006440000008001b00000000000500100004"], 0x30}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x70bd25, 0x25dfdbfc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xfff1}, {0xe, 0x10}}, [@TCA_RATE={0x6, 0x5, {0xfc}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r8, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

889.395071ms ago: executing program 3 (id=412):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000180)={[{@noswap}]})
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000190c0)='./file0\x00', 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2"], 0x0}, 0x94)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r3, &(0x7f00000000c0)=0x3, 0x12)
fstat(r2, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
mount$fuseblk(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x1000000, &(0x7f0000000540)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {'user_id', 0x3d, 0xee00}, 0x2c, {'group_id', 0x3d, r4}, 0x2c, {[{@default_permissions}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0xa}}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0x19b9ecb4}}, {@max_read={'max_read', 0x3d, 0x42f}}, {@max_read={'max_read', 0x3d, 0xb}}], [{@smackfsroot={'smackfsroot', 0x3d, 'ethtool\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}})
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000180)={[&(0x7f0000000300)=' wO\xd5\xce\x82\x89r\xa0\r\xc4Z\x15\xfds\x17g\n\xee\x9f\a0\xc3\x80\xbf\x80j$\xe6Z\xde\xf1pc\x96\x8f\xb5\x9d\xe3\x11m\x88~\xe3\xc7\xe3\t\xab\xbb@\xd9\xf8\xa2N\x03\xcf\xe4\xd6\x0ew\x10\xc2\xaa\x84bC\xc8\xd0\xe07\xa1\rIa\xb1^\xc5WG\xccV\xd3\x91\x84x\x9d\x8eg\x84\xeb\x9e;\x8f\xa1\xa3\xcf]@\x82\xcf\x01$;\xd5\xc0\xa8\xc8r\x0e_\xac\xef\xf5\r\xd5Q\v\b#E\xcf@a\xa2\xaa#\x13S\x04\x12$\xcb\xbeV!\x1d\xc7\x84_\\ \xc7oh$\xc9\x06m']})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r1, 0x28543634fae43ad, 0x0, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000054}, 0x0)

835.285415ms ago: executing program 0 (id=413):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0), 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a7000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a800000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x19}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_clone(0x102200, 0x0, 0xff28, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_int(r2, 0x29, 0x31, 0x0, &(0x7f00000000c0))
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r3, 0x29, 0xc8, 0x0, 0x0)
getsockopt$PNPIPE_ENCAP(r3, 0x113, 0x1, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'vlan0\x00'})
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181003f000000000100000010001f0e0027000f00000000800200121f", 0x2e}, {&(0x7f0000000040)="9c797a1d70924e2c80b0d77c6db880a54c00000057425842cc2c9eb7e49986f65aeb04dd0c958fb4ae30363713123a4dde01009b341195e270995b1300cf", 0x3e}], 0x2}, 0xc0805)

817.287496ms ago: executing program 3 (id=414):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x1f, 0x4, &(0x7f0000000b40)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="0000000300000000000000050000a3492b469660008ec7a1bd4c00000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback=0x33}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="1100f4ffffffffffffff0000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="580000000001010400000000141a0000020000002400018014b300018008000100e000e0bc44a153000108000200e00000010c000280ac21ad2936c01662759607000000000000180002800c000280050001000007000000000000000000000000074000000001c0fcf7067c75cb6fdcc0424ad148591916acddb7b1"], 0x58}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
socket$inet6(0xa, 0x2, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000780)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008050006d40ce2465c86160a49583d13a4a8d7c7a9da114989004438b42779b1fcdb17f644fca24138be4a5f255bf2715d607f38dd379dcd4a9edc766b52ce1438aef33ce752387c5668b857b31c2ca3e58847a366a191add84664e5ff86fd1976b6a50d5cab6af3840958ba64f6e2d8655b37e442c7082ba30176d29f95469bdcee0ab727cf1944097455d218ff684377f2a6581f0d25fa1811c57590702747"], 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="fcffffff040000000800000008d00c0ebf30351987e7ce1d264569a20952984328a81652932b3ca906a18028bbe41f85b3d4a37d0c516a05ebf53a7847368ea7d0d3386753d9819ba42005f8187b646d290f7eae6ea6ae274dcbebf5d91a7c49af72b48cb0083b6a580fdfdfc67a1fee4cdb8de102"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="360000000000000000000000000000008500000050000000181177d09e820000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRES16=r5, @ANYRESDEC=r5, @ANYBLOB="7e592e22a185b1685155a3e7c49f0d84432a951da40ed20a825f561261"], &(0x7f0000001b80)='GPL\x00', 0x4000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='sys_enter\x00', r7}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)

718.939261ms ago: executing program 0 (id=415):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000280)={0x30, 0x5, 0x0, {0x0, 0x1, 0x3}}, 0x30)
read$FUSE(r0, &(0x7f0000004180)={0x2020, 0x0, <r1=>0x0}, 0x2020)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x88, 0x1403, 0x200, 0x70bd26, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'tunl0\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ip6erspan0\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'ip6erspan0\x00'}}]}, 0x88}, 0x1, 0x0, 0x0, 0x400a000}, 0x4c040)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_OPEN(r0, &(0x7f00000002c0)={0x20, 0x0, r1}, 0x20)

649.120789ms ago: executing program 1 (id=416):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000000)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000500))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x6, 0x2, 0x7, 0x6, 0x5, 0x1, 0x0, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff)
r1 = openat(0xffffffffffffff9c, 0x0, 0x401c2, 0x0)
ftruncate(r1, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
socket$kcm(0x10, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = socket$kcm(0x29, 0x5, 0x0)
pipe(0x0)
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0xf3e, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x1e}, 0x94)
r4 = syz_open_dev$hiddev(&(0x7f0000000040), 0x7, 0x20000)
ioctl$HIDIOCGCOLLECTIONINDEX(r4, 0x40184810, &(0x7f0000000140)={0x2, 0x100, 0x1, 0x1, 0x3})

563.796682ms ago: executing program 0 (id=417):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0xffffffffffffffd7, &(0x7f0000000440)={&(0x7f00000007c0)=@newtfilter={0x1a4, 0x2c, 0xd27, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfff3, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x174, 0x2, [@TCA_CGROUP_EMATCHES={0x170, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x164, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x160, 0x1, 0x0, 0x0, {{0xe38, 0x9, 0x4}, [@TCA_EM_IPT_MATCH_DATA={0xa6, 0x5, "4aca1ce5879194d9cd655d05b8293978507226ad1f6370d98d0600000000000000ca6ee01d9be10a835e93851c2e3795ad788bd976e2c3211266af9c41d7f36c9fdc3d1314b7da82263eedd526312f3561bf1ae2bd4326404a031a60404c11a000393281010aa76bcc920feb4c2b74dda072d69cc783dd375ea1574092c9e604a2b9531feb0893605b2c2fecdfa8122b4b3af562d4126b6e70e244b85e43d28e82b2"}, @TCA_EM_IPT_MATCH_DATA={0x0, 0x5, "1b08c59ff7b015fe453bd207e4b4fc4e6ec9acf86115c85f33b4cc00a8cd10f7254cbe6a556f8b71aa2bfa4a9ea93ddec69cdcdf80c3703362991904c0df2d7748f270de525c66bc8639c7e879da647c81773288c6251381d83c2f032c703a0ee1feec92dca808cd7e8da0ca8319728a583873bcedcb69235d789599408784b8fc936fd6795bc325aea16a58f9910e613e9eb217560b435e8a619cd46c82a9032512e672cd8e3e87ea38027fbe39db19fa39d6694239ba138bd16402d52ed9419e72bcc35a316e2013d74e03577e2489763dcdb1842e8461d494ccac4ee3e137f4c1799e25f23dde87ad796132586a8f95e0f53b21cbc6ee"}, @TCA_EM_IPT_HOOK={0x0, 0x1, 0xd9a7798e10302764}, @TCA_EM_IPT_MATCH_DATA={0x95, 0x5, "c8261648bb97c31a1c1c4a234c3184c91c0fbf58d9b17b614bb2b8c538961480c665c70d6bd3b48e1081b479e1683550afdbe9bed666e1902521e5453a5b0caf150fb7369d7d072792bce000979d87fe20b17a97fff35c2b75c1988a6dbd4fed031df206c9419581cbfb29ad73154bf77c56cb0485627b706383a922abfb59a25893fbdc7f8daea85e2c433636a7ba35a1"}]}}]}]}]}}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x80}, 0x40010)

369.648495ms ago: executing program 0 (id=418):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="180000003d000701008046357442691ee9b2d1f4dc48c6841aba000008000000027c000004000880"], 0x18}, 0x1, 0x0, 0x0, 0x4091}, 0xc000) (async)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='mm_page_alloc\x00', r1}, 0x10) (async)
syz_open_dev$tty20(0xc, 0x4, 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r2, &(0x7f0000000100)={0x1d, 0x0, 0x3}, 0x18) (async)
ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000100)=0x100) (async)
socket$kcm(0x29, 0x5, 0x0) (async)
r3 = openat$bsg(0xffffff9c, &(0x7f00000000c0)='/dev/bsg/0:0:0:0\x00', 0x2, 0x0) (async)
r4 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x1000000000003, 0x3, 0x8000000000007, 0xaa, 0x3, 0x1, {0x0, 0x180, 0x20fe, 0x5, 0x87, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000009a40)=ANY=[@ANYBLOB="2800000002030104000000000000005b65b400090900020000000001300000000800010001"], 0x28}, 0x1, 0x0, 0x0, 0x8040}, 0x4004000) (async)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)=ANY=[@ANYBLOB], 0x88}}, 0x0) (async)
close(r5) (async)
sendfile(r4, r4, &(0x7f0000000080), 0x7f03) (async)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r4, 0x6, 0x15, &(0x7f00000001c0)=0x8, 0x4) (async)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x1b) (async)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000340)=0xf) (async)
ioctl$SG_BLKTRACETEARDOWN(r3, 0x1276, 0x0)

319.581492ms ago: executing program 0 (id=419):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=@newsa={0xec, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in=@broadcast, 0x0, 0xfffd, 0x0, 0x20, 0x0, 0x0, 0x0, 0x84}, {@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x100004d5, 0x6c}, @in6=@dev={0xfe, 0x80, '\x00', 0x1f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, {0x8000, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0xffffffff}, 0x70bd2b, 0x0, 0x2, 0x0, 0x0, 0x2a}}, 0xec}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028000000", @ANYRES32, @ANYBLOB="00ff000000000000000000000000002300000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r1, &(0x7f0000000240), 0xfffffecc)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x3)

66.402254ms ago: executing program 2 (id=420):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x6, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x121682, 0x0)
read$nci(r1, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCFLSH(r2, 0x80045438, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, &(0x7f0000000080)={'c6xdigio\x00', [0x3c4, 0x10, 0x2, 0xa, 0x14000000, 0x0, 0xfffffffc, 0x2, 0xffd, 0x7ffe, 0x3, 0x723, 0x400, 0x2, 0x13, 0x100, 0xffffffa7, 0x9, 0x34d, 0x1, 0x3ff, 0x9, 0x200, 0xe2df, 0xaa14, 0x1, 0x4, 0x0, 0x7, 0xf58, 0x6]})
ioctl$COMEDI_INSN(r4, 0x8028640c, 0x0)
setsockopt$packet_int(r3, 0x107, 0x7, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, 0x0, 0x0)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)
ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f0000000340)={0x4, {0x965, 0x1, 0x3, 0x9, 0x0, 0x4}})
write$nci(0xffffffffffffffff, &(0x7f0000001740)=ANY=[@ANYBLOB="500105010c000000030300040905030072bad45e265e96dc1ce36dac131b1126baa0c7c8a90c3a824b51746b3992a9ef887b6a3f4ae94bac3b6ad3a4472906319cbee76bb972143bf81dbf25e67a468298c2cd66ee042b623d38191a80eac4a0c3669195482e070fa2157afc927a66cf21fac07d1e662e320e134bd9cde6bc84789344"], 0x83)
keyctl$read(0x2, 0x0, &(0x7f00000000c0)=""/4096, 0x1000)
move_pages(0x0, 0x0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f00000010c0)=[0x0], 0x0)
execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000001900), &(0x7f0000000a80)={[&(0x7f00000011c0)='.^*%$\'-\\:\x00\xfb\x12#\x19\t\x99n\x1e\xef,NA\xf3)\xc8\xcd\x9bM\x83\x9d\v\x80\xcbU\xdcV\xe4\xff\xa8\xf19\xf0\x10|A\xef\x06\xe0\xee\xa6\x9fd\xeb\x88\xbb\x8d\x1cJ\xe9\xf2\xb5\n\xd8\x86\xdd\xcc\xee\xd9\xd4.\x12\x0e\x03\'a\xb2H\xf0\x06\xd7\xa2Obry\x05\xa44\x85\xefB\xcf\xcbhL%5\xe6C\xb5\x8c|\x1ax*K\x93\xca\\\xdfCSs\x10\x91G\x8b&\xc3P\xe5H\x91\xbc\xea\xbc[\xcb\xdb\xfd8{\xa4\xa1\x1c\xf8\xa4wWT\xa7#\xc5\v\x94~\x88]g\\x\x8b\x89\xf2\xca\xfc\xbf\xc3C\xb2\xeb\xf5\x88\x83\xaa`%\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00]fx\r\x9fRd\x13\xf4\xba;\xf2\xb6\x81\xcf\xcd\xff\x1bO\xca\xfdA\xd0\'t=\x02\xc6\xa2R\xac\xd2\xb2\x9f\xa8R\xe7@\xf7\xf6\x8a<$s\x90d\x826[A\xcdtU\xb0\xa6']})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000180)={0xfb, 0x8, 0x0, "062383a78614d321eb086bebba55db0dfca05613826fffd4ee640ffed6cd68cb", 0x32314d54})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)

63.986162ms ago: executing program 0 (id=428):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=@newsa={0xec, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in=@broadcast, 0x0, 0xfffd, 0x0, 0x20, 0x0, 0x0, 0x0, 0x84}, {@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x100004d5, 0x6c}, @in6=@dev={0xfe, 0x80, '\x00', 0x1f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, {0x8000, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0xffffffff}, 0x70bd2b, 0x0, 0x2, 0x0, 0x0, 0x2a}}, 0xec}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028000000", @ANYRES32, @ANYBLOB="00ff000000000000000000000000002300000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r1, &(0x7f0000000240), 0xfffffecc)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x3)

0s ago: executing program 3 (id=421):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64"], 0x4c}}, 0x20000000)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x30, r2, 0xb97534d5fe9704cf, 0x1000, 0xfffffffc, {{0x12}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "8bbf"}]}, 0x30}}, 0x4000000)
sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:33268' (ED25519) to the list of known hosts.
[   41.814124][ T5930] cgroup: Unknown subsys name 'net'
[   41.975548][ T5930] cgroup: Unknown subsys name 'cpuset'
[   41.980215][ T5930] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   42.886432][ T5930] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   46.657146][ T5975] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   46.662227][ T5975] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   46.665714][ T5975] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   46.669146][ T5975] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   46.671760][ T5975] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.678817][ T5977] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   46.682195][ T5977] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   46.685231][ T5977] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   46.690546][ T5984] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   46.692808][ T5977] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   46.693813][ T5977] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   46.695594][ T5984] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   46.696253][ T5335] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   46.697279][ T5335] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   46.697693][ T5977] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   46.700477][ T5984] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   46.710542][ T5984] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   46.712410][   T63] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   46.720776][ T5984] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   46.724417][ T5984] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   46.958471][ T5976] chnl_net:caif_netlink_parms(): no params data found
[   46.991330][ T5971] chnl_net:caif_netlink_parms(): no params data found
[   47.055798][ T5982] chnl_net:caif_netlink_parms(): no params data found
[   47.195763][ T5980] chnl_net:caif_netlink_parms(): no params data found
[   47.207329][ T5976] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.210081][ T5976] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.212646][ T5976] bridge_slave_0: entered allmulticast mode
[   47.215325][ T5976] bridge_slave_0: entered promiscuous mode
[   47.219056][ T5976] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.221322][ T5976] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.224113][ T5976] bridge_slave_1: entered allmulticast mode
[   47.226673][ T5976] bridge_slave_1: entered promiscuous mode
[   47.246425][ T5971] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.248986][ T5971] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.251228][ T5971] bridge_slave_0: entered allmulticast mode
[   47.255420][ T5971] bridge_slave_0: entered promiscuous mode
[   47.258938][ T5971] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.261223][ T5971] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.263679][ T5971] bridge_slave_1: entered allmulticast mode
[   47.266248][ T5971] bridge_slave_1: entered promiscuous mode
[   47.305627][ T5976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.310344][ T5976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.421586][ T5971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.427759][ T5971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.430653][ T5982] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.433131][ T5982] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.436108][ T5982] bridge_slave_0: entered allmulticast mode
[   47.439553][ T5982] bridge_slave_0: entered promiscuous mode
[   47.481665][ T5982] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.485405][ T5982] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.488421][ T5982] bridge_slave_1: entered allmulticast mode
[   47.492225][ T5982] bridge_slave_1: entered promiscuous mode
[   47.501939][ T5976] team0: Port device team_slave_0 added
[   47.577863][ T5976] team0: Port device team_slave_1 added
[   47.581033][ T5971] team0: Port device team_slave_0 added
[   47.584652][ T5971] team0: Port device team_slave_1 added
[   47.587988][ T5982] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.590928][ T5980] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.594202][ T5980] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.596517][ T5980] bridge_slave_0: entered allmulticast mode
[   47.599192][ T5980] bridge_slave_0: entered promiscuous mode
[   47.664261][ T5982] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.667283][ T5980] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.669713][ T5980] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.672182][ T5980] bridge_slave_1: entered allmulticast mode
[   47.675704][ T5980] bridge_slave_1: entered promiscuous mode
[   47.679714][ T5976] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.682432][ T5976] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.693524][ T5976] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.699307][ T5971] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.701495][ T5971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.712466][ T5971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.742834][ T5976] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.745277][ T5976] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.753369][ T5976] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.757485][ T5971] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.760377][ T5971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.771598][ T5971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.814453][ T5982] team0: Port device team_slave_0 added
[   47.817870][ T5980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.822579][ T5980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.828121][ T5982] team0: Port device team_slave_1 added
[   47.883613][ T5980] team0: Port device team_slave_0 added
[   47.899619][ T5982] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.901809][ T5982] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.909770][ T5982] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.940802][ T5980] team0: Port device team_slave_1 added
[   47.943585][ T5982] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.945778][ T5982] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.953746][ T5982] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   48.023448][ T5976] hsr_slave_0: entered promiscuous mode
[   48.026114][ T5976] hsr_slave_1: entered promiscuous mode
[   48.032765][ T5971] hsr_slave_0: entered promiscuous mode
[   48.035764][ T5971] hsr_slave_1: entered promiscuous mode
[   48.038481][ T5971] debugfs: 'hsr0' already exists in 'hsr'
[   48.040851][ T5971] Cannot create hsr debugfs directory
[   48.063187][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_0
[   48.066107][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.076744][ T5980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   48.081304][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_1
[   48.085815][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.094135][ T5980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   48.209642][ T5982] hsr_slave_0: entered promiscuous mode
[   48.211848][ T5982] hsr_slave_1: entered promiscuous mode
[   48.214077][ T5982] debugfs: 'hsr0' already exists in 'hsr'
[   48.215867][ T5982] Cannot create hsr debugfs directory
[   48.258190][ T5980] hsr_slave_0: entered promiscuous mode
[   48.261034][ T5980] hsr_slave_1: entered promiscuous mode
[   48.263727][ T5980] debugfs: 'hsr0' already exists in 'hsr'
[   48.265528][ T5980] Cannot create hsr debugfs directory
[   48.569999][ T5971] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   48.577093][ T5971] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   48.581606][ T5971] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   48.592069][ T5971] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   48.616817][ T5976] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   48.624698][ T5976] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   48.629729][ T5976] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   48.636041][ T5976] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   48.672068][ T5980] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   48.678372][ T5980] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   48.684043][ T5980] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   48.689965][ T5980] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   48.713834][ T5984] Bluetooth: hci1: command tx timeout
[   48.713836][ T5975] Bluetooth: hci0: command tx timeout
[   48.758860][ T5982] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   48.774238][ T5982] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   48.781542][ T5982] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   48.787102][ T5982] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   48.793992][ T5975] Bluetooth: hci3: command tx timeout
[   48.795689][ T5984] Bluetooth: hci2: command tx timeout
[   48.825201][ T5971] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.841196][ T5980] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.853972][ T5976] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.880555][ T5971] 8021q: adding VLAN 0 to HW filter on device team0
[   48.888274][ T5980] 8021q: adding VLAN 0 to HW filter on device team0
[   48.894807][ T5976] 8021q: adding VLAN 0 to HW filter on device team0
[   48.899436][   T98] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.902393][   T98] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.920715][   T98] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.923545][   T98] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.928623][   T98] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.931465][   T98] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.938545][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.941292][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.953941][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.956826][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.969920][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.972433][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.000306][ T5982] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.023922][ T5980] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   49.043166][ T5982] 8021q: adding VLAN 0 to HW filter on device team0
[   49.050831][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.053410][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.067952][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.070654][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.129553][ T5980] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.156078][ T5980] veth0_vlan: entered promiscuous mode
[   49.169320][ T5980] veth1_vlan: entered promiscuous mode
[   49.185368][ T5976] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.191337][ T5971] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.209904][ T5980] veth0_macvtap: entered promiscuous mode
[   49.217581][ T5980] veth1_macvtap: entered promiscuous mode
[   49.233251][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.241201][ T5976] veth0_vlan: entered promiscuous mode
[   49.251460][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.261653][ T1188] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.268193][ T5971] veth0_vlan: entered promiscuous mode
[   49.273345][ T5976] veth1_vlan: entered promiscuous mode
[   49.275805][ T1188] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.278580][ T1188] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.282622][ T5982] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.289969][ T1188] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.295044][ T5971] veth1_vlan: entered promiscuous mode
[   49.326648][ T5976] veth0_macvtap: entered promiscuous mode
[   49.338012][ T5976] veth1_macvtap: entered promiscuous mode
[   49.352018][ T1252] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.355534][ T1252] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.357675][ T5976] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.371397][ T5982] veth0_vlan: entered promiscuous mode
[   49.376545][ T5971] veth0_macvtap: entered promiscuous mode
[   49.382204][ T5971] veth1_macvtap: entered promiscuous mode
[   49.382324][   T98] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.387016][   T98] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.393140][ T5976] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.399438][ T5971] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.405108][ T1188] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.407884][ T1188] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.411950][ T5982] veth1_vlan: entered promiscuous mode
[   49.415281][ T1188] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.418041][ T1188] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.422010][ T5971] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.430783][ T1188] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.431445][ T5980] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   49.443485][ T1188] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.446379][ T1188] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.454172][ T1188] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.493736][ T5982] veth0_macvtap: entered promiscuous mode
[   49.497984][   T98] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.500429][   T98] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.512695][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.530084][ T5982] veth1_macvtap: entered promiscuous mode
[   49.540142][   T98] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.543324][   T98] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.557909][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.560510][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.619991][ T5982] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.624766][ T5982] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.627788][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.630821][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.632130][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.632986][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.633271][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.639250][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.646590][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.653746][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.701122][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   50.053746][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.072889][ T1188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.124581][ T1188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.263215][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.274401][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.697544][ T6080] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.702207][ T6080] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7'.
[   50.705760][ T6080] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7'.
[   50.711203][ T6080] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[   50.754906][ T6080] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7'.
[   50.793492][ T5984] Bluetooth: hci0: command tx timeout
[   50.793884][ T5975] Bluetooth: hci1: command tx timeout
[   50.875054][ T5975] Bluetooth: hci2: command tx timeout
[   50.883371][ T5975] Bluetooth: hci3: command tx timeout
[   51.001529][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.004679][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.030909][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.044045][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.081514][ T6084] capability: warning: `syz.1.8' uses 32-bit capabilities (legacy support in use)
[   52.025193][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   52.872769][ T5975] Bluetooth: hci1: command tx timeout
[   52.882839][ T5975] Bluetooth: hci0: command tx timeout
[   52.904553][ T6117] syzkaller0: create flow: hash 2491736275 index 1
[   52.952690][ T5975] Bluetooth: hci2: command tx timeout
[   52.955016][ T5975] Bluetooth: hci3: command tx timeout
[   53.092803][ T6122] syzkaller0: delete flow: hash 2491736275 index 1
[   53.273925][ T6127] Zero length message leads to an empty skb
[   53.798446][ T6131] netlink: 'syz.0.15': attribute type 4 has an invalid length.
[   53.854054][ T6136] netlink: 'syz.0.15': attribute type 4 has an invalid length.
[   54.309607][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[   54.482601][  T839] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[   54.544770][ T6149] netlink: 32 bytes leftover after parsing attributes in process `syz.3.21'.
[   54.547664][ T6149] netlink: 32 bytes leftover after parsing attributes in process `syz.3.21'.
[   54.638550][ T6150] bridge_slave_0: left allmulticast mode
[   54.675130][ T6150] bridge_slave_0: left promiscuous mode
[   54.749995][ T6150] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.806745][  T839] usb 7-1: unable to get BOS descriptor or descriptor too short
[   54.822388][  T839] usb 7-1: unable to read config index 0 descriptor/start: -71
[   54.825400][  T839] usb 7-1: can't read configurations, error -71
[   54.862345][ T6150] bridge_slave_1: left allmulticast mode
[   54.876143][ T6150] bridge_slave_1: left promiscuous mode
[   54.890545][ T6150] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.955590][ T6154] netlink: 'syz.3.21': attribute type 10 has an invalid length.
[   54.962836][ T5975] Bluetooth: hci0: command tx timeout
[   54.963483][   T63] Bluetooth: hci1: command tx timeout
[   54.991664][ T6150] bond0: (slave bond_slave_0): Releasing backup interface
[   55.000105][ T6150] bond0: (slave bond_slave_1): Releasing backup interface
[   55.014800][ T6150] team0: Port device team_slave_0 removed
[   55.024272][ T6150] team0: Port device team_slave_1 removed
[   55.027078][ T6150] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.029602][ T6150] batman_adv: batadv0: Removing interface: batadv_slave_0
[   55.035382][ T6150] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   55.037879][ T6150] batman_adv: batadv0: Removing interface: batadv_slave_1
[   55.042735][   T63] Bluetooth: hci3: command tx timeout
[   55.042961][ T5975] Bluetooth: hci2: command tx timeout
[   55.064224][ T6154] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.066943][ T6154] team0: Port device bond0 added
[   56.322659][ T5984] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   56.323492][ T5975] Bluetooth: hci4: command 0x1003 tx timeout
[   56.333005][ T6172] binder: 6171:6172 ioctl 4018620d 0 returned -22
[   56.766187][   T98] syzkaller0: tun_net_xmit 76
[   56.768050][   T98] syzkaller0: tun_net_xmit 48
[   56.790365][ T6178] syzkaller0: create flow: hash 2491736275 index 1
[   56.802843][  T839] syzkaller0: tun_net_xmit 76
[   56.804779][  T839] syzkaller0: tun_net_xmit 76
[   56.894741][ T6179] syzkaller0: delete flow: hash 2491736275 index 1
[   56.904659][ T6181] netlink: 28 bytes leftover after parsing attributes in process `syz.1.29'.
[   56.907633][ T6181] netlink: 8 bytes leftover after parsing attributes in process `syz.1.29'.
[   57.084883][ T6185] binder: 6184:6185 ioctl 4018620d 0 returned -22
[   58.037798][ T6182] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[   58.041636][ T6183] netlink: 40 bytes leftover after parsing attributes in process `syz.1.29'.
[   58.076902][   T40] audit: type=1326 audit(1755110086.826:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   58.094788][   T40] audit: type=1326 audit(1755110086.826:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   58.108245][   T40] audit: type=1326 audit(1755110086.826:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   58.116747][   T40] audit: type=1326 audit(1755110086.826:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   58.124155][   T40] audit: type=1326 audit(1755110086.826:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   58.132670][   T40] audit: type=1326 audit(1755110086.826:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   58.141021][   T40] audit: type=1326 audit(1755110086.826:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   58.150904][   T40] audit: type=1326 audit(1755110086.826:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   58.159213][   T40] audit: type=1326 audit(1755110086.826:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   58.166987][   T40] audit: type=1326 audit(1755110086.826:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6197 comm="syz.1.32" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   60.135204][ T6234] netlink: 28 bytes leftover after parsing attributes in process `syz.1.41'.
[   60.138110][ T6234] netlink: 8 bytes leftover after parsing attributes in process `syz.1.41'.
[   60.142439][ T6234] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[   60.255538][ T6238] mac80211_hwsim hwsim7 
: renamed from wlan1 (while UP)
[   61.966594][ T6258] netlink: 32 bytes leftover after parsing attributes in process `syz.1.48'.
[   61.969571][ T6258] netlink: 32 bytes leftover after parsing attributes in process `syz.1.48'.
[   62.036105][ T6259] bridge_slave_0: left allmulticast mode
[   62.037824][ T6259] bridge_slave_0: left promiscuous mode
[   62.040146][ T6259] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.053945][ T6259] bridge_slave_1: left allmulticast mode
[   62.056486][ T6259] bridge_slave_1: left promiscuous mode
[   62.058675][ T6259] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.071201][ T6259] bond0: (slave bond_slave_0): Releasing backup interface
[   62.081773][ T6262] binder: 6260:6262 ioctl 4018620d 0 returned -22
[   62.100434][ T6259] bond0: (slave bond_slave_1): Releasing backup interface
[   62.178210][ T6259] team0: Port device team_slave_0 removed
[   62.187808][ T6259] team0: Port device team_slave_1 removed
[   62.190947][ T6259] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   62.198068][ T6259] batman_adv: batadv0: Removing interface: batadv_slave_0
[   62.203910][ T6259] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   62.207086][ T6259] batman_adv: batadv0: Removing interface: batadv_slave_1
[   63.007288][ T6259] netlink: 'syz.1.48': attribute type 10 has an invalid length.
[   63.060094][ T6259] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.094462][ T6259] team0: Port device bond0 added
[   63.157843][   T40] kauditd_printk_skb: 15 callbacks suppressed
[   63.157876][   T40] audit: type=1326 audit(1755110091.906:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   63.175451][   T40] audit: type=1326 audit(1755110091.916:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   63.212169][   T40] audit: type=1326 audit(1755110091.956:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf70de579 code=0x7ffc0000
[   63.227751][   T40] audit: type=1326 audit(1755110091.966:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   63.236384][   T40] audit: type=1326 audit(1755110091.996:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   63.266002][   T40] audit: type=1326 audit(1755110091.996:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf70de579 code=0x7ffc0000
[   63.272855][   T40] audit: type=1326 audit(1755110092.016:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   63.279448][   T40] audit: type=1326 audit(1755110092.016:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   63.286073][   T40] audit: type=1326 audit(1755110092.016:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70de579 code=0x7ffc0000
[   63.296132][   T40] audit: type=1326 audit(1755110092.016:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.0.54" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   64.361326][ T6301] tipc: Started in network mode
[   64.364520][ T6301] tipc: Node identity 7eda9331e02b, cluster identity 4711
[   64.367118][ T6301] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   64.369966][ T6301] syzkaller0: entered promiscuous mode
[   64.371787][ T6301] syzkaller0: entered allmulticast mode
[   64.376859][ T6301] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[   64.384050][ T6301] syzkaller0: MTU too low for tipc bearer
[   64.385986][ T6301] tipc: Disabling bearer <eth:syzkaller0>
[   64.482373][ T6304] FAULT_INJECTION: forcing a failure.
[   64.482373][ T6304] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   64.492672][ T6304] CPU: 3 UID: 0 PID: 6304 Comm: syz.0.63 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[   64.492689][ T6304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   64.492695][ T6304] Call Trace:
[   64.492699][ T6304]  <TASK>
[   64.492704][ T6304]  dump_stack_lvl+0x16c/0x1f0
[   64.492722][ T6304]  should_fail_ex+0x512/0x640
[   64.492740][ T6304]  _copy_from_iter+0x29f/0x16f0
[   64.492758][ T6304]  ? __alloc_skb+0x200/0x380
[   64.492772][ T6304]  ? __pfx__copy_from_iter+0x10/0x10
[   64.492790][ T6304]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   64.492822][ T6304]  netlink_sendmsg+0x829/0xdd0
[   64.492839][ T6304]  ? __pfx_netlink_sendmsg+0x10/0x10
[   64.492855][ T6304]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[   64.492869][ T6304]  sock_write_iter+0x4ff/0x5b0
[   64.492887][ T6304]  ? __pfx_sock_write_iter+0x10/0x10
[   64.492909][ T6304]  ? __lock_acquire+0x62e/0x1ce0
[   64.492925][ T6304]  do_iter_readv_writev+0x662/0x9e0
[   64.492939][ T6304]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   64.492952][ T6304]  ? bpf_lsm_file_permission+0x9/0x10
[   64.492968][ T6304]  ? security_file_permission+0x71/0x210
[   64.492984][ T6304]  ? rw_verify_area+0xcf/0x6c0
[   64.492995][ T6304]  vfs_writev+0x35f/0xde0
[   64.493010][ T6304]  ? __pfx_vfs_writev+0x10/0x10
[   64.493031][ T6304]  ? __fget_files+0x20e/0x3c0
[   64.493042][ T6304]  ? __fget_files+0x200/0x3c0
[   64.493056][ T6304]  ? do_writev+0x28c/0x340
[   64.493066][ T6304]  do_writev+0x28c/0x340
[   64.493077][ T6304]  ? __pfx_do_writev+0x10/0x10
[   64.493090][ T6304]  ? rcu_is_watching+0x12/0xc0
[   64.493103][ T6304]  __do_fast_syscall_32+0x7c/0x3a0
[   64.493119][ T6304]  do_fast_syscall_32+0x32/0x80
[   64.493133][ T6304]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   64.493148][ T6304] RIP: 0023:0xf70de579
[   64.493156][ T6304] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   64.493167][ T6304] RSP: 002b:00000000f54ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[   64.493177][ T6304] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000280
[   64.493184][ T6304] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[   64.493190][ T6304] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   64.493196][ T6304] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   64.493202][ T6304] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   64.493214][ T6304]  </TASK>
[   64.833476][ T6309] netlink: 'syz.0.64': attribute type 4 has an invalid length.
[   64.842964][ T6311] netlink: 'syz.3.65': attribute type 2 has an invalid length.
[   64.846362][ T6311] netlink: 532 bytes leftover after parsing attributes in process `syz.3.65'.
[   64.902405][ T6312] bridge0: entered promiscuous mode
[   64.905421][ T6312] bridge0: left promiscuous mode
[   65.141773][ T6316] ubi31: attaching mtd0
[   65.146581][ T6316] ubi31: scanning is finished
[   65.148102][ T6316] ubi31: empty MTD device detected
[   65.230839][ T6316] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[   65.230862][ T6316] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   65.230872][ T6316] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[   65.230881][ T6316] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[   65.230891][ T6316] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   65.230899][ T6316] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[   65.230909][ T6316] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2225403391
[   65.230919][ T6316] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   65.231239][ T6322] ubi31: background thread "ubi_bgt31d" started, PID 6322
[   65.572360][ T6324] binder: 6323:6324 ioctl c0306201 0 returned -14
[   65.607162][ T6176] IPVS: starting estimator thread 0...
[   65.692708][ T6327] IPVS: using max 44 ests per chain, 105600 per kthread
[   65.992103][ T6331] tipc: Started in network mode
[   65.992120][ T6331] tipc: Node identity e6a90779cb85, cluster identity 4711
[   65.992187][ T6331] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   65.993822][ T6331] syzkaller0: entered promiscuous mode
[   65.993834][ T6331] syzkaller0: entered allmulticast mode
[   65.997771][ T6331] syzkaller0: MTU too low for tipc bearer
[   66.008427][ T6331] tipc: Disabling bearer <eth:syzkaller0>
[   66.037551][ T6333] netlink: 'syz.3.72': attribute type 10 has an invalid length.
[   66.346824][ T6344] netlink: 'syz.1.76': attribute type 2 has an invalid length.
[   66.350231][ T6344] netlink: 532 bytes leftover after parsing attributes in process `syz.1.76'.
[   66.406129][ T6346] bridge0: entered promiscuous mode
[   66.461435][ T6348] netlink: 'syz.2.69': attribute type 23 has an invalid length.
[   66.607798][ T6346] bridge0: left promiscuous mode
[   66.631209][ T6343] bridge_slave_0: left allmulticast mode
[   66.633635][ T6343] bridge_slave_0: left promiscuous mode
[   66.635646][ T6343] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.641069][ T6343] bridge_slave_1: left allmulticast mode
[   66.646064][ T6343] bridge_slave_1: left promiscuous mode
[   66.650935][ T6343] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.659768][ T6343] bond0: (slave bond_slave_0): Releasing backup interface
[   66.669204][ T6343] bond0: (slave bond_slave_1): Releasing backup interface
[   66.678826][ T6343] team0: Port device team_slave_0 removed
[   66.686738][ T6343] team0: Port device team_slave_1 removed
[   66.688838][ T6343] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.691422][ T6343] batman_adv: batadv0: Removing interface: batadv_slave_0
[   66.694466][ T6343] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   66.697063][ T6343] batman_adv: batadv0: Removing interface: batadv_slave_1
[   66.847330][ T6176] kernel read not supported for file /rfkill (pid: 6176 comm: kworker/3:3)
[   66.853085][  T218] Bluetooth: hci4: Frame reassembly failed (-84)
[   66.864418][ T6351] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   66.940798][ T6355] netlink: 8 bytes leftover after parsing attributes in process `syz.1.78'.
[   67.765590][ T6372] binder: 6371:6372 ioctl c0306201 0 returned -14
[   68.303524][ T6385] netlink: 16 bytes leftover after parsing attributes in process `syz.1.85'.
[   68.873068][ T5984] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   69.368877][ T6395] Bluetooth: MGMT ver 1.23
[   69.897376][ T6403] tipc: Started in network mode
[   69.899113][ T6403] tipc: Node identity e213796c5e1b, cluster identity 4711
[   69.902735][ T6403] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   69.905518][ T6403] syzkaller0: entered promiscuous mode
[   69.907283][ T6403] syzkaller0: entered allmulticast mode
[   69.914344][ T6403] syzkaller0: MTU too low for tipc bearer
[   69.916896][ T6403] tipc: Disabling bearer <eth:syzkaller0>
[   70.043976][ T6409] tipc: Enabling of bearer <ió:b> rejected, media not registered
[   70.154639][ T6415] binder: 6414:6415 ioctl c0306201 0 returned -14
[   70.188057][ T6419] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   70.190802][ T6419] syzkaller0: entered promiscuous mode
[   70.192620][ T6419] syzkaller0: entered allmulticast mode
[   70.199913][ T6419] syzkaller0: MTU too low for tipc bearer
[   70.201749][ T6419] tipc: Disabling bearer <eth:syzkaller0>
[   70.296349][ T6427] tmpfs: Cannot disable swap on remount
[   70.301746][ T6427] fuseblk: Bad value for 'user_id'
[   70.303685][ T6427] fuseblk: Bad value for 'user_id'
[   70.675685][ T6436] team0: No ports can be present during mode change
[   70.885730][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[   70.888515][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[   71.142410][ T6448] netlink: 'syz.1.106': attribute type 1 has an invalid length.
[   71.155579][ T6448] 8021q: adding VLAN 0 to HW filter on device bond1
[   71.197557][ T6451] trusted_key: syz.1.107 sent an empty control message without MSG_MORE.
[   71.235403][ T6455] tipc: Started in network mode
[   71.237616][ T6455] tipc: Node identity 5e20ea710275, cluster identity 4711
[   71.240685][ T6455] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   71.244414][ T6455] syzkaller0: entered promiscuous mode
[   71.246751][ T6455] syzkaller0: entered allmulticast mode
[   71.252057][ T6455] syzkaller0: MTU too low for tipc bearer
[   71.254226][ T6455] tipc: Disabling bearer <eth:syzkaller0>
[   71.289301][ T6461] process 'syz.1.110' launched './file1' with NULL argv: empty string added
[   71.302242][ T6461] netlink: 'syz.1.110': attribute type 1 has an invalid length.
[   71.354891][ T6461] 8021q: adding VLAN 0 to HW filter on device bond2
[   71.464778][ T6476] netlink: 20 bytes leftover after parsing attributes in process `syz.1.115'.
[   71.518328][ T6479] netlink: 20 bytes leftover after parsing attributes in process `syz.1.115'.
[   72.817161][ T6520] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   72.819694][ T6520] syzkaller0: entered promiscuous mode
[   72.821493][ T6520] syzkaller0: entered allmulticast mode
[   72.828756][ T6520] syzkaller0: MTU too low for tipc bearer
[   72.831183][ T6520] tipc: Disabling bearer <eth:syzkaller0>
[   72.905924][ T6525] FAULT_INJECTION: forcing a failure.
[   72.905924][ T6525] name failslab, interval 1, probability 0, space 0, times 1
[   72.910036][ T6525] CPU: 2 UID: 0 PID: 6525 Comm: syz.0.123 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[   72.910053][ T6525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.910059][ T6525] Call Trace:
[   72.910063][ T6525]  <TASK>
[   72.910068][ T6525]  dump_stack_lvl+0x16c/0x1f0
[   72.910086][ T6525]  should_fail_ex+0x512/0x640
[   72.910104][ T6525]  should_failslab+0xc2/0x120
[   72.910120][ T6525]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   72.910133][ T6525]  ? skb_clone+0x190/0x3f0
[   72.910150][ T6525]  skb_clone+0x190/0x3f0
[   72.910168][ T6525]  netlink_deliver_tap+0xabd/0xd30
[   72.910185][ T6525]  netlink_unicast+0x71f/0x870
[   72.910202][ T6525]  ? __pfx_netlink_unicast+0x10/0x10
[   72.910222][ T6525]  netlink_ack+0x696/0xb80
[   72.910240][ T6525]  netlink_rcv_skb+0x332/0x420
[   72.910254][ T6525]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   72.910268][ T6525]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   72.910281][ T6525]  ? __pfx___mutex_lock+0x10/0x10
[   72.910304][ T6525]  xfrm_netlink_rcv+0x71/0x90
[   72.910315][ T6525]  netlink_unicast+0x5a7/0x870
[   72.910332][ T6525]  ? __pfx_netlink_unicast+0x10/0x10
[   72.910346][ T6525]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   72.910364][ T6525]  netlink_sendmsg+0x8d1/0xdd0
[   72.910381][ T6525]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.910397][ T6525]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[   72.910412][ T6525]  ____sys_sendmsg+0xa95/0xc70
[   72.910430][ T6525]  ? __pfx_____sys_sendmsg+0x10/0x10
[   72.910447][ T6525]  ? get_compat_msghdr+0x11a/0x170
[   72.910467][ T6525]  ___sys_sendmsg+0x134/0x1d0
[   72.910481][ T6525]  ? __pfx____sys_sendmsg+0x10/0x10
[   72.910502][ T6525]  ? find_held_lock+0x2b/0x80
[   72.910522][ T6525]  __sys_sendmsg+0x16d/0x220
[   72.910536][ T6525]  ? __pfx___sys_sendmsg+0x10/0x10
[   72.910556][ T6525]  ? rcu_is_watching+0x12/0xc0
[   72.910569][ T6525]  __do_fast_syscall_32+0x7c/0x3a0
[   72.910585][ T6525]  do_fast_syscall_32+0x32/0x80
[   72.910599][ T6525]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   72.910613][ T6525] RIP: 0023:0xf70de579
[   72.910622][ T6525] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   72.910632][ T6525] RSP: 002b:00000000f54ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   72.910643][ T6525] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[   72.910649][ T6525] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   72.910655][ T6525] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   72.910661][ T6525] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   72.910667][ T6525] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   72.910680][ T6525]  </TASK>
[   73.999168][ T6554] netlink: 28 bytes leftover after parsing attributes in process `syz.1.128'.
[   74.003154][ T6554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.128'.
[   74.060897][ T6558] netlink: 8 bytes leftover after parsing attributes in process `syz.1.130'.
[   74.066531][ T6558] netlink: 8 bytes leftover after parsing attributes in process `syz.1.130'.
[   74.546134][ T6582] FAULT_INJECTION: forcing a failure.
[   74.546134][ T6582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.550473][ T6582] CPU: 3 UID: 0 PID: 6582 Comm: syz.1.138 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[   74.550490][ T6582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.550496][ T6582] Call Trace:
[   74.550500][ T6582]  <TASK>
[   74.550505][ T6582]  dump_stack_lvl+0x16c/0x1f0
[   74.550523][ T6582]  should_fail_ex+0x512/0x640
[   74.550541][ T6582]  _copy_to_user+0x32/0xd0
[   74.550559][ T6582]  simple_read_from_buffer+0xcb/0x170
[   74.550579][ T6582]  proc_fail_nth_read+0x197/0x240
[   74.550592][ T6582]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   74.550604][ T6582]  ? rw_verify_area+0xcf/0x6c0
[   74.550615][ T6582]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   74.550626][ T6582]  vfs_read+0x1e4/0xcf0
[   74.550641][ T6582]  ? __pfx_vfs_read+0x10/0x10
[   74.550652][ T6582]  ? find_held_lock+0x2b/0x80
[   74.550667][ T6582]  ? __fget_files+0x20e/0x3c0
[   74.550683][ T6582]  ksys_read+0x12a/0x250
[   74.550695][ T6582]  ? __pfx_ksys_read+0x10/0x10
[   74.550708][ T6582]  ? rcu_is_watching+0x12/0xc0
[   74.550722][ T6582]  __do_fast_syscall_32+0x7c/0x3a0
[   74.550739][ T6582]  do_fast_syscall_32+0x32/0x80
[   74.550753][ T6582]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   74.550767][ T6582] RIP: 0023:0xf70fe579
[   74.550776][ T6582] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   74.550786][ T6582] RSP: 002b:00000000f54ee590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   74.550797][ T6582] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54ee620
[   74.550803][ T6582] RDX: 000000000000000f RSI: 00000000f7464ff4 RDI: 0000000000000000
[   74.550809][ T6582] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   74.550815][ T6582] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   74.550821][ T6582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   74.550834][ T6582]  </TASK>
[   75.199731][ T6599] 9pnet_fd: Insufficient options for proto=fd
[   76.724836][ T6628] netlink: 32 bytes leftover after parsing attributes in process `syz.0.148'.
[   76.728839][ T6628] netlink: 32 bytes leftover after parsing attributes in process `syz.0.148'.
[   76.820358][ T6633] bridge_slave_0: left allmulticast mode
[   76.823915][ T6633] bridge_slave_0: left promiscuous mode
[   76.826563][ T6633] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.865470][ T6633] bridge_slave_1: left allmulticast mode
[   76.867429][ T6633] bridge_slave_1: left promiscuous mode
[   76.870596][ T6633] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.899281][ T6633] bond0: (slave bond_slave_0): Releasing backup interface
[   76.907898][ T6633] bond0: (slave bond_slave_1): Releasing backup interface
[   76.919527][ T6633] team0: Port device team_slave_0 removed
[   76.934664][ T6633] team0: Port device team_slave_1 removed
[   76.940756][ T6633] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   76.945411][ T6633] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.950095][ T6633] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   76.954038][ T6633] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.972075][ T6644] netlink: 44 bytes leftover after parsing attributes in process `syz.3.150'.
[   77.215192][ T6650] netlink: 28 bytes leftover after parsing attributes in process `syz.2.149'.
[   77.218086][ T6650] netlink: 8 bytes leftover after parsing attributes in process `syz.2.149'.
[   77.700592][ T6659] netlink: 28 bytes leftover after parsing attributes in process `syz.1.154'.
[   77.763751][ T6661] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   77.766475][ T6661] syzkaller0: entered promiscuous mode
[   77.768313][ T6661] syzkaller0: entered allmulticast mode
[   77.774330][ T6661] syzkaller0: MTU too low for tipc bearer
[   77.776195][ T6661] tipc: Disabling bearer <eth:syzkaller0>
[   77.915744][ T6664] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   77.918835][ T6664] syzkaller0: entered promiscuous mode
[   77.920705][ T6664] syzkaller0: entered allmulticast mode
[   77.929466][ T6664] syzkaller0: MTU too low for tipc bearer
[   77.931244][ T6664] tipc: Disabling bearer <eth:syzkaller0>
[   78.142042][ T6665] trusted_key: encrypted_key: keyword 'neul–' not recognized
[   78.466061][ T6696] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   78.468570][ T6696] syzkaller0: entered promiscuous mode
[   78.470300][ T6696] syzkaller0: entered allmulticast mode
[   78.476948][ T6696] syzkaller0: MTU too low for tipc bearer
[   78.482540][ T6696] tipc: Disabling bearer <eth:syzkaller0>
[   79.847099][ T6719] binder: 6718:6719 ioctl c0306201 0 returned -14
[   79.962643][   T34] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   80.112795][   T34] usb 5-1: Using ep0 maxpacket: 16
[   80.182818][   T34] usb 5-1: config 1 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   80.186988][   T34] usb 5-1: config 1 interface 0 has no altsetting 0
[   80.195552][   T34] usb 5-1: string descriptor 0 read error: -22
[   80.201133][   T34] usb 5-1: New USB device found, idVendor=0458, idProduct=5015, bcdDevice= 0.40
[   80.212574][   T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.429137][ T6715] __nla_validate_parse: 1 callbacks suppressed
[   80.429148][ T6715] netlink: 4 bytes leftover after parsing attributes in process `syz.0.169'.
[   80.706219][   T34] usbhid 5-1:1.0: can't add hid device: -71
[   80.708853][   T34] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[   80.718705][   T34] usb 5-1: USB disconnect, device number 2
[   80.740049][ T6740] netlink: 32 bytes leftover after parsing attributes in process `syz.2.175'.
[   80.744328][ T6740] netlink: 32 bytes leftover after parsing attributes in process `syz.2.175'.
[   80.781025][ T6742] netlink: 32 bytes leftover after parsing attributes in process `syz.3.176'.
[   80.784932][ T6742] netlink: 32 bytes leftover after parsing attributes in process `syz.3.176'.
[   80.895844][ T6745] team0: Port device bond0 removed
[   81.118884][   T53] cfg80211: failed to load regulatory.db
[   81.441573][ T6755] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   82.957130][ T6775] tmpfs: Cannot disable swap on remount
[   82.961045][ T6775] fuseblk: Bad value for 'user_id'
[   82.963385][ T6775] fuseblk: Bad value for 'user_id'
[   83.224118][ T6789] vivid-007: =================  START STATUS  =================
[   83.227638][ T6789] vivid-007: Enable Output Cropping: true
[   83.229999][ T6789] vivid-007: Enable Output Composing: true
[   83.232144][ T6789] vivid-007: Enable Output Scaler: true
[   83.234337][ T6789] vivid-007: Tx RGB Quantization Range: Automatic
[   83.237609][ T6789] vivid-007: Transmit Mode: HDMI
[   83.239300][ T6789] vivid-007: Hotplug Present: 0x00000000
[   83.241426][ T6789] vivid-007: RxSense Present: 0x00000000
[   83.243734][ T6789] vivid-007: EDID Present: 0x00000000
[   83.245903][ T6789] vivid-007: ==================  END STATUS  ==================
[   83.266337][ T6789] netlink: 4 bytes leftover after parsing attributes in process `syz.2.188'.
[   84.172276][ T6795] netlink: 32 bytes leftover after parsing attributes in process `syz.1.190'.
[   84.186068][ T6795] netlink: 32 bytes leftover after parsing attributes in process `syz.1.190'.
[   84.467643][ T6797] team0: Port device bond0 removed
[   84.513446][ T6797] netlink: 'syz.1.190': attribute type 10 has an invalid length.
[   84.516354][ T6797] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.522833][ T6797] team0: Port device bond0 added
[   85.149853][ T6811] tmpfs: Cannot disable swap on remount
[   85.162105][ T6811] fuseblk: Bad value for 'user_id'
[   85.165251][ T6811] fuseblk: Bad value for 'user_id'
[   85.479680][ T6829] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   85.486867][ T6829] syzkaller0: entered promiscuous mode
[   85.490305][ T6829] syzkaller0: entered allmulticast mode
[   85.499792][ T6829] syzkaller0: MTU too low for tipc bearer
[   85.499804][ T6829] tipc: Disabling bearer <eth:syzkaller0>
[   85.983258][ T6846] vivid-007: =================  START STATUS  =================
[   85.983364][ T6846] vivid-007: Enable Output Cropping: true
[   85.983428][ T6846] vivid-007: Enable Output Composing: true
[   85.983517][ T6846] vivid-007: Enable Output Scaler: true
[   85.983553][ T6846] vivid-007: Tx RGB Quantization Range: Automatic
[   85.983627][ T6846] vivid-007: Transmit Mode: HDMI
[   85.983639][ T6846] vivid-007: Hotplug Present: 0x00000000
[   85.998468][ T6846] vivid-007: RxSense Present: 0x00000000
[   85.998520][ T6846] vivid-007: EDID Present: 0x00000000
[   85.998665][ T6846] vivid-007: ==================  END STATUS  ==================
[   86.028846][ T6846] netlink: 4 bytes leftover after parsing attributes in process `syz.0.201'.
[   86.860057][ T6852] capability: warning: `syz.1.203' uses deprecated v2 capabilities in a way that may be insecure
[   86.940347][ T6854] netlink: 32 bytes leftover after parsing attributes in process `syz.3.204'.
[   86.964323][ T6854] netlink: 32 bytes leftover after parsing attributes in process `syz.3.204'.
[   86.976268][   T34] Process accounting resumed
[   87.044523][ T6861] netlink: 28 bytes leftover after parsing attributes in process `syz.2.207'.
[   87.047385][ T6861] netlink: 8 bytes leftover after parsing attributes in process `syz.2.207'.
[   87.050761][ T6861] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[   87.100840][ T6863] tmpfs: Cannot disable swap on remount
[   87.111845][ T6863] fuseblk: Bad value for 'user_id'
[   87.113640][ T6863] fuseblk: Bad value for 'user_id'
[   87.368149][ T6875] netlink: 'syz.3.204': attribute type 10 has an invalid length.
[   87.562726][ T6857] syz.1.203: page allocation failure: order:0, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1
[   87.562959][ T6857] CPU: 0 UID: 0 PID: 6857 Comm: syz.1.203 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[   87.562978][ T6857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.562984][ T6857] Call Trace:
[   87.562988][ T6857]  <TASK>
[   87.562993][ T6857]  dump_stack_lvl+0x16c/0x1f0
[   87.563010][ T6857]  warn_alloc+0x248/0x3a0
[   87.563024][ T6857]  ? __pfx_warn_alloc+0x10/0x10
[   87.563038][ T6857]  ? psi_memstall_leave+0x19f/0x2d0
[   87.563052][ T6857]  ? __pfx___alloc_pages_direct_compact+0x10/0x10
[   87.563065][ T6857]  ? psi_memstall_leave+0x1e1/0x2d0
[   87.563077][ T6857]  ? psi_memstall_leave+0x1e6/0x2d0
[   87.563092][ T6857]  __alloc_frozen_pages_noprof+0xea2/0x23f0
[   87.563112][ T6857]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   87.563130][ T6857]  ? lockdep_hardirqs_on+0x7c/0x110
[   87.563146][ T6857]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   87.563163][ T6857]  ? policy_nodemask+0xea/0x4e0
[   87.563179][ T6857]  alloc_pages_mpol+0x1fb/0x550
[   87.563193][ T6857]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   87.563209][ T6857]  ? alloc_pages_noprof+0x142/0x390
[   87.563224][ T6857]  alloc_pages_noprof+0x131/0x390
[   87.563239][ T6857]  kimage_alloc_pages+0x75/0x350
[   87.563257][ T6857]  kimage_alloc_control_pages+0x153/0xa00
[   87.563278][ T6857]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[   87.563300][ T6857]  do_kexec_load+0x478/0x8a0
[   87.563312][ T6857]  ? __pfx_do_kexec_load+0x10/0x10
[   87.563335][ T6857]  __ia32_compat_sys_kexec_load+0x37f/0x400
[   87.563355][ T6857]  ? __pfx___ia32_compat_sys_kexec_load+0x10/0x10
[   87.563371][ T6857]  ? rcu_is_watching+0x12/0xc0
[   87.563384][ T6857]  __do_fast_syscall_32+0x7c/0x3a0
[   87.563399][ T6857]  do_fast_syscall_32+0x32/0x80
[   87.563413][ T6857]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   87.563427][ T6857] RIP: 0023:0xf70fe579
[   87.563436][ T6857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   87.563446][ T6857] RSP: 002b:00000000f54cd55c EFLAGS: 00000296 ORIG_RAX: 000000000000011b
[   87.563456][ T6857] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003
[   87.563463][ T6857] RDX: 0000000080001080 RSI: 00000000003e0000 RDI: 0000000000000000
[   87.563469][ T6857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   87.563475][ T6857] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   87.563481][ T6857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   87.563493][ T6857]  </TASK>
[   87.563497][ T6857] Mem-Info:
[   87.563502][ T6857] active_anon:6237 inactive_anon:124 isolated_anon:0
[   87.563502][ T6857]  active_file:11302 inactive_file:41681 isolated_file:0
[   87.563502][ T6857]  unevictable:1768 dirty:304 writeback:0
[   87.563502][ T6857]  slab_reclaimable:10117 slab_unreclaimable:52052
[   87.563502][ T6857]  mapped:25867 shmem:2404 pagetables:1070
[   87.563502][ T6857]  sec_pagetables:296 bounce:0
[   87.563502][ T6857]  kernel_misc_reclaimable:0
[   87.563502][ T6857]  free:32029 free_pcp:116 free_cma:0
[   87.563530][ T6857] Node 0 active_anon:6784kB inactive_anon:0kB active_file:220kB inactive_file:16608kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:8016kB dirty:56kB writeback:0kB shmem:3772kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8188kB pagetables:1648kB sec_pagetables:1116kB all_unreclaimable? no Balloon:0kB
[   87.563557][ T6857] Node 1 active_anon:18164kB inactive_anon:496kB active_file:44988kB inactive_file:150116kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95452kB dirty:1160kB writeback:0kB shmem:5844kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5124kB pagetables:2632kB sec_pagetables:68kB all_unreclaimable? no Balloon:0kB
[   87.563584][ T6857] Node 0 DMA free:2912kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   87.563614][ T6857] lowmem_reserve[]: 0 288 288 288 288
[   87.563635][ T6857] Node 0 DMA32 free:30232kB boost:16384kB min:29604kB low:32908kB high:36212kB reserved_highatomic:2048KB free_highatomic:656KB active_anon:6784kB inactive_anon:0kB active_file:220kB inactive_file:17240kB unevictable:3536kB writepending:56kB present:1032196kB managed:295164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   87.563666][ T6857] lowmem_reserve[]: 0 0 0 0 0
[   87.563686][ T6857] Node 1 DMA32 free:94972kB boost:47104kB min:94244kB low:106028kB high:117812kB reserved_highatomic:2048KB free_highatomic:368KB active_anon:18164kB inactive_anon:496kB active_file:44988kB inactive_file:150116kB unevictable:3536kB writepending:1160kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:464kB local_pcp:0kB free_cma:0kB
[   87.563717][ T6857] lowmem_reserve[]: 0 0 0 0 0
[   87.563736][ T6857] Node 0 DMA: 74*4kB (UM) 26*8kB (U) 19*16kB (UM) 11*32kB (UM) 4*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2952kB
[   87.563816][ T6857] Node 0 DMA32: 98*4kB (UMEH) 311*8kB (UMEH) 145*16kB (UMEH) 384*32kB (UMEH) 123*64kB (UM) 17*128kB (UM) 2*256kB (UM) 2*512kB (MH) 1*1024kB (M) 0*2048kB 0*4096kB = 30096kB
[   87.563901][ T6857] Node 1 DMA32: 1298*4kB (ME) 583*8kB (UMEH) 471*16kB (UMEH) 342*32kB (MEH) 261*64kB (UMEH) 147*128kB (ME) 57*256kB (M) 30*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 94832kB
[   87.564044][ T6857] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   87.564054][ T6857] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   87.564062][ T6857] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   87.564071][ T6857] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   87.564079][ T6857] 55405 total pagecache pages
[   87.564083][ T6857] 0 pages in swap cache
[   87.564087][ T6857] Free swap  = 124996kB
[   87.564091][ T6857] Total swap = 124996kB
[   87.564095][ T6857] 524155 pages RAM
[   87.564098][ T6857] 0 pages HighMem/MovableOnly
[   87.564102][ T6857] 209469 pages reserved
[   87.564106][ T6857] 0 pages cma reserved
[   87.573549][ T6875] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.578608][ T6875] team0: Port device bond0 added
[   88.053676][ T6886] vivid-007: =================  START STATUS  =================
[   88.056223][ T6886] vivid-007: Enable Output Cropping: true
[   88.058025][ T6886] vivid-007: Enable Output Composing: true
[   88.059877][ T6886] vivid-007: Enable Output Scaler: true
[   88.061613][ T6886] vivid-007: Tx RGB Quantization Range: Automatic
[   88.064415][ T6886] vivid-007: Transmit Mode: HDMI
[   88.066195][ T6886] vivid-007: Hotplug Present: 0x00000000
[   88.068912][ T6886] vivid-007: RxSense Present: 0x00000000
[   88.070816][ T6886] vivid-007: EDID Present: 0x00000000
[   88.073154][ T6886] vivid-007: ==================  END STATUS  ==================
[   88.094680][ T6886] netlink: 4 bytes leftover after parsing attributes in process `syz.3.215'.
[   88.181935][ T6857] kexec: Could not allocate control_code_buffer
[   88.594584][ T5972] Process accounting resumed
[   88.790454][ T6897] netlink: 28 bytes leftover after parsing attributes in process `syz.2.218'.
[   88.793807][ T6897] netlink: 8 bytes leftover after parsing attributes in process `syz.2.218'.
[   88.925746][ T6901] tmpfs: Cannot disable swap on remount
[   88.931035][ T6901] fuseblk: Bad value for 'user_id'
[   88.933836][ T6901] fuseblk: Bad value for 'user_id'
[   90.164147][ T6939] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   90.165057][ T6939] syzkaller0: entered promiscuous mode
[   90.168574][ T6939] syzkaller0: entered allmulticast mode
[   90.256244][ T6939] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[   90.292317][ T6938] tipc: Resetting bearer <eth:syzkaller0>
[   90.301017][ T6938] tipc: Disabling bearer <eth:syzkaller0>
[   90.559347][ T6947] tmpfs: Cannot disable swap on remount
[   90.570547][ T6947] fuseblk: Bad value for 'user_id'
[   90.572400][ T6947] fuseblk: Bad value for 'user_id'
[   90.864583][ T6953] mkiss: ax0: crc mode is auto.
[   90.877752][ T6956] netlink: 32 bytes leftover after parsing attributes in process `syz.3.234'.
[   90.880598][ T6956] netlink: 32 bytes leftover after parsing attributes in process `syz.3.234'.
[   90.986623][ T6960] team0: Port device bond0 removed
[   91.034833][ T6960] netlink: 'syz.3.234': attribute type 10 has an invalid length.
[   91.038447][ T6960] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.048731][ T6960] team0: Port device bond0 added
[   91.112690][ T5972] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[   91.162751][   T34] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   91.315845][   T34] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   91.318662][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.321131][   T34] usb 7-1: Product: syz
[   91.322449][   T34] usb 7-1: Manufacturer: syz
[   91.338745][   T34] usb 7-1: SerialNumber: syz
[   91.346881][   T34] usb 7-1: config 0 descriptor??
[   91.452322][ T5972] usb 5-1: config 0 has an invalid interface number: 68 but max is 0
[   91.519792][ T5972] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   91.522998][ T5972] usb 5-1: config 0 has no interface number 0
[   91.525060][ T5972] usb 5-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   91.569081][   T34] usb 7-1: USB disconnect, device number 4
[   91.650689][ T5972] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[   91.662704][ T5972] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.665241][ T5972] usb 5-1: Product: syz
[   91.666542][ T5972] usb 5-1: Manufacturer: syz
[   91.668004][ T5972] usb 5-1: SerialNumber: syz
[   91.709380][ T5972] usb 5-1: config 0 descriptor??
[   91.940405][ T5972] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[   92.022753][ T1146] usb 5-1: Failed to submit usb control message: -71
[   92.025339][ T1146] usb 5-1: unable to send the bmi data to the device: -71
[   92.027751][ T1146] usb 5-1: unable to get target info from device
[   92.030867][ T5972] usb 5-1: USB disconnect, device number 3
[   92.031665][ T1146] usb 5-1: could not get target info (-71)
[   92.047360][ T1146] usb 5-1: could not probe fw (-71)
[   92.475638][ T6975] tmpfs: Cannot disable swap on remount
[   92.480174][ T6975] fuseblk: Bad value for 'user_id'
[   92.482349][ T6975] fuseblk: Bad value for 'user_id'
[   93.904956][ T6996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.241'.
[   93.907787][ T6996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.241'.
[   93.910604][ T6996] netlink: 'syz.0.241': attribute type 14 has an invalid length.
[   93.915937][ T6996] netlink: 'syz.0.241': attribute type 13 has an invalid length.
[   94.899265][ T7015] FAULT_INJECTION: forcing a failure.
[   94.899265][ T7015] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.903728][ T7015] CPU: 1 UID: 0 PID: 7015 Comm: syz.2.245 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[   94.903756][ T7015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.903762][ T7015] Call Trace:
[   94.903766][ T7015]  <TASK>
[   94.903770][ T7015]  dump_stack_lvl+0x16c/0x1f0
[   94.903788][ T7015]  should_fail_ex+0x512/0x640
[   94.903806][ T7015]  _copy_from_user+0x2e/0xd0
[   94.903823][ T7015]  get_compat_msghdr+0xa7/0x170
[   94.903836][ T7015]  ? __pfx_get_compat_msghdr+0x10/0x10
[   94.903848][ T7015]  ? __lock_acquire+0xb97/0x1ce0
[   94.903866][ T7015]  ? kvm_sched_clock_read+0x11/0x20
[   94.903880][ T7015]  ___sys_sendmsg+0x1ae/0x1d0
[   94.903896][ T7015]  ? __pfx____sys_sendmsg+0x10/0x10
[   94.903916][ T7015]  ? find_held_lock+0x2b/0x80
[   94.903935][ T7015]  __sys_sendmsg+0x16d/0x220
[   94.903949][ T7015]  ? __pfx___sys_sendmsg+0x10/0x10
[   94.903973][ T7015]  ? rcu_is_watching+0x12/0xc0
[   94.903986][ T7015]  __do_fast_syscall_32+0x7c/0x3a0
[   94.904001][ T7015]  do_fast_syscall_32+0x32/0x80
[   94.904016][ T7015]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   94.904029][ T7015] RIP: 0023:0xf70fe579
[   94.904038][ T7015] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   94.904048][ T7015] RSP: 002b:00000000f54ac55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   94.904059][ T7015] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000100
[   94.904065][ T7015] RDX: 0000000004004000 RSI: 0000000000000000 RDI: 0000000000000000
[   94.904071][ T7015] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   94.904077][ T7015] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   94.904083][ T7015] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   94.904096][ T7015]  </TASK>
[   95.073103][ T7018] tmpfs: Cannot disable swap on remount
[   95.078300][ T7018] fuseblk: Bad value for 'user_id'
[   95.079945][ T7018] fuseblk: Bad value for 'user_id'
[   95.987231][ T7032] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   95.988221][ T7032] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[   95.988994][ T7034] tmpfs: Cannot disable swap on remount
[   95.992934][ T7034] fuseblk: Bad value for 'user_id'
[   95.995257][ T7032] syzkaller0: MTU too low for tipc bearer
[   95.995678][ T7034] fuseblk: Bad value for 'user_id'
[   95.997575][ T7032] tipc: Disabling bearer <eth:syzkaller0>
[   97.255520][ T7072] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   97.259206][ T7072] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[   97.262964][ T7072] syzkaller0: MTU too low for tipc bearer
[   97.264921][ T7072] tipc: Disabling bearer <eth:syzkaller0>
[   97.379304][ T7078] tmpfs: Cannot disable swap on remount
[   97.386847][ T7078] fuseblk: Bad value for 'user_id'
[   97.388485][ T7078] fuseblk: Bad value for 'user_id'
[   97.460211][ T7088] netlink: 32 bytes leftover after parsing attributes in process `syz.2.268'.
[   97.460228][ T7088] netlink: 32 bytes leftover after parsing attributes in process `syz.2.268'.
[   97.485064][ T7086] netlink: 32 bytes leftover after parsing attributes in process `syz.0.267'.
[   97.485081][ T7086] netlink: 32 bytes leftover after parsing attributes in process `syz.0.267'.
[   97.613052][ T7092] netlink: 'syz.0.267': attribute type 10 has an invalid length.
[   97.620166][ T7092] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.626004][ T7092] team0: Port device bond0 added
[   97.650600][ T7090] netlink: 'syz.2.268': attribute type 10 has an invalid length.
[   97.656694][ T7090] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.662835][ T7090] team0: Port device bond0 added
[   97.800245][ T7098] program syz.1.269 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   98.339669][ T7109] tmpfs: Cannot disable swap on remount
[   98.346984][ T7109] fuseblk: Bad value for 'user_id'
[   98.348671][ T7109] fuseblk: Bad value for 'user_id'
[   99.974041][ T7122] program syz.2.275 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  100.492175][ T7137] program syz.2.278 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  100.652818][ T1108] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[  100.655175][ T1108] ata1.00: irq_stat 0x40000000
[  100.656700][ T1108] ata1.00: failed command: ZAC MANAGEMENT OUT
[  100.658759][ T1108] ata1.00: cmd 9f/02:00:00:00:00/00:00:00:00:00/40 tag 20
[  100.658759][ T1108]          res 41/04:00:00:00:00/00:00:00:00:00/40 Emask 0x1 (device error)
[  100.776774][ T1108] ata1.00: status: { DRDY ERR }
[  100.778351][ T1108] ata1.00: error: { ABRT }
[  100.779783][ T1108] ata1.00: device reported invalid CHS sector 0
[  100.781791][ T7141] tmpfs: Cannot disable swap on remount
[  100.817106][ T7141] fuseblk: Bad value for 'user_id'
[  100.818805][ T7141] fuseblk: Bad value for 'user_id'
[  100.964575][ T7148] netlink: 28 bytes leftover after parsing attributes in process `syz.0.282'.
[  100.967530][ T7148] netlink: 8 bytes leftover after parsing attributes in process `syz.0.282'.
[  101.686338][ T7173] loop6: detected capacity change from 0 to 524287999
[  101.737160][ T7175] netlink: 'syz.3.283': attribute type 12 has an invalid length.
[  101.743170][ T7174] /dev/nullb0: Can't open blockdev
[  102.488190][ T7184] tmpfs: Cannot disable swap on remount
[  102.491862][ T7184] fuseblk: Bad value for 'user_id'
[  102.494799][ T7184] fuseblk: Bad value for 'user_id'
[  102.647138][ T7193] netlink: 28 bytes leftover after parsing attributes in process `syz.3.293'.
[  102.650153][ T7193] netlink: 8 bytes leftover after parsing attributes in process `syz.3.293'.
[  102.654036][ T7193] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  102.915021][ T7207] program syz.1.295 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  104.030939][ T7219] netlink: 16 bytes leftover after parsing attributes in process `syz.1.297'.
[  104.063495][ T7219] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.206366][ T7219] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.340665][ T7219] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.456078][ T7219] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.592663][ T1146] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.600752][ T1146] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.613620][   T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.621176][   T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.765492][ T7226] [U] 
[  104.766751][ T7226] [U] 
[  104.767812][ T7226] [U] 
[  104.769011][ T7226] [U] 
[  104.770195][ T7226] [U] 
[  104.771202][ T7226] [U] 
[  104.772265][ T7226] [U] 
[  104.773475][ T7226] [U] 
[  104.775496][ T7226] FAULT_INJECTION: forcing a failure.
[  104.775496][ T7226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.781270][ T7226] CPU: 3 UID: 0 PID: 7226 Comm: syz.3.301 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  104.781296][ T7226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.781306][ T7226] Call Trace:
[  104.781313][ T7226]  <TASK>
[  104.781320][ T7226]  dump_stack_lvl+0x16c/0x1f0
[  104.781348][ T7226]  should_fail_ex+0x512/0x640
[  104.781376][ T7226]  _copy_from_iter+0x463/0x16f0
[  104.781410][ T7226]  ? __pfx__copy_from_iter+0x10/0x10
[  104.781439][ T7226]  ? __pfx___might_resched+0x10/0x10
[  104.781458][ T7226]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  104.781483][ T7226]  file_tty_write.constprop.0+0x488/0x9b0
[  104.781516][ T7226]  do_iter_readv_writev+0x662/0x9e0
[  104.781539][ T7226]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  104.781564][ T7226]  ? bpf_lsm_file_permission+0x9/0x10
[  104.781590][ T7226]  ? security_file_permission+0x71/0x210
[  104.781615][ T7226]  ? rw_verify_area+0xcf/0x6c0
[  104.781635][ T7226]  vfs_writev+0x35f/0xde0
[  104.781660][ T7226]  ? __pfx_vfs_writev+0x10/0x10
[  104.781702][ T7226]  ? __fget_files+0x20e/0x3c0
[  104.781719][ T7226]  ? __fget_files+0x200/0x3c0
[  104.781742][ T7226]  ? do_writev+0x132/0x340
[  104.781759][ T7226]  do_writev+0x132/0x340
[  104.781777][ T7226]  ? __pfx_do_writev+0x10/0x10
[  104.781797][ T7226]  ? rcu_is_watching+0x12/0xc0
[  104.781818][ T7226]  __do_fast_syscall_32+0x7c/0x3a0
[  104.781842][ T7226]  do_fast_syscall_32+0x32/0x80
[  104.781864][ T7226]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  104.781885][ T7226] RIP: 0023:0xf70ee579
[  104.781900][ T7226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  104.781915][ T7226] RSP: 002b:00000000f54de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  104.781932][ T7226] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000b00
[  104.781943][ T7226] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  104.781952][ T7226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  104.781962][ T7226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  104.781972][ T7226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  104.781995][ T7226]  </TASK>
[  104.782185][ T7223] [U] 
[  104.907798][ T7230] netlink: 28 bytes leftover after parsing attributes in process `syz.3.302'.
[  104.910644][ T7230] netlink: 8 bytes leftover after parsing attributes in process `syz.3.302'.
[  104.915623][ T7230] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  105.879033][ T7246] mkiss: ax0: crc mode is auto.
[  106.132575][   T34] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  106.286727][   T34] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  106.286746][   T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.286756][   T34] usb 5-1: Product: syz
[  106.286764][   T34] usb 5-1: Manufacturer: syz
[  106.286772][   T34] usb 5-1: SerialNumber: syz
[  106.290835][   T34] usb 5-1: config 0 descriptor??
[  106.503801][   T34] usb 5-1: USB disconnect, device number 4
[  106.626698][ T7257] netlink: 32 bytes leftover after parsing attributes in process `syz.3.310'.
[  106.635695][ T7257] netlink: 32 bytes leftover after parsing attributes in process `syz.3.310'.
[  106.920815][ T7262] netlink: 'syz.3.310': attribute type 10 has an invalid length.
[  106.956852][ T7260] team0: Port device bond0 removed
[  107.004248][ T7266] netlink: 28 bytes leftover after parsing attributes in process `syz.2.311'.
[  107.008114][ T7266] netlink: 8 bytes leftover after parsing attributes in process `syz.2.311'.
[  107.011807][ T7262] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.021663][ T7262] team0: Port device bond0 added
[  107.027600][ T7266] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  107.672222][ T7273] netlink: 4 bytes leftover after parsing attributes in process `syz.1.313'.
[  108.672578][ T6068] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  108.823000][ T6068] usb 7-1: Using ep0 maxpacket: 16
[  108.829087][ T6068] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  108.834369][ T6068] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.838398][ T6068] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  108.844980][ T6068] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  108.849087][ T6068] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.858740][ T6068] usb 7-1: config 0 descriptor??
[  109.074128][ T7296] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  109.124852][ T7296] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  109.128144][ T7297] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  109.339373][ T7282] netlink: 44 bytes leftover after parsing attributes in process `syz.2.315'.
[  109.375208][ T7306] netlink: 28 bytes leftover after parsing attributes in process `syz.0.320'.
[  109.378124][ T7306] netlink: 8 bytes leftover after parsing attributes in process `syz.0.320'.
[  109.383741][ T7306] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  110.946457][ T7327] mkiss: ax0: crc mode is auto.
[  111.337375][ T6068] usbhid 7-1:0.0: can't add hid device: -71
[  111.340192][ T6068] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  111.362583][ T6068] usb 7-1: USB disconnect, device number 5
[  112.081255][ T7354] netlink: 28 bytes leftover after parsing attributes in process `syz.3.330'.
[  112.085263][ T7354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.330'.
[  112.089270][ T7354] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  112.428992][ T7364] ntfs3(nullb0): Primary boot signature is not NTFS.
[  112.432177][ T7364] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  113.395070][ T7419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.337'.
[  114.114326][ T7425] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  114.117055][ T7427] netlink: 28 bytes leftover after parsing attributes in process `syz.3.340'.
[  114.120101][ T7427] netlink: 8 bytes leftover after parsing attributes in process `syz.3.340'.
[  114.127153][ T7427] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  114.394909][ T7434] ntfs3(nullb0): Primary boot signature is not NTFS.
[  114.397270][ T7434] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  115.137060][ T7445] netlink: 32 bytes leftover after parsing attributes in process `syz.2.346'.
[  115.139877][ T7445] netlink: 32 bytes leftover after parsing attributes in process `syz.2.346'.
[  115.235442][ T7447] netlink: 'syz.2.346': attribute type 10 has an invalid length.
[  117.017919][ T7472] netlink: 32 bytes leftover after parsing attributes in process `syz.0.348'.
[  117.021162][ T7472] netlink: 32 bytes leftover after parsing attributes in process `syz.0.348'.
[  117.096212][ T7474] team0: Port device bond0 removed
[  117.170415][ T7474] netlink: 'syz.0.348': attribute type 10 has an invalid length.
[  117.173734][ T7474] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.176372][ T7474] team0: Port device bond0 added
[  117.335839][ T7480] netlink: 28 bytes leftover after parsing attributes in process `syz.2.351'.
[  117.339683][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.351'.
[  117.348631][ T7480] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  117.751828][ T7493] syzkaller1: entered promiscuous mode
[  117.753853][ T7493] syzkaller1: entered allmulticast mode
[  117.769579][ T7493] program syz.1.355 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  117.776485][ T7493] nfs: Unknown parameter 'ntext'
[  119.283564][ T7519] netlink: 32 bytes leftover after parsing attributes in process `syz.2.361'.
[  119.287163][ T7519] netlink: 32 bytes leftover after parsing attributes in process `syz.2.361'.
[  119.357863][ T7520] netlink: 'syz.2.361': attribute type 10 has an invalid length.
[  119.820073][ T7522] netlink: 28 bytes leftover after parsing attributes in process `syz.3.362'.
[  119.823661][ T7522] netlink: 8 bytes leftover after parsing attributes in process `syz.3.362'.
[  119.829674][ T7522] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  120.596001][ T7541] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  120.600864][ T7541] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  120.608742][ T7541] syzkaller0: MTU too low for tipc bearer
[  120.611048][ T7541] tipc: Disabling bearer <eth:syzkaller0>
[  121.434811][ T7552] netlink: 28 bytes leftover after parsing attributes in process `syz.3.372'.
[  121.437815][ T7552] netlink: 8 bytes leftover after parsing attributes in process `syz.3.372'.
[  121.439571][ T7552] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  121.734421][ T7559] netlink: 32 bytes leftover after parsing attributes in process `syz.2.375'.
[  121.737629][ T7559] netlink: 32 bytes leftover after parsing attributes in process `syz.2.375'.
[  121.804900][ T7566] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  121.807172][ T7566] syzkaller0: entered promiscuous mode
[  121.808738][ T7566] syzkaller0: entered allmulticast mode
[  121.831587][ T7566] tipc: Resetting bearer <eth:syzkaller0>
[  121.842467][ T7565] tipc: Resetting bearer <eth:syzkaller0>
[  121.850110][ T7565] tipc: Disabling bearer <eth:syzkaller0>
[  122.078309][ T7567] netlink: 'syz.2.375': attribute type 10 has an invalid length.
[  122.275633][ T7581] syzkaller1: entered promiscuous mode
[  122.277481][ T7581] syzkaller1: entered allmulticast mode
[  122.290025][ T7581] program syz.3.378 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  122.297214][ T7581] nfs: Unknown parameter 'ntext'
[  123.253722][ T7589] netlink: 28 bytes leftover after parsing attributes in process `syz.0.381'.
[  123.262536][ T7589] netlink: 8 bytes leftover after parsing attributes in process `syz.0.381'.
[  123.267521][ T7589] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  123.360551][ T7592] Illegal XDP return value 4294967294 on prog  (id 65) dev N/A, expect packet loss!
[  123.500316][ T7610] netlink: 'syz.3.385': attribute type 32 has an invalid length.
[  123.502959][ T7610] netlink: 8 bytes leftover after parsing attributes in process `syz.3.385'.
[  123.508215][ T7610] FAULT_INJECTION: forcing a failure.
[  123.508215][ T7610] name failslab, interval 1, probability 0, space 0, times 0
[  123.513958][ T7610] CPU: 0 UID: 0 PID: 7610 Comm: syz.3.385 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  123.513975][ T7610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.513988][ T7610] Call Trace:
[  123.513992][ T7610]  <TASK>
[  123.513997][ T7610]  dump_stack_lvl+0x16c/0x1f0
[  123.514033][ T7610]  should_fail_ex+0x512/0x640
[  123.514055][ T7610]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  123.514069][ T7610]  should_failslab+0xc2/0x120
[  123.514085][ T7610]  __kmalloc_cache_noprof+0x6a/0x3e0
[  123.514097][ T7610]  ? alloc_netdev_mqs+0xec4/0x1500
[  123.514115][ T7610]  alloc_netdev_mqs+0xec4/0x1500
[  123.514133][ T7610]  rtnl_create_link+0xc08/0xf90
[  123.514151][ T7610]  rtnl_newlink+0xb69/0x2000
[  123.514171][ T7610]  ? __pfx_rtnl_newlink+0x10/0x10
[  123.514190][ T7610]  ? kfree_skbmem+0x1a4/0x1f0
[  123.514209][ T7610]  ? rcu_is_watching+0x12/0xc0
[  123.514227][ T7610]  ? find_held_lock+0x2b/0x80
[  123.514238][ T7610]  ? __pfx_rtnl_newlink+0x10/0x10
[  123.514253][ T7610]  ? __pfx_rtnl_newlink+0x10/0x10
[  123.514267][ T7610]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  123.514283][ T7610]  ? __pfx_rtnl_newlink+0x10/0x10
[  123.514299][ T7610]  rtnetlink_rcv_msg+0x95b/0xe90
[  123.514316][ T7610]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  123.514336][ T7610]  ? ref_tracker_free+0x37c/0x830
[  123.514354][ T7610]  netlink_rcv_skb+0x158/0x420
[  123.514370][ T7610]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  123.514386][ T7610]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  123.514407][ T7610]  ? netlink_deliver_tap+0x1ae/0xd30
[  123.514425][ T7610]  netlink_unicast+0x5a7/0x870
[  123.514462][ T7610]  ? __pfx_netlink_unicast+0x10/0x10
[  123.514480][ T7610]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  123.514508][ T7610]  netlink_sendmsg+0x8d1/0xdd0
[  123.514534][ T7610]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.514557][ T7610]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  123.514576][ T7610]  ____sys_sendmsg+0xa95/0xc70
[  123.514596][ T7610]  ? __pfx_____sys_sendmsg+0x10/0x10
[  123.514613][ T7610]  ? get_compat_msghdr+0x11a/0x170
[  123.514629][ T7610]  ? __pfx__kstrtoull+0x10/0x10
[  123.514646][ T7610]  ___sys_sendmsg+0x134/0x1d0
[  123.514662][ T7610]  ? __pfx____sys_sendmsg+0x10/0x10
[  123.514696][ T7610]  __sys_sendmmsg+0x2f9/0x420
[  123.514713][ T7610]  ? __pfx___sys_sendmmsg+0x10/0x10
[  123.514734][ T7610]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  123.514756][ T7610]  ? fput+0x9b/0xd0
[  123.514773][ T7610]  ? ksys_write+0x1ac/0x250
[  123.514786][ T7610]  ? __pfx_ksys_write+0x10/0x10
[  123.514801][ T7610]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  123.514816][ T7610]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  123.514832][ T7610]  __do_fast_syscall_32+0x7c/0x3a0
[  123.514848][ T7610]  do_fast_syscall_32+0x32/0x80
[  123.514889][ T7610]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  123.514904][ T7610] RIP: 0023:0xf70ee579
[  123.514914][ T7610] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  123.514925][ T7610] RSP: 002b:00000000f54de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  123.514935][ T7610] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  123.514942][ T7610] RDX: 0000000004924b68 RSI: 0000000000000000 RDI: 0000000000000000
[  123.514948][ T7610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  123.514954][ T7610] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  123.514960][ T7610] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  123.514973][ T7610]  </TASK>
[  123.663446][ T7612] comedi comedi3: c6xdigio: I/O port conflict (0x3c4,3)
[  125.573128][ T7629] netlink: 32 bytes leftover after parsing attributes in process `syz.2.392'.
[  125.577769][ T7629] netlink: 32 bytes leftover after parsing attributes in process `syz.2.392'.
[  125.824856][ T7633] netlink: 28 bytes leftover after parsing attributes in process `syz.0.393'.
[  125.827831][ T7633] netlink: 8 bytes leftover after parsing attributes in process `syz.0.393'.
[  125.831672][ T7633] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  125.861814][ T7635] binder: 7634:7635 ioctl c0306201 80000080 returned -14
[  125.998400][ T7638] netlink: 'syz.2.392': attribute type 10 has an invalid length.
[  126.502644][ T5972] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  126.653146][ T5972] usb 5-1: Using ep0 maxpacket: 16
[  126.668848][ T5972] usb 5-1: config 0 has no interfaces?
[  126.681878][ T5972] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  126.687661][ T5972] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.691600][ T5972] usb 5-1: Product: syz
[  126.696850][ T5972] usb 5-1: Manufacturer: syz
[  126.704433][ T5972] usb 5-1: SerialNumber: syz
[  126.756005][ T5972] usb 5-1: config 0 descriptor??
[  127.200959][  T839] usb 5-1: USB disconnect, device number 5
[  127.592254][ T7662] netlink: 28 bytes leftover after parsing attributes in process `syz.1.402'.
[  127.595364][ T7662] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'.
[  127.599226][ T7662] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  128.087122][ T7679] FAULT_INJECTION: forcing a failure.
[  128.087122][ T7679] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  128.087288][ T7679] CPU: 2 UID: 0 PID: 7679 Comm: syz.0.406 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  128.087311][ T7679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  128.087320][ T7679] Call Trace:
[  128.087326][ T7679]  <TASK>
[  128.087334][ T7679]  dump_stack_lvl+0x16c/0x1f0
[  128.087363][ T7679]  should_fail_ex+0x512/0x640
[  128.087390][ T7679]  should_fail_alloc_page+0xe7/0x130
[  128.087414][ T7679]  prepare_alloc_pages+0x3c2/0x610
[  128.087478][ T7679]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  128.087520][ T7679]  ? rcu_is_watching+0x12/0xc0
[  128.087537][ T7679]  ? trace_mm_page_alloc+0x11f/0x1a0
[  128.087563][ T7679]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  128.087591][ T7679]  ? lockdep_hardirqs_on+0x7c/0x110
[  128.087612][ T7679]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  128.087639][ T7679]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  128.087688][ T7679]  ? __get_vm_area_node+0x1ca/0x330
[  128.087711][ T7679]  ? __vmalloc_node_noprof+0xad/0xf0
[  128.087734][ T7679]  ? ip_set_sockfn_get+0x18e/0xd30
[  128.087749][ T7679]  ? nf_getsockopt+0x79/0xe0
[  128.087769][ T7679]  ? ip_getsockopt+0x18c/0x1e0
[  128.087782][ T7679]  ? raw_getsockopt+0x4d/0x1f0
[  128.087796][ T7679]  ? do_sock_getsockopt+0x34a/0x440
[  128.087819][ T7679]  ? __sys_getsockopt+0x123/0x1b0
[  128.087845][ T7679]  alloc_pages_bulk_noprof+0x71c/0x1410
[  128.087864][ T7679]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  128.087890][ T7679]  ? policy_nodemask+0xea/0x4e0
[  128.087914][ T7679]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  128.087934][ T7679]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  128.087965][ T7679]  kasan_populate_vmalloc+0xf1/0x1f0
[  128.087989][ T7679]  alloc_vmap_area+0x959/0x29c0
[  128.088022][ T7679]  ? __pfx_alloc_vmap_area+0x10/0x10
[  128.088051][ T7679]  __get_vm_area_node+0x1ca/0x330
[  128.088079][ T7679]  __vmalloc_node_range_noprof+0x271/0x14b0
[  128.088105][ T7679]  ? ip_set_sockfn_get+0x18e/0xd30
[  128.088128][ T7679]  ? ip_set_sockfn_get+0x18e/0xd30
[  128.088148][ T7679]  ? find_held_lock+0x2b/0x80
[  128.088164][ T7679]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  128.088190][ T7679]  ? rcu_is_watching+0x12/0xc0
[  128.088206][ T7679]  ? aa_get_newest_label+0xd2/0x250
[  128.088227][ T7679]  ? ip_set_sockfn_get+0x18e/0xd30
[  128.088242][ T7679]  __vmalloc_node_noprof+0xad/0xf0
[  128.088266][ T7679]  ? ip_set_sockfn_get+0x18e/0xd30
[  128.088285][ T7679]  ip_set_sockfn_get+0x18e/0xd30
[  128.088302][ T7679]  ? __pfx_ip_set_sockfn_get+0x10/0x10
[  128.088320][ T7679]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  128.088345][ T7679]  nf_getsockopt+0x79/0xe0
[  128.088368][ T7679]  ip_getsockopt+0x18c/0x1e0
[  128.088383][ T7679]  ? __pfx_ip_getsockopt+0x10/0x10
[  128.088406][ T7679]  raw_getsockopt+0x4d/0x1f0
[  128.088422][ T7679]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  128.088444][ T7679]  do_sock_getsockopt+0x34a/0x440
[  128.088468][ T7679]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  128.088489][ T7679]  ? __fget_files+0x204/0x3c0
[  128.088518][ T7679]  __sys_getsockopt+0x123/0x1b0
[  128.088543][ T7679]  __ia32_sys_getsockopt+0xbc/0x160
[  128.088561][ T7679]  ? lockdep_hardirqs_on+0x7c/0x110
[  128.088585][ T7679]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  128.088606][ T7679]  __do_fast_syscall_32+0x7c/0x3a0
[  128.088628][ T7679]  do_fast_syscall_32+0x32/0x80
[  128.088648][ T7679]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  128.088669][ T7679] RIP: 0023:0xf70de579
[  128.088682][ T7679] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  128.088697][ T7679] RSP: 002b:00000000f54ce55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  128.088713][ T7679] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  128.088723][ T7679] RDX: 0000000000000053 RSI: 0000000080000000 RDI: 0000000080000040
[  128.088733][ T7679] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  128.088742][ T7679] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  128.088751][ T7679] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  128.088772][ T7679]  </TASK>
[  128.088842][ T7679] syz.0.406: vmalloc error: size 40, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  128.226828][ T7679] CPU: 2 UID: 0 PID: 7679 Comm: syz.0.406 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  128.226842][ T7679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  128.226848][ T7679] Call Trace:
[  128.226852][ T7679]  <TASK>
[  128.226857][ T7679]  dump_stack_lvl+0x16c/0x1f0
[  128.226874][ T7679]  warn_alloc+0x248/0x3a0
[  128.226891][ T7679]  ? __pfx_warn_alloc+0x10/0x10
[  128.226905][ T7679]  ? kfree+0x2b4/0x4d0
[  128.226919][ T7679]  ? __get_vm_area_node+0x208/0x330
[  128.226938][ T7679]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  128.226974][ T7679]  ? ip_set_sockfn_get+0x18e/0xd30
[  128.226989][ T7679]  ? find_held_lock+0x2b/0x80
[  128.227000][ T7679]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  128.227018][ T7679]  ? rcu_is_watching+0x12/0xc0
[  128.227030][ T7679]  ? aa_get_newest_label+0xd2/0x250
[  128.227044][ T7679]  ? ip_set_sockfn_get+0x18e/0xd30
[  128.227054][ T7679]  __vmalloc_node_noprof+0xad/0xf0
[  128.227072][ T7679]  ? ip_set_sockfn_get+0x18e/0xd30
[  128.227084][ T7679]  ip_set_sockfn_get+0x18e/0xd30
[  128.227095][ T7679]  ? __pfx_ip_set_sockfn_get+0x10/0x10
[  128.227108][ T7679]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  128.227130][ T7679]  nf_getsockopt+0x79/0xe0
[  128.227151][ T7679]  ip_getsockopt+0x18c/0x1e0
[  128.227165][ T7679]  ? __pfx_ip_getsockopt+0x10/0x10
[  128.227185][ T7679]  raw_getsockopt+0x4d/0x1f0
[  128.227197][ T7679]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  128.227213][ T7679]  do_sock_getsockopt+0x34a/0x440
[  128.227230][ T7679]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  128.227246][ T7679]  ? __fget_files+0x204/0x3c0
[  128.227265][ T7679]  __sys_getsockopt+0x123/0x1b0
[  128.227281][ T7679]  __ia32_sys_getsockopt+0xbc/0x160
[  128.227294][ T7679]  ? lockdep_hardirqs_on+0x7c/0x110
[  128.227307][ T7679]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  128.227321][ T7679]  __do_fast_syscall_32+0x7c/0x3a0
[  128.227337][ T7679]  do_fast_syscall_32+0x32/0x80
[  128.227351][ T7679]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  128.227365][ T7679] RIP: 0023:0xf70de579
[  128.227373][ T7679] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  128.227384][ T7679] RSP: 002b:00000000f54ce55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  128.227394][ T7679] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  128.227400][ T7679] RDX: 0000000000000053 RSI: 0000000080000000 RDI: 0000000080000040
[  128.227406][ T7679] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  128.227412][ T7679] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  128.227418][ T7679] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  128.227431][ T7679]  </TASK>
[  128.227448][ T7679] Mem-Info:
[  128.318950][ T7679] active_anon:5347 inactive_anon:231 isolated_anon:0
[  128.318950][ T7679]  active_file:14807 inactive_file:32456 isolated_file:0
[  128.318950][ T7679]  unevictable:1768 dirty:225 writeback:0
[  128.318950][ T7679]  slab_reclaimable:7188 slab_unreclaimable:52873
[  128.318950][ T7679]  mapped:23960 shmem:2330 pagetables:1240
[  128.318950][ T7679]  sec_pagetables:304 bounce:0
[  128.318950][ T7679]  kernel_misc_reclaimable:0
[  128.318950][ T7679]  free:40777 free_pcp:10209 free_cma:0
[  128.318982][ T7679] Node 0 active_anon:116kB inactive_anon:668kB active_file:132kB inactive_file:480kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:644kB dirty:4kB writeback:0kB shmem:3548kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8580kB pagetables:2532kB sec_pagetables:1128kB all_unreclaimable? no Balloon:0kB
[  128.319009][ T7679] Node 1 active_anon:21272kB inactive_anon:256kB active_file:59096kB inactive_file:129344kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95196kB dirty:896kB writeback:0kB shmem:5772kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4740kB pagetables:2428kB sec_pagetables:88kB all_unreclaimable? no Balloon:0kB
[  128.319036][ T7679] Node 0 DMA free:2100kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:684kB local_pcp:192kB free_cma:0kB
[  128.319089][ T7679] lowmem_reserve[]: 0 288 288 288 288
[  128.319153][ T7679] Node 0 DMA32 free:18744kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:4096KB free_highatomic:1072KB active_anon:288kB inactive_anon:488kB active_file:132kB inactive_file:708kB unevictable:3536kB writepending:4kB present:1032196kB managed:295164kB mlocked:0kB bounce:0kB free_pcp:4056kB local_pcp:1520kB free_cma:0kB
[  128.319208][ T7679] lowmem_reserve[]: 0 0 0 0 0
[  128.319271][ T7679] Node 1 DMA32 free:142264kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:2048KB free_highatomic:464KB active_anon:21272kB inactive_anon:256kB active_file:59096kB inactive_file:129344kB unevictable:3536kB writepending:896kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:36096kB local_pcp:17372kB free_cma:0kB
[  128.319326][ T7679] lowmem_reserve[]: 0 0 0 0 0
[  128.319360][ T7679] Node 0 DMA: 1*4kB (U) 16*8kB (UM) 17*16kB (U) 9*32kB (UM) 6*64kB (UM) 0*128kB 2*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2100kB
[  128.319462][ T7679] Node 0 DMA32: 253*4kB (UMH) 165*8kB (UMEH) 102*16kB (UMEH) 96*32kB (UMEH) 47*64kB (UMEH) 23*128kB (ME) 17*256kB (UM) 3*512kB (MH) 0*1024kB 0*2048kB 0*4096kB = 18876kB
[  128.319568][ T7679] Node 1 DMA32: 1737*4kB (UM) 84*8kB (UMEH) 188*16kB (UMEH) 343*32kB (UMEH) 199*64kB (UMEH) 159*128kB (UME) 34*256kB (UME) 44*512kB (M) 25*1024kB (UM) 9*2048kB (M) 3*4096kB (M) = 142244kB
[  128.319667][ T7679] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  128.319676][ T7679] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  128.319685][ T7679] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  128.319693][ T7679] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  128.319702][ T7679] 50473 total pagecache pages
[  128.319706][ T7679] 907 pages in swap cache
[  128.319709][ T7679] Free swap  = 117680kB
[  128.319713][ T7679] Total swap = 124996kB
[  128.319718][ T7679] 524155 pages RAM
[  128.319721][ T7679] 0 pages HighMem/MovableOnly
[  128.319725][ T7679] 209469 pages reserved
[  128.319729][ T7679] 0 pages cma reserved
[  128.534746][ T7702] tmpfs: Cannot disable swap on remount
[  128.541502][ T7702] fuseblk: Bad value for 'user_id'
[  128.544070][ T7702] fuseblk: Bad value for 'user_id'
[  128.566304][ T7699] netlink: 'syz.1.411': attribute type 16 has an invalid length.
[  128.568709][ T7699] netlink: 'syz.1.411': attribute type 17 has an invalid length.
[  128.583236][ T7699] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  128.604890][ T7701] netlink: 72 bytes leftover after parsing attributes in process `syz.2.410'.
[  128.605198][ T7708] netlink: 32 bytes leftover after parsing attributes in process `syz.3.414'.
[  128.609914][ T7699] loop2: detected capacity change from 0 to 7
[  128.614505][ T7699] Dev loop2: unable to read RDB block 7
[  128.616335][ T7699]  loop2: AHDI p1 p2 p3
[  128.617652][ T7699] loop2: partition table partially beyond EOD, truncated
[  128.619922][ T7699] loop2: p1 start 1601398130 is beyond EOD, truncated
[  128.622030][ T7699] loop2: p2 start 1702059890 is beyond EOD, truncated
[  128.622751][ T7708] netlink: 32 bytes leftover after parsing attributes in process `syz.3.414'.
[  128.757973][ T7708] netlink: 'syz.3.414': attribute type 10 has an invalid length.
[  128.895047][ T7720] netlink: 172 bytes leftover after parsing attributes in process `syz.0.417'.
[  129.396014][ T7734] netlink: 28 bytes leftover after parsing attributes in process `syz.3.421'.
[  129.484268][ T7738] comedi comedi3: c6xdigio: I/O port conflict (0x3c4,3)
[  129.486529][ T7738] ==================================================================
[  129.489062][ T7738] BUG: KASAN: slab-use-after-free in sysfs_remove_file_ns+0x63/0x70
[  129.491559][ T7738] Read of size 8 at addr ffff88805f535230 by task syz.2.420/7738
[  129.495726][ T7738] 
[  129.496880][ T7738] CPU: 3 UID: 0 PID: 7738 Comm: syz.2.420 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  129.496895][ T7738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.496903][ T7738] Call Trace:
[  129.496907][ T7738]  <TASK>
[  129.496912][ T7738]  dump_stack_lvl+0x116/0x1f0
[  129.496932][ T7738]  print_report+0xcd/0x630
[  129.496947][ T7738]  ? __virt_addr_valid+0x81/0x610
[  129.496960][ T7738]  ? __phys_addr+0xe8/0x180
[  129.496973][ T7738]  ? sysfs_remove_file_ns+0x63/0x70
[  129.496984][ T7738]  kasan_report+0xe0/0x110
[  129.496998][ T7738]  ? sysfs_remove_file_ns+0x63/0x70
[  129.497012][ T7738]  sysfs_remove_file_ns+0x63/0x70
[  129.497024][ T7738]  driver_remove_file+0x4a/0x60
[  129.497041][ T7738]  bus_remove_driver+0x224/0x2c0
[  129.497055][ T7738]  driver_unregister+0x76/0xb0
[  129.497070][ T7738]  comedi_device_detach_locked+0x12c/0xa50
[  129.497087][ T7738]  comedi_device_detach+0x67/0xb0
[  129.497100][ T7738]  comedi_device_attach+0x43d/0x900
[  129.497119][ T7738]  do_devconfig_ioctl+0x1b1/0x710
[  129.497142][ T7738]  ? __mutex_lock+0x1c4/0x10b0
[  129.497159][ T7738]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  129.497185][ T7738]  ? kasan_save_stack+0x42/0x60
[  129.497201][ T7738]  ? kasan_save_stack+0x33/0x60
[  129.497212][ T7738]  ? kasan_save_track+0x14/0x30
[  129.497224][ T7738]  ? kasan_save_free_info+0x3b/0x60
[  129.497239][ T7738]  ? __kasan_slab_free+0x60/0x70
[  129.497252][ T7738]  ? kfree+0x2b4/0x4d0
[  129.497261][ T7738]  ? tomoyo_path_number_perm+0x470/0x580
[  129.497275][ T7738]  comedi_unlocked_ioctl+0x165d/0x2f00
[  129.497289][ T7738]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  129.497305][ T7738]  ? kasan_quarantine_put+0x10a/0x240
[  129.497317][ T7738]  ? lockdep_hardirqs_on+0x7c/0x110
[  129.497330][ T7738]  ? find_held_lock+0x2b/0x80
[  129.497340][ T7738]  ? tomoyo_path_number_perm+0x295/0x580
[  129.497354][ T7738]  ? tomoyo_path_number_perm+0x18d/0x580
[  129.497367][ T7738]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  129.497381][ T7738]  comedi_compat_ioctl+0x1d0/0x990
[  129.497392][ T7738]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  129.497404][ T7738]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  129.497420][ T7738]  ? do_vfs_ioctl+0x128/0x14f0
[  129.497436][ T7738]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  129.497454][ T7738]  ? find_held_lock+0x2b/0x80
[  129.497464][ T7738]  ? hook_file_ioctl_common+0x145/0x410
[  129.497479][ T7738]  ? __fget_files+0x20e/0x3c0
[  129.497490][ T7738]  ? __ia32_compat_sys_openat+0xb0/0x210
[  129.497501][ T7738]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  129.497513][ T7738]  __ia32_compat_sys_ioctl+0x23f/0x370
[  129.497530][ T7738]  __do_fast_syscall_32+0x7c/0x3a0
[  129.497545][ T7738]  do_fast_syscall_32+0x32/0x80
[  129.497559][ T7738]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.497573][ T7738] RIP: 0023:0xf70fe579
[  129.497582][ T7738] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  129.497592][ T7738] RSP: 002b:00000000f54cd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  129.497602][ T7738] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000040946400
[  129.497609][ T7738] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  129.497615][ T7738] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  129.497621][ T7738] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  129.497627][ T7738] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  129.497636][ T7738]  </TASK>
[  129.497640][ T7738] 
[  129.607465][ T7738] Allocated by task 7156:
[  129.608841][ T7738]  kasan_save_stack+0x33/0x60
[  129.610361][ T7738]  kasan_save_track+0x14/0x30
[  129.611880][ T7738]  __kasan_kmalloc+0xaa/0xb0
[  129.613352][ T7738]  bus_add_driver+0x92/0x690
[  129.614863][ T7738]  driver_register+0x15c/0x4b0
[  129.616392][ T7738]  c6xdigio_attach+0xa3/0x4b0
[  129.617903][ T7738]  comedi_device_attach+0x3b0/0x900
[  129.619736][ T7738]  do_devconfig_ioctl+0x1b1/0x710
[  129.621431][ T7738]  comedi_unlocked_ioctl+0x165d/0x2f00
[  129.623163][ T7738]  comedi_compat_ioctl+0x1d0/0x990
[  129.624802][ T7738]  __ia32_compat_sys_ioctl+0x23f/0x370
[  129.626548][ T7738]  __do_fast_syscall_32+0x7c/0x3a0
[  129.628270][ T7738]  do_fast_syscall_32+0x32/0x80
[  129.629833][ T7738]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.631854][ T7738] 
[  129.632630][ T7738] Freed by task 7612:
[  129.633899][ T7738]  kasan_save_stack+0x33/0x60
[  129.635426][ T7738]  kasan_save_track+0x14/0x30
[  129.636931][ T7738]  kasan_save_free_info+0x3b/0x60
[  129.638555][ T7738]  __kasan_slab_free+0x60/0x70
[  129.640079][ T7738]  kfree+0x2b4/0x4d0
[  129.641320][ T7738]  kobject_put+0x1e7/0x5a0
[  129.642755][ T7738]  bus_remove_driver+0x16e/0x2c0
[  129.644444][ T7738]  driver_unregister+0x76/0xb0
[  129.645963][ T7738]  comedi_device_detach_locked+0x12c/0xa50
[  129.647826][ T7738]  comedi_device_detach+0x67/0xb0
[  129.649332][ T7738]  comedi_device_attach+0x43d/0x900
[  129.650969][ T7738]  do_devconfig_ioctl+0x1b1/0x710
[  129.652557][ T7738]  comedi_unlocked_ioctl+0x165d/0x2f00
[  129.654307][ T7738]  comedi_compat_ioctl+0x1d0/0x990
[  129.656053][ T7738]  __ia32_compat_sys_ioctl+0x23f/0x370
[  129.657825][ T7738]  __do_fast_syscall_32+0x7c/0x3a0
[  129.659467][ T7738]  do_fast_syscall_32+0x32/0x80
[  129.661032][ T7738]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.663042][ T7738] 
[  129.663813][ T7738] The buggy address belongs to the object at ffff88805f535200
[  129.663813][ T7738]  which belongs to the cache kmalloc-256 of size 256
[  129.668289][ T7738] The buggy address is located 48 bytes inside of
[  129.668289][ T7738]  freed 256-byte region [ffff88805f535200, ffff88805f535300)
[  129.672531][ T7738] 
[  129.673310][ T7738] The buggy address belongs to the physical page:
[  129.675380][ T7738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805f535200 pfn:0x5f534
[  129.678554][ T7738] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  129.681191][ T7738] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[  129.683906][ T7738] page_type: f5(slab)
[  129.685213][ T7738] raw: 04fff00000000240 ffff88801b842b40 ffffea0001386710 ffffea00013f8910
[  129.687938][ T7738] raw: ffff88805f535200 000000000010000d 00000000f5000000 0000000000000000
[  129.690659][ T7738] head: 04fff00000000240 ffff88801b842b40 ffffea0001386710 ffffea00013f8910
[  129.693363][ T7738] head: ffff88805f535200 000000000010000d 00000000f5000000 0000000000000000
[  129.695950][ T7738] head: 04fff00000000001 ffffea00017d4d01 00000000ffffffff 00000000ffffffff
[  129.698669][ T7738] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  129.701387][ T7738] page dumped because: kasan: bad access detected
[  129.703405][ T7738] page_owner tracks the page as allocated
[  129.705187][ T7738] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5971, tgid 5971 (syz-executor), ts 49216926087, free_ts 47806003256
[  129.711700][ T7738]  post_alloc_hook+0x1c0/0x230
[  129.713227][ T7738]  get_page_from_freelist+0x132b/0x38e0
[  129.715145][ T7738]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  129.717038][ T7738]  alloc_pages_mpol+0x1fb/0x550
[  129.718621][ T7738]  new_slab+0x247/0x330
[  129.719957][ T7738]  ___slab_alloc+0xcf2/0x1740
[  129.721449][ T7738]  __slab_alloc.constprop.0+0x56/0xb0
[  129.723152][ T7738]  __kmalloc_noprof+0x2f2/0x510
[  129.724745][ T7738]  fib_create_info+0x53f/0x46b0
[  129.726293][ T7738]  fib_table_insert+0x177/0x1c40
[  129.727887][ T7738]  fib_magic+0x4d4/0x5c0
[  129.729242][ T7738]  fib_add_ifaddr+0x3a1/0x580
[  129.730738][ T7738]  fib_netdev_event+0x38a/0x710
[  129.732301][ T7738]  notifier_call_chain+0xbc/0x410
[  129.733907][ T7738]  call_netdevice_notifiers_info+0xbe/0x140
[  129.735806][ T7738]  __dev_notify_flags+0x12c/0x2e0
[  129.737425][ T7738] page last free pid 5976 tgid 5976 stack trace:
[  129.739438][ T7738]  __free_frozen_pages+0x7d5/0x10f0
[  129.741093][ T7738]  qlist_free_all+0x4d/0x120
[  129.742576][ T7738]  kasan_quarantine_reduce+0x195/0x1e0
[  129.744324][ T7738]  __kasan_slab_alloc+0x69/0x90
[  129.745879][ T7738]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  129.747591][ T7738]  ref_tracker_alloc+0x18e/0x5b0
[  129.749145][ T7738]  netdev_queue_update_kobjects+0x2db/0x720
[  129.751017][ T7738]  netdev_register_kobject+0x2b3/0x3d0
[  129.752740][ T7738]  register_netdevice+0x13dc/0x2270
[  129.754400][ T7738]  xfrmi_newlink+0x22e/0x560
[  129.755898][ T7738]  rtnl_newlink+0xc45/0x2000
[  129.757399][ T7738]  rtnetlink_rcv_msg+0x95b/0xe90
[  129.758991][ T7738]  netlink_rcv_skb+0x158/0x420
[  129.760524][ T7738]  netlink_unicast+0x5a7/0x870
[  129.762016][ T7738]  netlink_sendmsg+0x8d1/0xdd0
[  129.763481][ T7738]  __sys_sendto+0x4a0/0x520
[  129.764926][ T7738] 
[  129.765698][ T7738] Memory state around the buggy address:
[  129.767483][ T7738]  ffff88805f535100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  129.770010][ T7738]  ffff88805f535180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  129.772525][ T7738] >ffff88805f535200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  129.772632][   T29] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  129.775049][ T7738]                                      ^
[  129.775059][ T7738]  ffff88805f535280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  129.775067][ T7738]  ffff88805f535300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  129.775073][ T7738] ==================================================================
[  129.797315][ T7738] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  129.799786][ T7738] CPU: 3 UID: 0 PID: 7738 Comm: syz.2.420 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  129.803617][ T7738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.806997][ T7738] Call Trace:
[  129.808092][ T7738]  <TASK>
[  129.809044][ T7738]  dump_stack_lvl+0x3d/0x1f0
[  129.810533][ T7738]  vpanic+0x6e8/0x7a0
[  129.811807][ T7738]  ? __pfx_vpanic+0x10/0x10
[  129.813277][ T7738]  ? sysfs_remove_file_ns+0x63/0x70
[  129.814952][ T7738]  panic+0xca/0xd0
[  129.816165][ T7738]  ? __pfx_panic+0x10/0x10
[  129.817603][ T7738]  ? sysfs_remove_file_ns+0x63/0x70
[  129.819253][ T7738]  ? preempt_schedule_common+0x44/0xc0
[  129.820976][ T7738]  ? preempt_schedule_thunk+0x16/0x30
[  129.822672][ T7738]  check_panic_on_warn+0xab/0xb0
[  129.824323][ T7738]  end_report+0x107/0x170
[  129.825688][ T7738]  kasan_report+0xee/0x110
[  129.827123][ T7738]  ? sysfs_remove_file_ns+0x63/0x70
[  129.828788][ T7738]  sysfs_remove_file_ns+0x63/0x70
[  129.830394][ T7738]  driver_remove_file+0x4a/0x60
[  129.831945][ T7738]  bus_remove_driver+0x224/0x2c0
[  129.833509][ T7738]  driver_unregister+0x76/0xb0
[  129.835084][ T7738]  comedi_device_detach_locked+0x12c/0xa50
[  129.836937][ T7738]  comedi_device_detach+0x67/0xb0
[  129.838553][ T7738]  comedi_device_attach+0x43d/0x900
[  129.840212][ T7738]  do_devconfig_ioctl+0x1b1/0x710
[  129.841820][ T7738]  ? __mutex_lock+0x1c4/0x10b0
[  129.843349][ T7738]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  129.845101][ T7738]  ? kasan_save_stack+0x42/0x60
[  129.846648][ T7738]  ? kasan_save_stack+0x33/0x60
[  129.848203][ T7738]  ? kasan_save_track+0x14/0x30
[  129.849746][ T7738]  ? kasan_save_free_info+0x3b/0x60
[  129.851400][ T7738]  ? __kasan_slab_free+0x60/0x70
[  129.852960][ T7738]  ? kfree+0x2b4/0x4d0
[  129.854260][ T7738]  ? tomoyo_path_number_perm+0x470/0x580
[  129.856046][ T7738]  comedi_unlocked_ioctl+0x165d/0x2f00
[  129.857795][ T7738]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  129.859764][ T7738]  ? kasan_quarantine_put+0x10a/0x240
[  129.861483][ T7738]  ? lockdep_hardirqs_on+0x7c/0x110
[  129.863151][ T7738]  ? find_held_lock+0x2b/0x80
[  129.864724][ T7738]  ? tomoyo_path_number_perm+0x295/0x580
[  129.866510][ T7738]  ? tomoyo_path_number_perm+0x18d/0x580
[  129.868301][ T7738]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  129.870189][ T7738]  comedi_compat_ioctl+0x1d0/0x990
[  129.871811][ T7738]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  129.873572][ T7738]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  129.875485][ T7738]  ? do_vfs_ioctl+0x128/0x14f0
[  129.877015][ T7738]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  129.878879][ T7738]  ? find_held_lock+0x2b/0x80
[  129.880397][ T7738]  ? hook_file_ioctl_common+0x145/0x410
[  129.882154][ T7738]  ? __fget_files+0x20e/0x3c0
[  129.883662][ T7738]  ? __ia32_compat_sys_openat+0xb0/0x210
[  129.885440][ T7738]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  129.887345][ T7738]  __ia32_compat_sys_ioctl+0x23f/0x370
[  129.889080][ T7738]  __do_fast_syscall_32+0x7c/0x3a0
[  129.890676][ T7738]  do_fast_syscall_32+0x32/0x80
[  129.892223][ T7738]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.894245][ T7738] RIP: 0023:0xf70fe579
[  129.895575][ T7738] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  129.901594][ T7738] RSP: 002b:00000000f54cd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  129.904233][ T7738] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000040946400
[  129.906717][ T7738] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  129.909208][ T7738] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  129.911675][ T7738] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  129.914074][ T7738] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  129.916514][ T7738]  </TASK>
[  129.918023][ T7738] Kernel Offset: disabled
[  129.919397][ T7738] Rebooting in 86400 seconds..

VM DIAGNOSIS:
18:35:58  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802b223f10 RCX=ffffffff81c2f44f RDX=0000000000000000
RSI=ffffffff8de4baa6 RDI=ffffffff8c162980 RBP=ffffffff8e207c30 RSP=ffffffff8e207b10
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff90ab6c97 R11=0000000000000000
R12=ffff88802b23a440 R13=ffff88804b3e0000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff818a28c0 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f713a224 CR3=000000004bad4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000069cc03 RBX=0000000000000001 RCX=ffffffff8b903bf9 RDX=0000000000000000
RSI=ffffffff8de4baa6 RDI=ffffffff8c162980 RBP=ffffed1003bdf488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000
R12=0000000000000001 R13=ffff88801defa440 R14=ffffffff90ab6c90 R15=0000000000000000
RIP=ffffffff8b90275f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008002d000 CR3=000000004bad4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000004 RBX=ffff88806b300000 RCX=0000000000000000 RDX=0000000000000000
RSI=0000000000000004 RDI=ffffffff8c1647c4 RBP=0000000000000005 RSP=ffffc9000219ec10
R8 =0000000000000007 R9 =0000000000000007 R10=0000000000000fa9 R11=ffff88806b300030
R12=0000000000000009 R13=ffff8880279b8057 R14=0000000000000004 R15=0000000000000007
RIP=ffffffff84e87356 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008001a000 CR3=00000000134b8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85613855 RDI=ffffffff9b0f6600 RBP=ffffffff9b0f65c0 RSP=ffffc90006cc7178
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000033373754
R12=0000000000000000 R13=000000000000005b R14=ffffffff9b0f65c0 R15=ffffffff856137f0
RIP=ffffffff8561387f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977c6000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73b73fc CR3=00000000134b8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000