last executing test programs:

7.18479298s ago: executing program 3 (id=1095):
r0 = socket(0x2c, 0x80003, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, &(0x7f0000000080)=0xe)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x32, 0xf4, 0x49, 0x10, 0x9c0, 0x201, 0xaa4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe5, 0xa5, 0xc8}}]}}]}}, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='comm\x00')
writev(r1, &(0x7f00000010c0)=[{&(0x7f0000000000)='X', 0x1}], 0x1)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e6d0d"], 0x70)
rmdir(&(0x7f00000000c0)='./file0\x00')
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xffffffd7}], 0x1, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/fib_trie\x00')
syz_io_uring_setup(0x0, 0x0, &(0x7f0000000000), 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000500)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x248, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87b], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa7c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
poll(&(0x7f0000000080)=[{r4}, {r4}], 0x2, 0x24b)
write$uinput_user_dev(r4, &(0x7f00000021c0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000], [], [0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, 0x45c)
read$FUSE(r3, &(0x7f00000103c0)={0x2020}, 0x2020)
socket$inet6(0xa, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000120000000800090000000000180001c05500020076657468305f746f5f626f6e64000000"], 0x34}}, 0x0)

7.18441148s ago: executing program 1 (id=1096):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
capset(&(0x7f0000000080), &(0x7f0000000040))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = openat$vmci(0xffffff9c, &(0x7f0000002980), 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r3, 0x7a9, 0x0)
writev(r2, &(0x7f0000000300), 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
listen(0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101100, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)

6.182396453s ago: executing program 1 (id=1098):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="18478200000000000000000000000000950000000f000000d5b39a5afff94ba7a3ca07694b6d0ae515cee68318f8c4cc6e1442cec767f14a33337894316f4b4a34e23e35e77780e01809288d7384552bd5123fe39678eba3"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r1}, 0x10)
ioctl$FS_IOC_GETFSLABEL(r0, 0x800452d3, &(0x7f0000000100))

5.996621873s ago: executing program 1 (id=1099):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002700)=@delchain={0x71c, 0x65, 0x0, 0x0, 0xffffffff, {}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x6e8, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_HASH={0x8}, @TCA_U32_ACT={0x6b4, 0x7, [@m_bpf={0x26c, 0x0, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0x24, 0x4, [{0x9, 0x6, 0x8, 0xc8}, {0xb6, 0x9, 0xe9}, {0x6, 0x28, 0x89, 0x91}, {0x7, 0xa9, 0x80, 0x5}]}, @TCA_ACT_BPF_OPS={0x2c, 0x4, [{}, {}, {0x0, 0x0, 0x0, 0x80}, {}, {}]}]}, {0x1f1, 0x6, "c33d2cebd2d1f780fc3128c35b62bdd847e8e9c10c63b29df579eb1160bc139ac207c3c71cad242a8a0c73d242717cd8f79070d6ed92a021a714365fe79b8a0582a0134dcfa14e6b3e1a09b46acc7606a714ed6faab28425629946b885552249ba016b141b3761b448f920fa61de521311ad7d4749b8c0c7f50b75f40e9e0b2c81bd5fedf41c59f80ef6728793eef9f9190a702d1dde1bba03219d721a209c02644acc0159e0a1ad37233176ae8274359134668f335ab35f491215241982c2f429574efea2f330512e0d471dc179e38266b684d100e1948b25c734c41511f5acd9ba481b8ffd8761ebc6a249121287e0c57d12997d041472009cec94c6d4f58c76fe1dc992adfe7511e6ee93c6a9aad407eb6dc543bd2daeeea5d82b999baffab898f56f2df69738a0384156b16c3e7e9f2a7fd233fee9acd1724b5e4a7e7bba09099e1e9990b63c0755ff98a7b2b202e7be69f72d0aebaef88adecbb90f653761375fe88b41d987cc8a1d832dc0ac5e6d9acdec014396f597388a586d80145a66723314a44c02fd9792826ce2c8f62fb559b748816e813b96dfdf364357f552582bcf10c79e287f1c35c20edf88879a04ae7104a5d53138514b8445b8047a9fe1f9c36ffdbd861994d388f32c481725bdd1fa31cac01af674bac833fcc53173cdec944e47278216d58b53ad01"}, {0xc}, {0xc}}}, @m_connmark={0x170, 0x15, 0x0, 0x0, {{0xd}, {0x11c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x3, 0x2}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x6, 0x1}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x7f}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0x0, 0x6}}}]}, {0x25, 0x6, "796e0b8c442ee89009b9fac47a1b0fb6e42e6a4bc704b73e3bb428903537c450e7"}, {0xc}, {0xc}}}, @m_sample={0x140, 0x0, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_TRUNC_SIZE={0x8}]}, {0xb1, 0x6, "3b1219282bc39f6a067df6680216b692eba4c8892bcc60390a076291930e19186e4496590bb325c33dcf5937f3dc6468da095ee23268f5cb8bb6c08625af96268a269404cad823059ea9fcec967a3af384cc097613250b5d0736fbcb5fcc2036e2650b937e8079e6fdcb0c472fa4980d1662bdcb5e5f0db9ade17d245fb0d3b9aa251842882692f10c3ee1a1f47beb048394b950c99d8cb5fef4ec946bf5d6e3253d24954c0b7b92146a63b2e1"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_skbedit={0xac, 0x0, 0x0, 0x0, {{0xc}, {0xc, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6}]}, {0x76, 0x6, "da612513f355bc43aaf13c37280745e1c287078ee7b5e0b35defa12fafacc112d260326e28c9f54f1c3a1f0169bf8ce294a31b77bf62fcb6652450e22c4de6fb5429b8d444fbedcfe0a696935e651a3e065ad1a2bd58b783e09be22f2d0f479c7ae66c3bdf9758dd2acab808e26dfd28378c"}, {0xc}, {0xc}}}, @m_skbmod={0xe8, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x9}]}, {0xb3, 0x6, "677228c2aecc0967ae5bbe1742b93c3f74d02fed1273d5b44849fdaef884b85a670366b07381ab1c456d945cc5f8521f9afdcf500324b875e09cbb75348e976ed47197ae5c2c176da2361b0258863d8e6bd5ac74f81f985d52be3ae839efe9fed26b181adde53094fca75b7bbf277302b376b23f3dcca6a2d681a13ce20d64b24260558c9c34d1b4b4edf777ef2d114ee93d036ee5592680ff521bb32c873e3b657092e12d434d0fc751c8bdb9075a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x71c}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@xino_auto}]})
chdir(&(0x7f0000000140)='./bus\x00')
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r3 = open(&(0x7f0000000080)='./file1\x00', 0x12b842, 0x0)
sendfile(r3, r2, 0x0, 0x80000000)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x54}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r4 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
recvmmsg(r4, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)
bind$bt_hci(r2, &(0x7f0000000340)={0x1f, 0x0, 0x4}, 0x6)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x10000, &(0x7f0000000880)=ANY=[@ANYBLOB="7472616e733d76697274696f2c6e6f657874656e642c616363657373d267cee5847d84d37d143d636c69656e742c616e616d653d2e2c666f776e65723d", @ANYRESDEC=0xee00, @ANYBLOB=',dont_appraise,fsuuid=08ed7e\v4-4haf-f8db-a6c0-e36f3d7c,dont_measure,fowner=', @ANYRESDEC, @ANYBLOB=',smackfsroot=\'^,\x00'])
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x14c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

5.739794911s ago: executing program 2 (id=1100):
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x11, 0xa, 0x0)
socket$inet(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
getpid()
r0 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = memfd_create(&(0x7f0000000300)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2A7:n\x8c\xa7P\x1a\x87\xd9c\xecR\xd6\xe8\xf3Y\x12\"p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x19M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xff\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\bB\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fl\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \x90\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2o\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xff\x0f\x00\x00\x00\x00\x00\x00Li\r\x95Z\x89\"_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa5\xed\x05\x12\x0f\x0eu\xe5 \xfe\xcdMX\xb5X\x838\xf5\x18x\xc9\xb9\x03\t\x06\x96g\x8a5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0\x1f\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b)\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca\x00\x00\x00\x00\x00\x03\xfcWZ!<\x16a5ZL.\xe6\x15]\xebY\xaa\xbea\x8e\xdc\xc52r\"\xea\x9e\x03\x11&\xc3JU\xa7\xd6\x8a\xf8\xae>S\xde', 0x0)
write(r3, &(0x7f0000000140)='/', 0x1)
sendfile(r3, r3, &(0x7f0000001000), 0xfec)
dup(r2)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',', @ANYRESDEC])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

5.27040134s ago: executing program 2 (id=1102):
syz_usb_connect(0x0, 0x52, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$MRT_DEL_MFC(0xffffffffffffffff, 0x0, 0xcd, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = open(0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0x5460, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00'})
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r2 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x17, 0x0, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = dup3(r1, r3, 0x0)
eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, &(0x7f0000000080), 0x1)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000200)={{0x1, 0x1, 0x18}, './file0\x00'})
recvmmsg(r4, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0xf00, 0x0, 0x0) (fail_nth: 9)

5.161552692s ago: executing program 3 (id=1103):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
capset(&(0x7f0000000080), &(0x7f0000000040))
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{0x0}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = openat$vmci(0xffffff9c, &(0x7f0000002980), 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r3, 0x7a9, 0x0)
writev(r2, &(0x7f0000000300), 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
listen(0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101100, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
r6 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
read$proc_mixer(r6, &(0x7f0000000200)=""/182, 0xb6)
write$binfmt_script(r6, &(0x7f0000000080), 0x102f)
dup3(r5, r6, 0x0)
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r8 = socket$inet(0xa, 0x801, 0x84)
connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @private}, 0x10)
listen(r8, 0x8)
r9 = accept4(r8, 0x0, 0x0, 0x0)
sendmsg(r9, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)="02", 0x1}], 0x1}, 0x0)

5.100252609s ago: executing program 1 (id=1104):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000003f00)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000014000103000000004000000004000000"], 0x14}], 0x1}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
pipe2(&(0x7f0000000040), 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$inet_udplite(0x2, 0x2, 0x88)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x1e, 0x305, 0x0, 0x0, {}, [@typed={0x8, 0x0, 0x0, 0x0, @pid}, @typed={0x8, 0x9, 0x0, 0x0, @fd=r3}]}, 0x24}}, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x0, 0x8, 0x8}, 0x48)

4.867469764s ago: executing program 3 (id=1107):
r0 = socket$inet_sctp(0x2, 0x400000000001, 0x84)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
r3 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000000140)=<r4=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)
syz_io_uring_setup(0x7159, &(0x7f00000003c0), &(0x7f0000000280)=<r5=>0x0, &(0x7f0000000180))
sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f00000002c0)=""/96)
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYRES8=0x0], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r8}, 0x10)
r9 = ioctl$KVM_CREATE_VM(r7, 0x8933, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000040)={0x4})
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x441, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x1)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
epoll_create1(0x0)
dup(r10)
socket$xdp(0x2c, 0x3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x2800008, &(0x7f00000002c0)=ANY=[])

4.670494304s ago: executing program 3 (id=1108):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{r1}, &(0x7f0000000680), &(0x7f0000000bc0)='%pB    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x15, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000001740)={r3, 0x0, 0x0}, 0x20)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$user(&(0x7f0000000480), &(0x7f0000000280)={'syz', 0x0}, &(0x7f0000000a00)="c218b8fb4f2711662cda1925942565487e7d348d3cb55586a0b8af4c8b0e15dd9b6a54e2b1949a11fd43529b6d7178ad1bca2c14db39ff5a5cc5653035257088bc479654863b4172cad06d296711c31da28fd6ee8733d014bdff64c5adb64d1df761b14bf856875d2ccbe1d4559c3a7600ffffff237a5aa929be91720ce0468e265d13f9ce80c2d474cff4fabd20cfa00fdc867ccd24521a769b61fd609b55a3672c221fc7ad9d29bb5a826e9e7fc46139e19b", 0xb3, r4)
add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000001c0)='X', 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f00000008c0)={<r5=>0x0, 0xfa, "9404b3e8ebad9b25c060a2fa2892fabcc8ec170e506048a9ff466f5e06c6f62ec75ddc9e97a1af938c40bb6a16205906def6c3efb038c8831f7ac0d1360f33a0a3f8d0e10ee8050bfb69be728c19d26ec878d340b02f842327d5e92b27ae8d2532603908780fb8d8cb39f71404f97516d2c25bb9eb9e888dbc567ad841a5bea8e3f1176eb41fa04b3ae440645512d6ea18bcafe6ef1e713c995d58d678c61e3353e616995a247643640c8e75395945680575eb53f6701699d56bfffe04cbdcd5c841802b0681276534e611e4932d451bb1dd9bb15732c3dc7f5b9bfc15af8bfbbb36a8f315711df800f0bba0c8df8f9c71cb50836411f38b8d11"}, &(0x7f0000000340)=0x102)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000003c0)={r5, 0x9, 0x20, 0x2, 0x80000000}, &(0x7f0000000400)=0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = eventfd(0x3)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000340)={r7})

4.593472078s ago: executing program 2 (id=1109):
openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = userfaultfd(0x80800)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x900)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r3, &(0x7f0000005b80)=[{{&(0x7f00000030c0)={0xa, 0x4e23, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000003700)=[@hopopts={{0x14}}, @hopopts={{0x14}}], 0x28}}], 0x1, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x3000002, 0x11, r2, 0x0)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000000)={&(0x7f00001c4000/0x3000)=nil, &(0x7f0000000000/0xc00000)=nil, 0x3000, 0x0, 0x2})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r6 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROMREADAUDIO(r6, 0x530e, &(0x7f0000000180)={@msf, 0x1, 0x3d, &(0x7f0000000140)=""/61})
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r5, 0x8048ae66, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
sync()

4.410307321s ago: executing program 1 (id=1111):
r0 = socket(0x2c, 0x80003, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, &(0x7f0000000080)=0xe)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x32, 0xf4, 0x49, 0x10, 0x9c0, 0x201, 0xaa4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe5, 0xa5, 0xc8}}]}}]}}, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='comm\x00')
writev(r1, &(0x7f00000010c0)=[{&(0x7f0000000000)='X', 0x1}], 0x1)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e6d0d02"], 0x70)
rmdir(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xffffffd7}], 0x1, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/fib_trie\x00')
syz_io_uring_setup(0x0, 0x0, &(0x7f0000000000), 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000500)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x248, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87b], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa7c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
poll(&(0x7f0000000080)=[{r4}, {r4}], 0x2, 0x24b)
write$uinput_user_dev(r4, &(0x7f00000021c0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000], [], [0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, 0x45c)
read$FUSE(r3, &(0x7f00000103c0)={0x2020}, 0x2020)
socket$inet6(0xa, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000120000000800090000000000180001c05500020076657468305f746f5f626f6e64000000"], 0x34}}, 0x0)

4.09888352s ago: executing program 3 (id=1112):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002700)=@delchain={0x71c, 0x65, 0x0, 0x0, 0xffffffff, {}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x6e8, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_HASH={0x8}, @TCA_U32_ACT={0x6b4, 0x7, [@m_bpf={0x26c, 0x0, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0x24, 0x4, [{0x9, 0x6, 0x8, 0xc8}, {0xb6, 0x9, 0xe9}, {0x6, 0x28, 0x89, 0x91}, {0x7, 0xa9, 0x80, 0x5}]}, @TCA_ACT_BPF_OPS={0x2c, 0x4, [{}, {}, {0x0, 0x0, 0x0, 0x80}, {}, {}]}]}, {0x1f1, 0x6, "c33d2cebd2d1f780fc3128c35b62bdd847e8e9c10c63b29df579eb1160bc139ac207c3c71cad242a8a0c73d242717cd8f79070d6ed92a021a714365fe79b8a0582a0134dcfa14e6b3e1a09b46acc7606a714ed6faab28425629946b885552249ba016b141b3761b448f920fa61de521311ad7d4749b8c0c7f50b75f40e9e0b2c81bd5fedf41c59f80ef6728793eef9f9190a702d1dde1bba03219d721a209c02644acc0159e0a1ad37233176ae8274359134668f335ab35f491215241982c2f429574efea2f330512e0d471dc179e38266b684d100e1948b25c734c41511f5acd9ba481b8ffd8761ebc6a249121287e0c57d12997d041472009cec94c6d4f58c76fe1dc992adfe7511e6ee93c6a9aad407eb6dc543bd2daeeea5d82b999baffab898f56f2df69738a0384156b16c3e7e9f2a7fd233fee9acd1724b5e4a7e7bba09099e1e9990b63c0755ff98a7b2b202e7be69f72d0aebaef88adecbb90f653761375fe88b41d987cc8a1d832dc0ac5e6d9acdec014396f597388a586d80145a66723314a44c02fd9792826ce2c8f62fb559b748816e813b96dfdf364357f552582bcf10c79e287f1c35c20edf88879a04ae7104a5d53138514b8445b8047a9fe1f9c36ffdbd861994d388f32c481725bdd1fa31cac01af674bac833fcc53173cdec944e47278216d58b53ad01"}, {0xc}, {0xc}}}, @m_connmark={0x170, 0x15, 0x0, 0x0, {{0xd}, {0x11c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x3, 0x2}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x6, 0x1}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x7f}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0x0, 0x6}}}]}, {0x25, 0x6, "796e0b8c442ee89009b9fac47a1b0fb6e42e6a4bc704b73e3bb428903537c450e7"}, {0xc}, {0xc}}}, @m_sample={0x140, 0x0, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_TRUNC_SIZE={0x8}]}, {0xb1, 0x6, "3b1219282bc39f6a067df6680216b692eba4c8892bcc60390a076291930e19186e4496590bb325c33dcf5937f3dc6468da095ee23268f5cb8bb6c08625af96268a269404cad823059ea9fcec967a3af384cc097613250b5d0736fbcb5fcc2036e2650b937e8079e6fdcb0c472fa4980d1662bdcb5e5f0db9ade17d245fb0d3b9aa251842882692f10c3ee1a1f47beb048394b950c99d8cb5fef4ec946bf5d6e3253d24954c0b7b92146a63b2e1"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_skbedit={0xac, 0x0, 0x0, 0x0, {{0xc}, {0xc, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6}]}, {0x76, 0x6, "da612513f355bc43aaf13c37280745e1c287078ee7b5e0b35defa12fafacc112d260326e28c9f54f1c3a1f0169bf8ce294a31b77bf62fcb6652450e22c4de6fb5429b8d444fbedcfe0a696935e651a3e065ad1a2bd58b783e09be22f2d0f479c7ae66c3bdf9758dd2acab808e26dfd28378c"}, {0xc}, {0xc}}}, @m_skbmod={0xe8, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x9}]}, {0xb3, 0x6, "677228c2aecc0967ae5bbe1742b93c3f74d02fed1273d5b44849fdaef884b85a670366b07381ab1c456d945cc5f8521f9afdcf500324b875e09cbb75348e976ed47197ae5c2c176da2361b0258863d8e6bd5ac74f81f985d52be3ae839efe9fed26b181adde53094fca75b7bbf277302b376b23f3dcca6a2d681a13ce20d64b24260558c9c34d1b4b4edf777ef2d114ee93d036ee5592680ff521bb32c873e3b657092e12d434d0fc751c8bdb9075a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x71c}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@xino_auto}]})
chdir(&(0x7f0000000140)='./bus\x00')
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r3 = open(&(0x7f0000000080)='./file1\x00', 0x12b842, 0x0)
sendfile(r3, r2, 0x0, 0x80000000)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x54}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r4 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
recvmmsg(r4, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)
bind$bt_hci(r2, &(0x7f0000000340)={0x1f, 0x0, 0x4}, 0x6)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x10000, &(0x7f0000000880)=ANY=[@ANYBLOB="7472616e733d76697274696f2c6e6f657874656e642c616363657373d267cee5847d84d37d143d636c69656e742c616e616d653d2e2c666f776e65723d", @ANYRESDEC=0xee00, @ANYBLOB=',dont_appraise,fsuuid=08ed7e\v4-4haf-f8db-a6c0-e36f3d7c,dont_measure,fowner=', @ANYRESDEC, @ANYBLOB=',smackfsroot=\'^,\x00'])
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x14c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

4.097736163s ago: executing program 1 (id=1114):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=@framed={{}, [@printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0x73}}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x0, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @match={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x4}, @NFTA_MATCH_NAME={0xa, 0x1, 'quota\x00'}]}}}]}], {0x14, 0x10}}, 0xb0}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r8, @ANYBLOB="2e003300d0000000ffffffffffff08021100000050505050505000000004"], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(r5, &(0x7f0000000700)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000500)={&(0x7f0000000740)=ANY=[@ANYBLOB="65d8f5dc7448d308cfae26a429e3d63dd98faf22c71a587e9dec9e1b004372268116eac0262df146d0c31f55b5c808729ef9ee7167c4455f90bd0a147a0adf50ce425e2ce8e22958197067aa28cf1590e951bac0f29432c40560386de21be92517b09287df90c5fd124fc9c56f1c17380b10c431fe3c1cca663a330a74fe3d6764e52e9af8a35717dd8970ddf34dd6f7363ef205c8d82661", @ANYRES16=r7, @ANYBLOB="200025bd7000fcdbdf25680000002000c700f80405030904000509050505080007040701000544d8bf5cc231a9342800c70001030405800000070004080640021f00000280059001090400060301efec87f08b2289e02600c7007f0709077f042003000309070203010500027f040001800620076e79ab9dc380f97b00000e00c7000405944b95be9b7d8daa00001e00c7004002ff050303000540038006050109040301f132269947bfdd1c00000e00c7000101c5a2c83262d1bbc400003400c700e6077f05000709020302ff004005e706040007063f0701040007060505020604040701011f06080697306173b812f62f1600c70009037f0209006f000706e1d7a6b42cad97920000"], 0x110}, 0x1, 0x0, 0x0, 0x20000000}, 0x21)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
socket$packet(0x11, 0x0, 0x300)
r10 = socket$kcm(0x10, 0x2, 0x0)
geteuid()
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
sendmsg$inet(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000100)="5c00000014006b05c84e21000af32c6e021e75f802000000400002007a17d30360bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d4938037e786a6d0bdd7004cb6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000900)={&(0x7f0000000180), 0xc, &(0x7f00000006c0)={&(0x7f0000000940)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000126bd7000fddbdf2502000000050059000900000008006200ce000000080040040300000005005900070059000100000008000a098006000008006a000100000008006900ff7f00000400d100089f6a0004000000a5aed5102322b6af226686d2d2559583962911fa072716b7f640809b43701f60df454126a66b6fc67ed202081d3955c120c22316a86315df7377f60c21b8576f33e78af72194da8cf640ad97b37e011eb402742b51f0a8d4fde8d99e02f7b208d4b21d1f2a2bc0d784ac3afc1483c364938a87e507110df2ed83457334c4e8bb011b1ceb05"], 0x60}, 0x1, 0x0, 0x0, 0x20040001}, 0x1)
writev(r11, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001000090468fe0700000000000000ff3f02000000480100100000000019002b000a0001000500000000000072000000000000000000", 0x39}], 0x1)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000400000000000000", @ANYRES32=r9, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000a40)=@newqdisc={0x674, 0x24, 0xf0b, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r9, {0xfff1}, {0xa, 0xfff2}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x1c, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x9}, @TCA_CODEL_INTERVAL={0x8, 0x3, 0x1}, @TCA_CODEL_TARGET={0x8, 0x1, 0x4}]}}, @TCA_STAB={0x84, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x9, 0x4, 0x8000, 0x3, 0x40, 0x6, 0x3}}, {0xa, 0x2, [0xb8c, 0xf000, 0x8]}}, {{0x1c, 0x1, {0x7, 0x6, 0x40, 0x40, 0x2, 0x400, 0x800, 0x3}}, {0xa, 0x2, [0x81, 0x2, 0x10]}}, {{0x1c, 0x1, {0x30, 0x5, 0x8, 0x1, 0x0, 0x72c5, 0x4, 0x8}}, {0x14, 0x2, [0xc, 0x8, 0x6, 0x9, 0x3, 0x8, 0xbad, 0x451b]}}]}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6}, @qdisc_kind_options=@q_choke={{0xa}, {0x428, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x4, 0x5, 0x9, 0x16, 0x17, 0x14, 0x6}}, @TCA_CHOKE_STAB={0x104, 0x2, "4d639c4f082679ebe489eb6e89ceb50092d17a99ca3133af1c010188f1adba97f8145366939e66ddf5b83ed65c0950674b6a2443472a1f24965977e7a5741bbc26f25311f5852116565c55f8dc6dceda225db4aaf4828a911b6100d88650970890404f5a6eba5ca6afdce0c7e19c4bd817de53419b6d91ec22e22d2dd5390a18f010d52641d2344ac65d38560fd272e365f20c33310e9f2652b34609a677fcbf440142ae93212b2b3d86d61a2691e1ed62d9420b542aeb21f2afd28cc9cd733d8af4239d493a7c849d0297722131c9ad0d76552d8cf13b3a11edf0d878fd35c993df598faba648ba869efd615007730d9898d88c5f6bb936a9634bac7ec78270"}, @TCA_CHOKE_STAB={0x104, 0x2, "989f37e04191c90eb7cd2a5da6206c0f772ca9fb1649919bf5bb6e49500e83e374e6d28bd2a9938a741ba3091cf60f225b8a782a85e7f85467a3accaebe9990a1d79f46c6b44edb96c01893630b890feeef76e7abe1ff6730e421a58f47094d31a9d42fca4ad82f105b6f251533526899a7517acdd7fbe4268c28fcf6c1c3b01023c2072e1e5f30ae9e8c32df374481d73b2712f5f97af519d19b36142dd321c0840127acf735e42982bd55d7ad70d032aa408ecba0f98beec8be68f9459e6f8ba7a54e2139f3257df0b5b1c2ed8a6359246d5b1491a515cea4824e2af06d21597805e3be80d051271b240a6acbc89750ca28601737e87893e0371b24d9cf0cf"}, @TCA_CHOKE_STAB={0x104, 0x2, "7a1d48bcb40cda15bf00ed61c408ce5914076d0a3e39225b3213fad976b2f976a00fd4195c3f206364961ffa698909752fe8239dc5212c5e9c9bf326bac6e1b5121c375a8aa43cfc740f1dfcd31149021b06cf9dd83e56317ce377e2dc048cd5f606e0bcb32325a343f01b9fcaee516719e91a0a58e5f19c037e53b4ed09e6d0268dd3e7d217973c5f985cb308175501af31db3cd42279965f74cf07690ccd658974fbce5d55c467c4386941eb01200a66d2d97a2fcb3534b3b20685cfce565b71d6cade282b02ebd21a9ca881b84ca94a47efe1825e000df0fcef7f2cc01b8c35c1dd545814bda5f9674bc767e2600ac55672f5ef39cde7b5b39278a1270560"}, @TCA_CHOKE_STAB={0x104, 0x2, "8712c26b1e555c84074705116b59fd47569a5d0284d3e53a9806217dc337cb2b5d954400ebb2efb02e4034ef2da907e5681eeb351c5bb9917c82c781fc2a258ce69545ff3ed2398e6326d1153a8909dc8b951347fd3e65db58b9e8302c44f9aa65a9a98c73f9269527cab2742a0cc1a609172ac3a6717482dcdc348d23264ff414f88ef77d3ad5013a38c93a9dd2bcb0a25ad88dc81e4d040f6db0bb126c8db3778456e34ac689024174cb8e54c2cde99881617a66e59983110f1dc52bce65f2bfce29cab2624f8d98c333659a4b446703ed0e3b0e8a67ab5793330b1dd4f6a61e81a36d1fdfc3706d2a4e743f973546daae3a7ac596da40a3a3f12bd070c747"}]}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}, @qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0x4, 0x3}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x6}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}, @qdisc_kind_options=@q_taprio={{0xb}, {0x120, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4c, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x4}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xfffffffb}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x80000001}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x3}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0xff}]}, {0x4}, {0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x45}]}, {0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x5}]}]}, @TCA_TAPRIO_ATTR_SCHED_BASE_TIME={0xc, 0x3, 0x2}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0xc4, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x7}]}, {0x24, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x22}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x3ff}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x2}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8}]}, {0x2c, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x6}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x7}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0xf}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0xff}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x5}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0xd2}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x55}]}, {0x2c, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0xff}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x2}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0xc5}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x3}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x9}]}, {0x24, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x3}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x1}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x6}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x7}]}]}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x674}}, 0x4055)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000012c0)=@newqdisc={0x3c, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8}, {0x10, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xff4cf0c167917a4d}]}}]}, 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=@delqdisc={0x4c, 0x25, 0x800, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0xe, 0x10}, {0x0, 0xffff}, {0x10, 0x7}}, [@TCA_RATE={0x6, 0x5, {0x2}}, @TCA_RATE={0x6, 0x5, {0x9, 0x5}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x1}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x7ff}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xffffff61}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8040}, 0x1)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000003540)=ANY=[@ANYBLOB="4400000010000304fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964001400028006000900000000000600140000000000000000"], 0x44}, 0x1, 0xba01}, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'syz_tun\x00'})

3.503663652s ago: executing program 0 (id=1117):
r0 = socket(0x1, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={r2, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x90}, 0x9c)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000040)=@sack_info={r2, 0x0, 0x4}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x98}, [@ldst={0x4}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd0c, 0x10, &(0x7f0000000000), 0x76}, 0x48)

3.503363897s ago: executing program 0 (id=1118):
r0 = socket$inet6(0xa, 0x6, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
listen(r0, 0x0)

3.209800038s ago: executing program 3 (id=1119):
r0 = openat$tcp_congestion(0xffffff9c, &(0x7f0000002940), 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000040)={'filter\x00', 0x7, 0x4, 0x3f8, 0x210, 0x100, 0x100, 0x310, 0x310, 0x310, 0x4, 0x0, {[{{@arp={@dev, @multicast1, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_hsr\x00', 'syz_tun\x00', {}, {}, 0x2}, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "e22a239a6bb651a9837df08bc7f880efe7126f5d56b33dd54f5db150ee26"}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @mac=@broadcast, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, {{@arp={@local, @local, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'batadv_slave_1\x00', 'erspan0\x00'}, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "9695d92849c79fac2d070731112f73924a493f1567e5d8b4cd2c5f35f67b"}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x448)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x8, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="7800000039000900000000000000000001000000040000000c000180cafc00000547000008000200000009004c0007"], 0x78}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x4008040)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
gettid()
r4 = socket(0xa, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r4, 0x89fb, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000040)={@dev, @loopback}})
syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1)
r5 = socket$kcm(0xa, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00005f3000/0x4000)=nil, 0x4000, 0x17)
sendmsg$inet(r5, &(0x7f00000001c0)={&(0x7f0000000300)={0x2, 0x4e1f, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000982b00000089090463abff157f1100000018000000e70d5a5708000000"], 0x50, 0x5}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r6, 0x0)
recvmmsg(r6, &(0x7f00000055c0), 0x400023c, 0x302, 0x0)
write$tcp_congestion(r0, &(0x7f0000002980)='nv\x00', 0x3)

2.701152033s ago: executing program 2 (id=1120):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{r1}, &(0x7f0000000680), &(0x7f0000000bc0)='%pB    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x15, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000001740)={r3, 0x0, 0x0}, 0x20)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$user(&(0x7f0000000480), &(0x7f0000000280)={'syz', 0x0}, &(0x7f0000000a00)="c218b8fb4f2711662cda1925942565487e7d348d3cb55586a0b8af4c8b0e15dd9b6a54e2b1949a11fd43529b6d7178ad1bca2c14db39ff5a5cc5653035257088bc479654863b4172cad06d296711c31da28fd6ee8733d014bdff64c5adb64d1df761b14bf856875d2ccbe1d4559c3a7600ffffff237a5aa929be91720ce0468e265d13f9ce80c2d474cff4fabd20cfa00fdc867ccd24521a769b61fd609b55a3672c221fc7ad9d29bb5a826e9e7fc46139e19b", 0xb3, r4)
add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000001c0)='X', 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f00000008c0)={<r5=>0x0, 0xfa, "9404b3e8ebad9b25c060a2fa2892fabcc8ec170e506048a9ff466f5e06c6f62ec75ddc9e97a1af938c40bb6a16205906def6c3efb038c8831f7ac0d1360f33a0a3f8d0e10ee8050bfb69be728c19d26ec878d340b02f842327d5e92b27ae8d2532603908780fb8d8cb39f71404f97516d2c25bb9eb9e888dbc567ad841a5bea8e3f1176eb41fa04b3ae440645512d6ea18bcafe6ef1e713c995d58d678c61e3353e616995a247643640c8e75395945680575eb53f6701699d56bfffe04cbdcd5c841802b0681276534e611e4932d451bb1dd9bb15732c3dc7f5b9bfc15af8bfbbb36a8f315711df800f0bba0c8df8f9c71cb50836411f38b8d11"}, &(0x7f0000000340)=0x102)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000003c0)={r5, 0x9, 0x20, 0x2, 0x80000000}, &(0x7f0000000400)=0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = eventfd(0x3)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000340)={r8})

2.579968854s ago: executing program 0 (id=1121):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000002080))
syz_emit_ethernet(0x3e, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffff8c000000000000942fd45c93105c0c57adea8329080045000030000000000067907800000500ffff23f7ffffffffffff022825000000000200"/75], 0x0)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00'})
r2 = openat(0xffffffffffffffff, &(0x7f0000000240)='./file1/file0\x00', 0x40, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f0000000140))
r3 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r4, 0x10e, 0xc, &(0x7f0000000040)=0x8, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x1c, 0x52, 0x1, 0x0, 0x0, {0x2, 0x3}, [@typed={0x8, 0x8, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000001c0)='kfree\x00'}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r5, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x1, {[@global]}}, 0x0}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)

1.970271322s ago: executing program 2 (id=1122):
r0 = socket(0x2c, 0x80003, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, &(0x7f0000000080)=0xe)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x32, 0xf4, 0x49, 0x10, 0x9c0, 0x201, 0xaa4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe5, 0xa5, 0xc8}}]}}]}}, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='comm\x00')
writev(r1, &(0x7f00000010c0)=[{&(0x7f0000000000)='X', 0x1}], 0x1)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e6d0d02"], 0x70)
rmdir(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xffffffd7}], 0x1, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/fib_trie\x00')
syz_io_uring_setup(0x0, 0x0, &(0x7f0000000000), 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000500)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x248, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87b], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa7c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
poll(&(0x7f0000000080)=[{r4}, {r4}], 0x2, 0x24b)
write$uinput_user_dev(r4, &(0x7f00000021c0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000], [], [0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, 0x45c)
read$FUSE(r3, &(0x7f00000103c0)={0x2020}, 0x2020)
socket$inet6(0xa, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000120000000800090000000000180001c05500020076657468305f746f5f626f6e64000000"], 0x34}}, 0x0)

1.479724133s ago: executing program 0 (id=1123):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r1=>0xffffffffffffffff})
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x4b47, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
mmap(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r3, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000600)={0x8, 0x9, 0x90, 0x101, 0x5a4})
sendto$inet6(0xffffffffffffffff, &(0x7f0000000440)="bb699ad135cc241d3bebde2c24cb27cb9fe9ee0c34e804a364fc0eb46ff49fe5561375eac2516ac7ed1d57cad8df2a2e42927453480cc6c40a2287d46723d368104e43d2fb1c4ff855377f4e24d7d4a746f0cf7265cb4d4e9e10422c307254b6d8eac510b1b2c19bcee483019731a9eb03de7e6541e527f2021644e1527fb2d278753b3ae2f47ee3312d06a47b38412fbabe447a8c6d1b3fb67e6f5f3a21fc08407b3153d8a76e73491379cfe5f5f639db801f52174c742639a8a96f257a55acdee4ab551b1a84c003d1bde109972a1794e7eadb2d4bc27d2a50a0dac7e46a32e3d13cc0b8c5221b514720d094ebe88c63e07fa8aaacc9135c9f1f1b4c2cb6c7cc636fd0548fc1a0b807b800f3dd92cd4e06013891ecd5a72ee4622dbca8bcd7772f2715c6047ce8b30b7a4a7dbffe607494dd8bdc50c2b9428ddfb0d00a1b76ec88be09e6d4fe113d1549d50f52c149a0a25de0c383f32eb8d89e7df23831a7aa8ed93aa1f48c3c0d4df42d229fab2ccd5c473ccfa226519714536a8d0bdb1255a399b547887beeef8dd6b18d68f484edb2514b5e5fdc2f328e3160246fb0065e9958e51745d96bf501855d13b51ff03e2fa0c40d0530349a92888712d5", 0x1be, 0x8000, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000088000000060a010400000000000000000100000008000b40000000006000"], 0xfc}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000080), 0xb, 0x101301)
vmsplice(r1, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x4008032, 0xffffffffffffffff, 0x0)

849.735861ms ago: executing program 0 (id=1124):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x9, 0x2}, {0x5dcd}}]}}, 0xf)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="0402550600000000000007070ab165300e00ffffffffffff090607360a8e080000000000000007700a00691e0300ffffffffffff05d305e77791ff07000000000000fcd2dfbb189cf25905f25e1308ff07ffffffffffff00fc0d699cf70200"], 0x58)
syz_emit_vhci(&(0x7f0000000480)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x8, 0x4}, {0x0, 0x7}}}}, 0x11)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000240)='tlb_flush\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x0, 0x7, 0x0, 0x1}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, 0x0, &(0x7f0000000880))
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x48, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x28080)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
write$P9_RMKNOD(r3, &(0x7f00000002c0)={0x14, 0x13, 0x1, {0x80}}, 0x14)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r5=>0x0})
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x1000}, 0x4)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r4, &(0x7f00000000c0)="3f033608dce012002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()

509.837106ms ago: executing program 0 (id=1125):
r0 = io_uring_setup(0x4a3f, &(0x7f0000000000)={0x0, 0xc16e, 0x2, 0x1, 0x3a2})
io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "7f00ef", 0x14, 0x2c, 0x0, @remote, @mcast2, {[@routing={0x11, 0x0, 0x0, 0x1}], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r1=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'team0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140))
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getpeername$packet(r6, &(0x7f0000000000)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x24, r5, 0x4, 0x0, 0x0, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x0, 0x3c, 0x3}, @BATADV_ATTR_HARD_IFINDEX={0x0, 0x6, r7}]}, 0x24}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'team0\x00', <r8=>0x0})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000002c0)=<r9=>0x0, &(0x7f0000000300)=0x4)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000400)={'sit0\x00', &(0x7f0000000340)={'tunl0\x00', <r10=>0x0, 0x40, 0x7800, 0x7, 0x4, {{0x1c, 0x4, 0x2, 0x9, 0x70, 0x67, 0x0, 0x1, 0x2f, 0x0, @multicast1, @remote, {[@timestamp_prespec={0x44, 0xc, 0xba, 0x3, 0x0, [{@private=0xa010102, 0xd12}]}, @rr={0x7, 0x1b, 0xd, [@remote, @multicast2, @local, @broadcast, @rand_addr=0x64010101, @multicast1]}, @timestamp={0x44, 0x10, 0x43, 0x0, 0x1, [0x0, 0x3, 0x5]}, @ssrr={0x89, 0x7, 0xa3, [@multicast2]}, @timestamp_addr={0x44, 0x1c, 0xb2, 0x1, 0x6, [{@empty, 0x7}, {@dev={0xac, 0x14, 0x14, 0x2d}}, {@dev={0xac, 0x14, 0x14, 0xa}, 0x1}]}]}}}}})
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000040)=0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r11, 0x89f2, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'syztnl1\x00', r12, 0x2f, 0x5, 0x9, 0xffffffc4, 0x2, @loopback, @mcast2, 0x7800, 0xeb8d94c22be0349a, 0x8001, 0x100}})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'team0\x00', <r13=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000480))
getpeername$packet(r0, &(0x7f00000004c0)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000500)=0x14)
r15 = socket$igmp(0x2, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r15, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r16=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=@base={0x0, 0xfffffff7, 0x66d, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r16, 0xffffffffffffffff, 0x0, 0x3, 0x1}, 0x48)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x3f}, 0x78, r16})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'team0\x00', <r17=>0x0})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000580)=<r18=>0x0, &(0x7f00000005c0)=0x4)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000001000)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000fc0)={&(0x7f00000012c0)={0x8f4, 0x0, 0x200, 0x70bd28, 0x25dfdbfb, {}, [{{0x8}, {0x158, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3e}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8000d67}}}, {0x6c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x3c, 0x4, [{0x8, 0x8, 0xa, 0x3}, {0x3, 0x0, 0x9, 0x8001}, {0xc4, 0x6, 0xb, 0x6}, {0x400, 0x1, 0x10, 0x200}, {0x400, 0x4, 0x8e, 0xcd}, {0x31, 0x7, 0x10, 0x9b}, {0x7ff, 0x80, 0x0, 0x5}]}}}]}}, {{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}]}}, {{0x8}, {0x17c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0xffffffffffffff65, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}]}}, {{0x8, 0x1, r3}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8, 0x1, r7}, {0x4}}, {{0x8, 0x1, r8}, {0x7c, 0x2, 0x0, 0x1, [{0xd, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r10}, {0xd0, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r12}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8, 0x1, r13}, {0xc8, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r3}, {0x268, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r14}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r16}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xd57f}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x8001, 0x16, 0x8, 0x80000001}]}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}, {{0x8, 0x1, r17}, {0x84, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r18}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xa}}, {0x8}}}]}}]}, 0x8f4}, 0x1, 0x0, 0x0, 0x4000010}, 0xc0)

0s ago: executing program 2 (id=1126):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002700)=@delchain={0x71c, 0x65, 0x0, 0x0, 0xffffffff, {}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x6e8, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_HASH={0x8}, @TCA_U32_ACT={0x6b4, 0x7, [@m_bpf={0x26c, 0x0, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0x24, 0x4, [{0x9, 0x6, 0x8, 0xc8}, {0xb6, 0x9, 0xe9}, {0x6, 0x28, 0x89, 0x91}, {0x7, 0xa9, 0x80, 0x5}]}, @TCA_ACT_BPF_OPS={0x2c, 0x4, [{}, {}, {0x0, 0x0, 0x0, 0x80}, {}, {}]}]}, {0x1f1, 0x6, "c33d2cebd2d1f780fc3128c35b62bdd847e8e9c10c63b29df579eb1160bc139ac207c3c71cad242a8a0c73d242717cd8f79070d6ed92a021a714365fe79b8a0582a0134dcfa14e6b3e1a09b46acc7606a714ed6faab28425629946b885552249ba016b141b3761b448f920fa61de521311ad7d4749b8c0c7f50b75f40e9e0b2c81bd5fedf41c59f80ef6728793eef9f9190a702d1dde1bba03219d721a209c02644acc0159e0a1ad37233176ae8274359134668f335ab35f491215241982c2f429574efea2f330512e0d471dc179e38266b684d100e1948b25c734c41511f5acd9ba481b8ffd8761ebc6a249121287e0c57d12997d041472009cec94c6d4f58c76fe1dc992adfe7511e6ee93c6a9aad407eb6dc543bd2daeeea5d82b999baffab898f56f2df69738a0384156b16c3e7e9f2a7fd233fee9acd1724b5e4a7e7bba09099e1e9990b63c0755ff98a7b2b202e7be69f72d0aebaef88adecbb90f653761375fe88b41d987cc8a1d832dc0ac5e6d9acdec014396f597388a586d80145a66723314a44c02fd9792826ce2c8f62fb559b748816e813b96dfdf364357f552582bcf10c79e287f1c35c20edf88879a04ae7104a5d53138514b8445b8047a9fe1f9c36ffdbd861994d388f32c481725bdd1fa31cac01af674bac833fcc53173cdec944e47278216d58b53ad01"}, {0xc}, {0xc}}}, @m_connmark={0x170, 0x15, 0x0, 0x0, {{0xd}, {0x11c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x3, 0x2}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x6, 0x1}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x7f}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0x0, 0x6}}}]}, {0x25, 0x6, "796e0b8c442ee89009b9fac47a1b0fb6e42e6a4bc704b73e3bb428903537c450e7"}, {0xc}, {0xc}}}, @m_sample={0x140, 0x0, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_TRUNC_SIZE={0x8}]}, {0xb1, 0x6, "3b1219282bc39f6a067df6680216b692eba4c8892bcc60390a076291930e19186e4496590bb325c33dcf5937f3dc6468da095ee23268f5cb8bb6c08625af96268a269404cad823059ea9fcec967a3af384cc097613250b5d0736fbcb5fcc2036e2650b937e8079e6fdcb0c472fa4980d1662bdcb5e5f0db9ade17d245fb0d3b9aa251842882692f10c3ee1a1f47beb048394b950c99d8cb5fef4ec946bf5d6e3253d24954c0b7b92146a63b2e1"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_skbedit={0xac, 0x0, 0x0, 0x0, {{0xc}, {0xc, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6}]}, {0x76, 0x6, "da612513f355bc43aaf13c37280745e1c287078ee7b5e0b35defa12fafacc112d260326e28c9f54f1c3a1f0169bf8ce294a31b77bf62fcb6652450e22c4de6fb5429b8d444fbedcfe0a696935e651a3e065ad1a2bd58b783e09be22f2d0f479c7ae66c3bdf9758dd2acab808e26dfd28378c"}, {0xc}, {0xc}}}, @m_skbmod={0xe8, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x9}]}, {0xb3, 0x6, "677228c2aecc0967ae5bbe1742b93c3f74d02fed1273d5b44849fdaef884b85a670366b07381ab1c456d945cc5f8521f9afdcf500324b875e09cbb75348e976ed47197ae5c2c176da2361b0258863d8e6bd5ac74f81f985d52be3ae839efe9fed26b181adde53094fca75b7bbf277302b376b23f3dcca6a2d681a13ce20d64b24260558c9c34d1b4b4edf777ef2d114ee93d036ee5592680ff521bb32c873e3b657092e12d434d0fc751c8bdb9075a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x71c}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@xino_auto}]})
chdir(&(0x7f0000000140)='./bus\x00')
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r3 = open(&(0x7f0000000080)='./file1\x00', 0x12b842, 0x0)
sendfile(r3, r2, 0x0, 0x80000000)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x54}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r4 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
recvmmsg(r4, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)
bind$bt_hci(r2, &(0x7f0000000340)={0x1f, 0x0, 0x4}, 0x6)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x10000, &(0x7f0000000880)=ANY=[@ANYBLOB="7472616e733d76697274696f2c6e6f657874656e642c616363657373d267cee5847d84d37d143d636c69656e742c616e616d653d2e2c666f776e65723d", @ANYRESDEC=0xee00, @ANYBLOB=',dont_appraise,fsuuid=08ed7e\v4-4haf-f8db-a6c0-e36f3d7c,dont_measure,fowner=', @ANYRESDEC, @ANYBLOB=',smackfsroot=\'^,\x00'])
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x14c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

kernel console output (not intermixed with test programs):

63927][ T8087]  ? find_held_lock+0x2d/0x110
[  211.666052][ T8087]  ___sys_recvmsg+0x115/0x1a0
[  211.668118][ T8087]  ? __pfx____sys_recvmsg+0x10/0x10
[  211.670409][ T8087]  ? __fget_light+0x173/0x210
[  211.672508][ T8087]  do_recvmmsg+0x51a/0x750
[  211.674332][ T8087]  ? __pfx_do_recvmmsg+0x10/0x10
[  211.676230][ T8087]  ? __pfx_lock_release+0x10/0x10
[  211.678382][ T8087]  ? vfs_write+0x14d/0x1140
[  211.680220][ T8087]  __sys_recvmmsg+0x21e/0x280
[  211.682096][ T8087]  ? __pfx___sys_recvmmsg+0x10/0x10
[  211.684364][ T8087]  ? __pfx_ksys_write+0x10/0x10
[  211.686249][ T8087]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  211.688607][ T8087]  ? lockdep_hardirqs_on+0x7c/0x110
[  211.690835][ T8087]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  211.693623][ T8087]  __do_fast_syscall_32+0x73/0x120
[  211.695683][ T8087]  do_fast_syscall_32+0x32/0x80
[  211.697612][ T8087]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  211.700087][ T8087] RIP: 0023:0xf746e579
[  211.701707][ T8087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  211.709095][ T8087] RSP: 002b:00000000f5d8656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  211.712765][ T8087] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020009600
[  211.716263][ T8087] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  211.719716][ T8087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  211.723166][ T8087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  211.726230][ T8087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.729515][ T8087]  </TASK>
[  211.824831][ T8098] netlink: 'syz.3.740': attribute type 7 has an invalid length.
[  211.829231][ T8098] openvswitch: Êü: Dropping previously announced user features
[  211.912294][   T75] Bluetooth: Error in BCSP hdr checksum
[  212.166605][ T1182] Bluetooth: Error in BCSP hdr checksum
[  212.425169][ T1182] Bluetooth: Error in BCSP hdr checksum
[  212.694430][ T1182] Bluetooth: Error in BCSP hdr checksum
[  212.962215][   T13] Bluetooth: Error in BCSP hdr checksum
[  213.223570][   T13] Bluetooth: Error in BCSP hdr checksum
[  213.264913][ T8126] netlink: 'syz.0.747': attribute type 7 has an invalid length.
[  213.272672][ T8126] openvswitch: Êü: Dropping previously announced user features
[  213.373966][ T8128] netlink: 'syz.2.748': attribute type 7 has an invalid length.
[  213.377527][ T8128] openvswitch: Êü: Dropping previously announced user features
[  213.482572][ T1091] Bluetooth: Error in BCSP hdr checksum
[  213.743672][   T13] Bluetooth: Error in BCSP hdr checksum
[  213.801163][ T8138] netlink: 'syz.1.749': attribute type 3 has an invalid length.
[  214.003612][ T1182] Bluetooth: Error in BCSP hdr checksum
[  214.276526][   T75] Bluetooth: Error in BCSP hdr checksum
[  214.564682][   T75] Bluetooth: Error in BCSP hdr checksum
[  214.588337][ T8149] netlink: 8 bytes leftover after parsing attributes in process `syz.3.752'.
[  214.665080][   T39] audit: type=1326 audit(1721392503.106:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.3.752" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x0
[  214.792277][ T1182] Bluetooth: Error in BCSP hdr checksum
[  215.052871][ T1182] Bluetooth: Error in BCSP hdr checksum
[  215.121579][ T8154] FAULT_INJECTION: forcing a failure.
[  215.121579][ T8154] name failslab, interval 1, probability 0, space 0, times 0
[  215.129163][ T8154] CPU: 3 PID: 8154 Comm: syz.1.754 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  215.133278][ T8154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.138106][ T8154] Call Trace:
[  215.139590][ T8154]  <TASK>
[  215.140904][ T8154]  dump_stack_lvl+0x16c/0x1f0
[  215.143014][ T8154]  should_fail_ex+0x497/0x5b0
[  215.145042][ T8154]  should_failslab+0x9/0x20
[  215.146985][ T8154]  __kmalloc_noprof+0xcb/0x410
[  215.148606][ T8154]  process_vm_rw_core.constprop.0+0x1e5/0xa10
[  215.150605][ T8154]  ? ___kmalloc_large_node+0x127/0x1a0
[  215.152366][ T8154]  ? lockdep_hardirqs_on+0x7c/0x110
[  215.154469][ T8154]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  215.156915][ T8154]  ? rcu_is_watching+0x12/0xc0
[  215.158881][ T8154]  process_vm_rw+0x301/0x360
[  215.160771][ T8154]  ? __pfx_process_vm_rw+0x10/0x10
[  215.162844][ T8154]  ? ksys_write+0x21c/0x260
[  215.164528][ T8154]  ? __pfx_lock_release+0x10/0x10
[  215.166687][ T8154]  ? ksys_write+0x1ab/0x260
[  215.168468][ T8154]  ? __pfx_ksys_write+0x10/0x10
[  215.170127][ T8154]  __ia32_sys_process_vm_readv+0xdf/0x1b0
[  215.172511][ T8154]  ? lockdep_hardirqs_on+0x7c/0x110
[  215.174635][ T8154]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  215.177327][ T8154]  __do_fast_syscall_32+0x73/0x120
[  215.179514][ T8154]  do_fast_syscall_32+0x32/0x80
[  215.181621][ T8154]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.184118][ T8154] RIP: 0023:0xf7f11579
[  215.185555][ T8154] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  215.191579][ T8154] RSP: 002b:00000000f5cc656c EFLAGS: 00000296 ORIG_RAX: 000000000000015b
[  215.194239][ T8154] RAX: ffffffffffffffda RBX: 0000000000000141 RCX: 0000000020008400
[  215.197728][ T8154] RDX: 0000000000000002 RSI: 0000000020008640 RDI: 0000000000000286
[  215.201016][ T8154] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  215.204602][ T8154] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  215.208148][ T8154] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.211300][ T8154]  </TASK>
[  215.313765][   T75] Bluetooth: Error in BCSP hdr checksum
[  215.362645][ T8158] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  215.572537][   T75] Bluetooth: Error in BCSP hdr checksum
[  215.833220][   T11] Bluetooth: Error in BCSP hdr checksum
[  216.095454][   T75] Bluetooth: Error in BCSP hdr checksum
[  216.242755][ T8166] netlink: 'syz.1.759': attribute type 7 has an invalid length.
[  216.247197][ T8166] openvswitch: Êü: Dropping previously announced user features
[  216.329022][ T8168] netlink: 'syz.3.760': attribute type 7 has an invalid length.
[  216.335242][ T8168] openvswitch: Êü: Dropping previously announced user features
[  216.354114][   T11] Bluetooth: Error in BCSP hdr checksum
[  216.623948][   T11] Bluetooth: Error in BCSP hdr checksum
[  216.883497][ T1091] Bluetooth: Error in BCSP hdr checksum
[  217.143319][ T1091] Bluetooth: Error in BCSP hdr checksum
[  217.416649][ T1091] Bluetooth: Error in BCSP hdr checksum
[  217.675995][   T11] Bluetooth: Error in BCSP hdr checksum
[  217.923804][ T1091] Bluetooth: Error in BCSP hdr checksum
[  218.221220][ T1091] Bluetooth: Error in BCSP hdr checksum
[  218.482146][   T75] Bluetooth: Error in BCSP hdr checksum
[  218.732263][ T1091] Bluetooth: Error in BCSP hdr checksum
[  218.993762][   T11] Bluetooth: Error in BCSP hdr checksum
[  219.262013][   T13] Bluetooth: Error in BCSP hdr checksum
[  219.514053][   T75] Bluetooth: Error in BCSP hdr checksum
[  219.772271][   T11] Bluetooth: Error in BCSP hdr checksum
[  220.042233][   T75] Bluetooth: Error in BCSP hdr checksum
[  220.322227][   T75] Bluetooth: Error in BCSP hdr checksum
[  220.584167][   T13] Bluetooth: Error in BCSP hdr checksum
[  220.843794][   T13] Bluetooth: Error in BCSP hdr checksum
[  221.104941][   T13] Bluetooth: Error in BCSP hdr checksum
[  221.375861][   T13] Bluetooth: Error in BCSP hdr checksum
[  221.644325][   T75] Bluetooth: Error in BCSP hdr checksum
[  221.915915][ T1091] Bluetooth: Error in BCSP hdr checksum
[  222.192854][   T75] Bluetooth: Error in BCSP hdr checksum
[  222.433751][ T1182] Bluetooth: Error in BCSP hdr checksum
[  222.692866][   T11] Bluetooth: Error in BCSP hdr checksum
[  222.882134][ T5258] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  222.953810][ T1182] Bluetooth: Error in BCSP hdr checksum
[  223.086349][ T5258] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  223.091476][ T5258] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.101931][ T5258] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.106132][ T5258] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  223.122683][ T5258] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  223.126885][ T5258] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  223.130315][ T5258] usb 7-1: Manufacturer: syz
[  223.144713][ T5258] usb 7-1: config 0 descriptor??
[  223.213902][   T13] Bluetooth: Error in BCSP hdr checksum
[  223.493916][   T75] Bluetooth: Error in BCSP hdr checksum
[  223.569404][ T5258] appleir 0003:05AC:8243.0004: unknown main item tag 0x0
[  223.583037][ T5258] appleir 0003:05AC:8243.0004: No inputs registered, leaving
[  223.602495][ T5258] appleir 0003:05AC:8243.0004: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  223.754455][   T13] Bluetooth: Error in BCSP hdr checksum
[  224.012740][ T1182] Bluetooth: Error in BCSP hdr checksum
[  224.181027][ T5258] usb 7-1: USB disconnect, device number 21
[  224.287444][   T75] Bluetooth: Error in BCSP hdr checksum
[  224.542550][   T75] Bluetooth: Error in BCSP hdr checksum
[  224.804505][   T75] Bluetooth: Error in BCSP hdr checksum
[  224.874567][ T8199] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  225.062375][ T1182] Bluetooth: Error in BCSP hdr checksum
[  225.079657][ T8200] ALSA: mixer_oss: invalid OSS volume ''
[  225.082968][ T8200] ALSA: mixer_oss: invalid OSS volume ''
[  225.085821][ T8200] ALSA: mixer_oss: invalid OSS volume 'L'
[  225.236611][ T8203] netlink: 'syz.0.769': attribute type 2 has an invalid length.
[  225.239803][ T8203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.769'.
[  225.247588][ T8203] netlink: 'syz.0.769': attribute type 1 has an invalid length.
[  225.250871][ T8203] netlink: 9 bytes leftover after parsing attributes in process `syz.0.769'.
[  225.282554][ T8203] netlink: 24 bytes leftover after parsing attributes in process `syz.0.769'.
[  225.332833][   T13] Bluetooth: Error in BCSP hdr checksum
[  225.414881][ T8205] netlink: 20 bytes leftover after parsing attributes in process `syz.0.769'.
[  225.609752][ T1091] Bluetooth: Error in BCSP hdr checksum
[  225.675459][ T8208] overlayfs: failed to resolve './file1': -2
[  225.741078][ T8210] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  225.744065][ T8210] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  225.754652][ T8210] vhci_hcd vhci_hcd.0: Device attached
[  225.803759][ T8211] sctp: [Deprecated]: syz.3.772 (pid 8211) Use of struct sctp_assoc_value in delayed_ack socket option.
[  225.803759][ T8211] Use struct sctp_sack_info instead
[  225.862483][   T75] Bluetooth: Error in BCSP hdr checksum
[  225.892836][ T8210] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.955493][ T6572] vhci_hcd: vhci_device speed not set
[  226.001747][ T5224] Bluetooth: hci1: unexpected event for opcode 0x204e
[  226.022019][ T6572] usb 13-1: new low-speed USB device number 2 using vhci_hcd
[  226.126893][ T1182] Bluetooth: Error in BCSP hdr checksum
[  226.405130][   T13] Bluetooth: Error in BCSP hdr checksum
[  226.478458][ T8212] vhci_hcd: connection closed
[  226.484279][   T13] vhci_hcd: stop threads
[  226.488381][   T13] vhci_hcd: release socket
[  226.501892][   T13] vhci_hcd: disconnect device
[  226.671496][   T75] Bluetooth: Error in BCSP hdr checksum
[  226.877591][ T4651] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  226.883987][ T4651] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  226.892319][ T4651] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  226.912095][ T4651] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  226.926216][   T11] Bluetooth: Error in BCSP hdr checksum
[  226.932244][ T4651] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  226.943135][ T4651] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  227.052023][ T5258] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  227.182568][   T13] Bluetooth: Error in BCSP hdr checksum
[  227.242016][ T5258] usb 7-1: Using ep0 maxpacket: 16
[  227.249710][ T5258] usb 7-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  227.253977][ T5258] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.257553][ T5258] usb 7-1: Product: syz
[  227.259306][ T5258] usb 7-1: Manufacturer: syz
[  227.261263][ T5258] usb 7-1: SerialNumber: syz
[  227.273835][ T8242] netlink: 'syz.0.779': attribute type 2 has an invalid length.
[  227.278534][ T5258] usb 7-1: config 0 descriptor??
[  227.281077][ T8242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.779'.
[  227.283400][ T5258] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  227.289200][ T8232] chnl_net:caif_netlink_parms(): no params data found
[  227.303355][ T8242] netlink: 'syz.0.779': attribute type 1 has an invalid length.
[  227.306015][ T8242] netlink: 9 bytes leftover after parsing attributes in process `syz.0.779'.
[  227.314654][ T8242] netlink: 24 bytes leftover after parsing attributes in process `syz.0.779'.
[  227.394814][ T8242] netlink: 20 bytes leftover after parsing attributes in process `syz.0.779'.
[  227.443029][   T11] Bluetooth: Error in BCSP hdr checksum
[  227.507660][ T1091] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.543348][ T8230] input: syz0 as /devices/virtual/input/input18
[  227.617017][ T8253] sctp: [Deprecated]: syz.0.780 (pid 8253) Use of int in max_burst socket option deprecated.
[  227.617017][ T8253] Use struct sctp_assoc_value instead
[  227.664153][ T1091] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.675399][ T8232] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.678748][ T8232] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.685208][ T8232] bridge_slave_0: entered allmulticast mode
[  227.688395][ T8232] bridge_slave_0: entered promiscuous mode
[  227.694109][ T8232] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.696790][ T8232] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.699254][ T8232] bridge_slave_1: entered allmulticast mode
[  227.702239][   T11] Bluetooth: Error in BCSP hdr checksum
[  227.708624][ T8232] bridge_slave_1: entered promiscuous mode
[  227.723978][ T8258] netlink: 20 bytes leftover after parsing attributes in process `syz.2.777'.
[  227.804190][ T8263] IPv4: Oversized IP packet from 172.20.20.24
[  227.816025][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  227.820419][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  227.862117][ T1091] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.878192][ T8232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.885697][ T8264] netlink: 'syz.0.782': attribute type 10 has an invalid length.
[  227.890351][ T8265] fuse: Bad value for 'fd'
[  227.892799][ T8264] macvlan0: entered promiscuous mode
[  227.908068][ T8264] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  227.922663][ T8232] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.964143][ T1182] Bluetooth: Error in BCSP hdr checksum
[  228.022771][ T1091] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.039863][ T8232] team0: Port device team_slave_0 added
[  228.047619][ T8232] team0: Port device team_slave_1 added
[  228.121352][ T8232] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.125144][ T8232] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.138165][ T8232] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  228.145361][ T8232] batman_adv: batadv0: Adding interface: batadv_slave_1
[  228.148535][ T8232] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.162309][ T8232] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  228.178362][ T5258] gp8psk: usb in 128 operation failed.
[  228.181766][ T5258] gp8psk: usb in 137 operation failed.
[  228.190772][ T5258] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  228.199539][ T5258] dvb_usb_gp8psk 7-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  228.209143][ T5258] usb 7-1: USB disconnect, device number 22
[  228.225685][   T13] Bluetooth: Error in BCSP hdr checksum
[  228.329108][ T8232] hsr_slave_0: entered promiscuous mode
[  228.337464][ T8232] hsr_slave_1: entered promiscuous mode
[  228.341476][ T8232] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  228.347000][ T8232] Cannot create hsr debugfs directory
[  228.350074][ T1091] bridge_slave_1: left allmulticast mode
[  228.352463][ T1091] bridge_slave_1: left promiscuous mode
[  228.355307][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.363650][ T1091] bridge_slave_0: left allmulticast mode
[  228.366260][ T1091] bridge_slave_0: left promiscuous mode
[  228.368937][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.487093][   T13] Bluetooth: Error in BCSP hdr checksum
[  228.742978][ T1182] Bluetooth: Error in BCSP hdr checksum
[  228.816828][ T1091] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  228.830211][ T1091] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  228.835895][ T1091] bond0 (unregistering): Released all slaves
[  228.846653][ T1091] bond1 (unregistering): Released all slaves
[  228.870095][ T8273] netlink: 72 bytes leftover after parsing attributes in process `syz.2.785'.
[  228.996212][ T1091] Êü: left promiscuous mode
[  229.003946][ T1182] Bluetooth: Error in BCSP hdr checksum
[  229.012422][ T4651] Bluetooth: hci3: command tx timeout
[  229.116840][ T8278] xt_CT: You must specify a L4 protocol and not use inversions on it
[  229.282723][ T1182] Bluetooth: Error in BCSP hdr checksum
[  229.466497][ T1091] hsr_slave_0: left promiscuous mode
[  229.469964][ T1091] hsr_slave_1: left promiscuous mode
[  229.473832][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  229.477034][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_0
[  229.481320][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  229.492146][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_1
[  229.532593][   T11] Bluetooth: Error in BCSP hdr checksum
[  229.573236][ T1091] veth1_macvtap: left promiscuous mode
[  229.576211][ T1091] veth0_macvtap: left promiscuous mode
[  229.578851][ T1091] veth1_vlan: left promiscuous mode
[  229.581477][ T1091] veth0_vlan: left promiscuous mode
[  229.804756][   T11] Bluetooth: Error in BCSP hdr checksum
[  229.933289][   T56] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  230.055054][   T11] Bluetooth: Error in BCSP hdr checksum
[  230.141965][   T56] usb 8-1: Using ep0 maxpacket: 32
[  230.158442][   T56] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  230.162664][   T56] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  230.193608][   T56] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  230.196953][   T56] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.199869][   T56] usb 8-1: Product: syz
[  230.201442][   T56] usb 8-1: Manufacturer: syz
[  230.203711][   T56] usb 8-1: SerialNumber: syz
[  230.321676][   T13] Bluetooth: Error in BCSP hdr checksum
[  230.433898][   T56] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  230.582302][ T1182] Bluetooth: Error in BCSP hdr checksum
[  230.661497][ T5260] usb 8-1: USB disconnect, device number 10
[  230.667198][ T5260] usblp0: removed
[  230.763409][ T1091] team0 (unregistering): Port device team_slave_1 removed
[  230.832411][   T13] Bluetooth: Error in BCSP hdr checksum
[  230.858257][ T1091] team0 (unregistering): Port device team_slave_0 removed
[  231.092222][   T13] Bluetooth: Error in BCSP hdr checksum
[  231.092262][ T4651] Bluetooth: hci3: command tx timeout
[  231.176799][ T6572] vhci_hcd: vhci_device speed not set
[  231.352223][   T13] Bluetooth: Error in BCSP hdr checksum
[  231.364345][ T8310] __nla_validate_parse: 1 callbacks suppressed
[  231.364361][ T8310] netlink: 72 bytes leftover after parsing attributes in process `syz.3.793'.
[  231.557865][ T8292] netlink: 32 bytes leftover after parsing attributes in process `syz.2.789'.
[  231.563578][ T8300] netlink: 'syz.0.791': attribute type 2 has an invalid length.
[  231.566939][ T8300] netlink: 4 bytes leftover after parsing attributes in process `syz.0.791'.
[  231.571801][ T8301] netlink: 'syz.0.791': attribute type 1 has an invalid length.
[  231.575260][ T8301] netlink: 9 bytes leftover after parsing attributes in process `syz.0.791'.
[  231.579011][ T8302] netlink: 24 bytes leftover after parsing attributes in process `syz.0.791'.
[  231.613666][   T13] Bluetooth: Error in BCSP hdr checksum
[  231.625340][ T8303] netlink: 20 bytes leftover after parsing attributes in process `syz.0.791'.
[  231.638681][ T8312] netlink: 'syz.3.794': attribute type 2 has an invalid length.
[  231.643757][ T8312] netlink: 4 bytes leftover after parsing attributes in process `syz.3.794'.
[  231.670279][ T8312] netlink: 'syz.3.794': attribute type 1 has an invalid length.
[  231.674742][ T8312] netlink: 9 bytes leftover after parsing attributes in process `syz.3.794'.
[  231.681225][ T8312] netlink: 24 bytes leftover after parsing attributes in process `syz.3.794'.
[  231.750706][ T8312] netlink: 20 bytes leftover after parsing attributes in process `syz.3.794'.
[  231.875020][   T13] Bluetooth: Error in BCSP hdr checksum
[  231.967491][ T8232] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  231.975118][ T8232] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  231.984127][ T8232] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  231.994501][ T8232] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  232.116714][ T8232] 8021q: adding VLAN 0 to HW filter on device bond0
[  232.136122][   T75] Bluetooth: Error in BCSP hdr checksum
[  232.136141][ T8232] 8021q: adding VLAN 0 to HW filter on device team0
[  232.148117][ T1265] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.151401][ T1265] bridge0: port 1(bridge_slave_0) entered forwarding state
[  232.162714][ T5258] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.166251][ T5258] bridge0: port 2(bridge_slave_1) entered forwarding state
[  232.230552][ T8334] xt_CT: You must specify a L4 protocol and not use inversions on it
[  232.338622][ T8232] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.382905][ T8232] veth0_vlan: entered promiscuous mode
[  232.388873][ T8232] veth1_vlan: entered promiscuous mode
[  232.393469][ T1091] Bluetooth: Error in BCSP hdr checksum
[  232.417177][ T8232] veth0_macvtap: entered promiscuous mode
[  232.420972][ T8232] veth1_macvtap: entered promiscuous mode
[  232.440233][ T8232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.444728][ T8232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.448869][ T8232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.454023][ T8232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.457485][ T8232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.461664][ T8232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.466969][ T8232] batman_adv: batadv0: Interface activated: batadv_slave_0
[  232.476339][ T8232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.480894][ T8232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.499105][ T8232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.503998][ T8232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.507827][ T8232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.512936][ T8232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.522924][ T8232] batman_adv: batadv0: Interface activated: batadv_slave_1
[  232.534327][ T8232] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.537566][ T8232] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.541528][ T8232] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.545468][ T8232] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.613895][ T1182] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.617197][ T1182] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.618419][ T8348] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  232.644500][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.647974][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.664854][   T13] Bluetooth: Error in BCSP hdr checksum
[  232.747113][ T8352] netlink: 'syz.1.776': attribute type 1 has an invalid length.
[  232.825098][ T8357] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  232.923863][   T75] Bluetooth: Error in BCSP hdr checksum
[  233.157781][ T5224] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  233.162036][ T5224] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  233.167671][ T5224] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  233.172043][ T5232] Bluetooth: hci3: command tx timeout
[  233.177187][ T5232] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  233.182391][   T75] Bluetooth: Error in BCSP hdr checksum
[  233.185714][ T5232] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  233.189154][ T5232] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  233.433530][ T8368] chnl_net:caif_netlink_parms(): no params data found
[  233.447373][ T1091] Bluetooth: Error in BCSP hdr checksum
[  233.637983][ T8368] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.641238][ T8368] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.644443][ T8368] bridge_slave_0: entered allmulticast mode
[  233.647913][ T8368] bridge_slave_0: entered promiscuous mode
[  233.652679][ T8368] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.655945][ T8368] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.665587][ T8368] bridge_slave_1: entered allmulticast mode
[  233.669526][ T8368] bridge_slave_1: entered promiscuous mode
[  233.789995][ T8368] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  233.826501][ T1182] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.857312][ T8368] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.036694][ T1182] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.065615][ T8368] team0: Port device team_slave_0 added
[  234.072866][ T8368] team0: Port device team_slave_1 added
[  234.155485][ T1182] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.175736][ T8368] batman_adv: batadv0: Adding interface: batadv_slave_0
[  234.178405][ T8368] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.192553][ T8368] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.202943][ T8368] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.206253][ T8368] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.218853][ T8368] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  234.333528][ T1182] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.358341][ T8368] hsr_slave_0: entered promiscuous mode
[  234.369652][ T8368] hsr_slave_1: entered promiscuous mode
[  234.672136][ T1182] bridge_slave_1: left allmulticast mode
[  234.674604][ T1182] bridge_slave_1: left promiscuous mode
[  234.676976][ T1182] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.685728][ T1182] bridge_slave_0: left allmulticast mode
[  234.688274][ T1182] bridge_slave_0: left promiscuous mode
[  234.692316][ T1182] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.788871][ T8406] ieee802154 phy0 wpan0: encryption failed: -90
[  234.941295][ T8408] FAULT_INJECTION: forcing a failure.
[  234.941295][ T8408] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.947281][ T8408] CPU: 2 PID: 8408 Comm: syz.0.816 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  234.951126][ T8408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.955672][ T8408] Call Trace:
[  234.957140][ T8408]  <TASK>
[  234.958464][ T8408]  dump_stack_lvl+0x16c/0x1f0
[  234.960485][ T8408]  should_fail_ex+0x497/0x5b0
[  234.962517][ T8408]  _copy_to_user+0x30/0xc0
[  234.964540][ T8408]  simple_read_from_buffer+0xd0/0x160
[  234.967071][ T8408]  proc_fail_nth_read+0x1b0/0x290
[  234.969349][ T8408]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.971853][ T8408]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.974361][ T8408]  vfs_read+0x1d4/0xbd0
[  234.976276][ T8408]  ? __fdget_pos+0xeb/0x180
[  234.978337][ T8408]  ? __pfx_vfs_read+0x10/0x10
[  234.980462][ T8408]  ? __pfx___mutex_lock+0x10/0x10
[  234.982757][ T8408]  ? __fget_files+0x256/0x400
[  234.984925][ T8408]  ksys_read+0x12f/0x260
[  234.986860][ T8408]  ? __pfx_ksys_read+0x10/0x10
[  234.989036][ T8408]  __do_fast_syscall_32+0x73/0x120
[  234.991308][ T8408]  do_fast_syscall_32+0x32/0x80
[  234.993476][ T8408]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  234.996433][ T8408] RIP: 0023:0xf7f1f579
[  234.998208][ T8408] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  235.005828][ T8408] RSP: 002b:00000000f5cd65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  235.009471][ T8408] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5cd6630
[  235.012858][ T8408] RDX: 000000000000000f RSI: 00000000f73a9ff4 RDI: 0000000000000000
[  235.015639][ T8408] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  235.018759][ T8408] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  235.022033][ T8408] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.025260][ T8408]  </TASK>
[  235.088972][ T8410] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  235.211366][ T1182] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  235.218856][ T1182] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  235.232188][ T1182] bond0 (unregistering): Released all slaves
[  235.265957][ T4651] Bluetooth: hci3: command tx timeout
[  235.266277][ T5232] Bluetooth: hci0: command tx timeout
[  235.319185][ T1182] Êü: left promiscuous mode
[  235.365713][ T8418] netlink: 'syz.1.820': attribute type 7 has an invalid length.
[  235.415903][ T8418] Êü: entered promiscuous mode
[  235.439521][ T1182] tipc: Disabling bearer <eth:macvlan1>
[  235.452984][ T1182] tipc: Left network mode
[  235.780047][ T8368] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  235.799621][ T8368] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  235.850805][ T8368] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  235.867270][ T8368] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  235.943181][ T1182] hsr_slave_0: left promiscuous mode
[  235.947925][ T1182] hsr_slave_1: left promiscuous mode
[  235.957742][ T1182] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.962723][ T1182] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.976350][ T1182] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.979658][ T1182] batman_adv: batadv0: Removing interface: batadv_slave_1
[  236.030796][ T1182] veth1_macvtap: left promiscuous mode
[  236.033571][ T1182] veth0_macvtap: left promiscuous mode
[  236.036142][ T1182] veth1_vlan: left promiscuous mode
[  236.038340][ T1182] veth0_vlan: left promiscuous mode
[  236.042831][ T8427] xt_CT: You must specify a L4 protocol and not use inversions on it
[  236.426792][ T8434] fuse: Unknown parameter '00000000000000000000'
[  237.223932][ T1182] team0 (unregistering): Port device team_slave_1 removed
[  237.347495][ T5232] Bluetooth: hci0: command tx timeout
[  237.350609][ T1182] team0 (unregistering): Port device team_slave_0 removed
[  237.415499][ T8439] kAFS: No cell specified
[  238.446558][ T8368] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.548321][ T8368] 8021q: adding VLAN 0 to HW filter on device team0
[  238.560406][ T1265] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.563980][ T1265] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.605466][ T6572] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.608617][ T6572] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.071263][ T8454] netlink: 'syz.0.827': attribute type 2 has an invalid length.
[  239.075010][ T8454] __nla_validate_parse: 5 callbacks suppressed
[  239.075021][ T8454] netlink: 4 bytes leftover after parsing attributes in process `syz.0.827'.
[  239.095789][ T8368] 8021q: adding VLAN 0 to HW filter on device batadv0
[  239.121155][ T8454] netlink: 'syz.0.827': attribute type 1 has an invalid length.
[  239.141991][ T8454] netlink: 9 bytes leftover after parsing attributes in process `syz.0.827'.
[  239.146690][ T8454] netlink: 24 bytes leftover after parsing attributes in process `syz.0.827'.
[  239.206845][ T8456] netlink: 20 bytes leftover after parsing attributes in process `syz.0.827'.
[  239.235956][ T8368] veth0_vlan: entered promiscuous mode
[  239.243952][ T8368] veth1_vlan: entered promiscuous mode
[  239.289094][ T8368] veth0_macvtap: entered promiscuous mode
[  239.296279][ T8368] veth1_macvtap: entered promiscuous mode
[  239.310252][ T8368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.317301][ T8368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.321999][ T8368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.326265][ T8368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.330442][ T8368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.338316][ T8368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.344137][ T8368] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.354521][ T8368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.359012][ T8368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.363456][ T8368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.368007][ T8368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.373542][ T8368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.374837][ T8460] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  239.377994][ T8368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.388012][ T8368] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.400068][ T8368] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.405727][ T8368] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.410067][ T8368] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.414286][ T5232] Bluetooth: hci0: command tx timeout
[  239.416832][ T8368] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.441819][ T8464] netlink: 191416 bytes leftover after parsing attributes in process `syz.0.830'.
[  239.445828][ T8464] netlink: zone id is out of range
[  239.448150][ T8464] netlink: zone id is out of range
[  239.513914][ T1182] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  239.517385][ T1182] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.548477][ T1182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  239.556948][ T1182] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.811959][ T6573] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  241.002011][ T6573] usb 5-1: Using ep0 maxpacket: 32
[  241.014860][ T6573] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  241.019014][ T6573] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  241.031566][ T6573] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  241.036153][ T6573] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.039693][ T6573] usb 5-1: Product: syz
[  241.053062][ T6573] usb 5-1: Manufacturer: syz
[  241.055206][ T6573] usb 5-1: SerialNumber: syz
[  241.128510][ T8482] fuse: Unknown parameter '00000000000000000000'
[  241.295859][ T6573] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  241.310498][ T8492] kAFS: No cell specified
[  241.470587][ T8501] FAULT_INJECTION: forcing a failure.
[  241.470587][ T8501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.476858][ T8501] CPU: 1 PID: 8501 Comm: syz.3.839 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  241.480770][ T8501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  241.485838][ T8501] Call Trace:
[  241.487283][ T8501]  <TASK>
[  241.488576][ T8501]  dump_stack_lvl+0x16c/0x1f0
[  241.490627][ T8501]  should_fail_ex+0x497/0x5b0
[  241.492638][ T8501]  _copy_from_user+0x30/0xf0
[  241.495235][ T8501]  get_compat_msghdr+0xa8/0x170
[  241.497472][ T8501]  ? __pfx_get_compat_msghdr+0x10/0x10
[  241.499893][ T8501]  ? __pfx___lock_acquire+0x10/0x10
[  241.502645][ T8501]  ___sys_sendmsg+0x1b0/0x1e0
[  241.504807][ T8501]  ? __pfx____sys_sendmsg+0x10/0x10
[  241.507533][ T8501]  ? ksys_write+0x21c/0x260
[  241.510075][ T8501]  ? __fget_light+0x173/0x210
[  241.512612][ T8501]  __sys_sendmsg+0x117/0x1f0
[  241.515098][ T8501]  ? __pfx___sys_sendmsg+0x10/0x10
[  241.517661][ T8501]  __do_fast_syscall_32+0x73/0x120
[  241.519944][ T8501]  do_fast_syscall_32+0x32/0x80
[  241.522194][ T8501]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  241.525067][ T8501] RIP: 0023:0xf7f38579
[  241.526862][ T8501] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  241.535039][ T8501] RSP: 002b:00000000f5ce656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  241.538200][ T8501] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000100
[  241.541234][ T8501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  241.544281][ T8501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  241.547533][ T8501] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  241.550779][ T8501] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  241.553801][ T8501]  </TASK>
[  241.555373][ T5232] Bluetooth: hci0: command tx timeout
[  241.600136][ T6572] usb 5-1: USB disconnect, device number 23
[  241.604846][ T6572] usblp0: removed
[  241.681466][ T8505] 9pnet_fd: Insufficient options for proto=fd
[  241.727169][ T8508] FAULT_INJECTION: forcing a failure.
[  241.727169][ T8508] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.733651][ T8508] CPU: 0 PID: 8508 Comm: syz.3.841 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  241.737776][ T8508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  241.742085][ T8508] Call Trace:
[  241.743586][ T8508]  <TASK>
[  241.744916][ T8508]  dump_stack_lvl+0x16c/0x1f0
[  241.746829][ T8508]  should_fail_ex+0x497/0x5b0
[  241.748705][ T8508]  _copy_from_user+0x30/0xf0
[  241.750575][ T8508]  move_addr_to_kernel+0x68/0x160
[  241.752608][ T8508]  __sys_connect+0xbd/0x170
[  241.754448][ T8508]  ? __pfx___sys_connect+0x10/0x10
[  241.756772][ T8508]  ? __pfx_ksys_write+0x10/0x10
[  241.758853][ T8508]  __ia32_sys_connect+0x71/0xb0
[  241.760940][ T8508]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  241.763646][ T8508]  __do_fast_syscall_32+0x73/0x120
[  241.766427][ T8508]  do_fast_syscall_32+0x32/0x80
[  241.768585][ T8508]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  241.771874][ T8508] RIP: 0023:0xf7f38579
[  241.773843][ T8508] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  241.782612][ T8508] RSP: 002b:00000000f5ce656c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  241.786875][ T8508] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000980
[  241.790485][ T8508] RDX: 0000000000000032 RSI: 0000000000000000 RDI: 0000000000000000
[  241.794372][ T8508] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  241.798096][ T8508] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  241.802139][ T8508] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  241.805845][ T8508]  </TASK>
[  242.733353][ T8519] ALSA: mixer_oss: invalid OSS volume ''
[  242.739023][ T8519] ALSA: mixer_oss: invalid OSS volume ''
[  242.741607][ T8519] ALSA: mixer_oss: invalid OSS volume 'L'
[  242.757298][ T8526] netlink: 'syz.3.847': attribute type 2 has an invalid length.
[  242.760517][ T8526] netlink: 4 bytes leftover after parsing attributes in process `syz.3.847'.
[  242.797085][ T8526] tunl0: entered promiscuous mode
[  242.806601][ T8526] netlink: 'syz.3.847': attribute type 1 has an invalid length.
[  242.812079][ T8526] netlink: 9 bytes leftover after parsing attributes in process `syz.3.847'.
[  242.826900][ T8526] netlink: 24 bytes leftover after parsing attributes in process `syz.3.847'.
[  242.888364][ T8532] netlink: 20 bytes leftover after parsing attributes in process `syz.3.847'.
[  242.947540][ T8530] 9pnet_fd: Insufficient options for proto=fd
[  242.971983][ T5279] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  243.191921][ T5279] usb 6-1: Using ep0 maxpacket: 16
[  243.198841][ T5279] usb 6-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  243.203089][ T5279] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.206419][ T5279] usb 6-1: Product: syz
[  243.208554][ T5279] usb 6-1: Manufacturer: syz
[  243.210515][ T5279] usb 6-1: SerialNumber: syz
[  243.220622][ T5279] usb 6-1: config 0 descriptor??
[  243.227624][ T5279] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  243.280086][   T39] audit: type=1326 audit(1721392531.716:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8539 comm="syz.2.852" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0
[  243.438076][ T8527] input: syz0 as /devices/virtual/input/input19
[  243.575467][ T8549] netlink: 20 bytes leftover after parsing attributes in process `syz.1.848'.
[  244.019912][   T39] audit: type=1326 audit(1721392532.456:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  244.039958][   T39] audit: type=1326 audit(1721392532.476:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  244.055787][   T39] audit: type=1326 audit(1721392532.496:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  244.059032][ T5279] gp8psk: usb in 128 operation failed.
[  244.066619][   T39] audit: type=1326 audit(1721392532.496:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  244.079136][   T39] audit: type=1326 audit(1721392532.496:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  244.085852][ T5279] gp8psk: usb in 137 operation failed.
[  244.086700][ T8558] netlink: 'syz.3.857': attribute type 7 has an invalid length.
[  244.095886][ T5279] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  244.100683][ T5279] dvb_usb_gp8psk 6-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  244.101279][   T39] audit: type=1326 audit(1721392532.496:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  244.102384][ T8558] Êü: entered promiscuous mode
[  244.120907][   T39] audit: type=1326 audit(1721392532.496:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  244.123076][ T5279] usb 6-1: USB disconnect, device number 8
[  244.131650][   T39] audit: type=1326 audit(1721392532.496:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  244.156357][   T39] audit: type=1326 audit(1721392532.496:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  244.552042][   T64] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  244.740110][   T64] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  244.743953][   T64] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.775249][   T64] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  244.779682][   T64] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  244.792078][   T64] usb 7-1: Manufacturer: syz
[  244.805768][   T64] usb 7-1: config 0 descriptor??
[  244.907277][   T64] rc_core: IR keymap rc-hauppauge not found
[  244.914467][   T64] Registered IR keymap rc-empty
[  244.917292][   T64] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[  244.939139][   T64] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input20
[  245.282290][ T8561] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.286697][ T8561] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.377671][ T1387] usb 7-1: USB disconnect, device number 23
[  246.180775][ T8582] netlink: 4 bytes leftover after parsing attributes in process `syz.2.863'.
[  247.013182][ T8603] FAULT_INJECTION: forcing a failure.
[  247.013182][ T8603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.026204][ T8603] CPU: 3 PID: 8603 Comm: syz.1.868 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  247.030703][ T8603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.035409][ T8603] Call Trace:
[  247.036907][ T8603]  <TASK>
[  247.038253][ T8603]  dump_stack_lvl+0x16c/0x1f0
[  247.040363][ T8603]  should_fail_ex+0x497/0x5b0
[  247.042551][ T8603]  _copy_from_user+0x30/0xf0
[  247.044577][ T8603]  get_compat_msghdr+0xa8/0x170
[  247.046717][ T8603]  ? __pfx_get_compat_msghdr+0x10/0x10
[  247.049023][ T8603]  ? find_held_lock+0x2d/0x110
[  247.051057][ T8603]  ___sys_recvmsg+0x193/0x1a0
[  247.053079][ T8603]  ? __pfx____sys_recvmsg+0x10/0x10
[  247.055683][ T8603]  ? __fget_light+0x173/0x210
[  247.058081][ T8603]  __sys_recvmsg+0x114/0x1e0
[  247.060331][ T8603]  ? __pfx___sys_recvmsg+0x10/0x10
[  247.063164][ T8603]  __do_fast_syscall_32+0x73/0x120
[  247.065859][ T8603]  do_fast_syscall_32+0x32/0x80
[  247.068362][ T8603]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.071359][ T8603] RIP: 0023:0xf73de579
[  247.073081][ T8603] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  247.081829][ T8603] RSP: 002b:00000000f5cf656c EFLAGS: 00000296 ORIG_RAX: 0000000000000174
[  247.085651][ T8603] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000080
[  247.089489][ T8603] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  247.093454][ T8603] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  247.097015][ T8603] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  247.100191][ T8603] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  247.103282][ T8603]  </TASK>
[  248.012557][ T8628] binder: 8626:8628 ioctl c0306201 20000000 returned -14
[  248.047836][ T8628] binder: 8626:8628 ioctl 3b85 20000080 returned -22
[  248.063096][ T8631] 9pnet_fd: Insufficient options for proto=fd
[  248.112861][ T8634] ALSA: mixer_oss: invalid OSS volume '¢¢ð½ñL²Îýþ‰XTp0þ¥œý¦'
[  248.133745][ T8633] netlink: 'syz.2.878': attribute type 7 has an invalid length.
[  248.137006][ T8633] openvswitch: Êü: Dropping previously announced user features
[  251.582088][ T6573] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  251.776092][ T6573] usb 6-1: Using ep0 maxpacket: 16
[  251.784573][ T6573] usb 6-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  251.788537][ T6573] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.811926][ T6573] usb 6-1: Product: syz
[  251.813527][ T6573] usb 6-1: Manufacturer: syz
[  251.815424][ T6573] usb 6-1: SerialNumber: syz
[  251.840031][ T6573] usb 6-1: config 0 descriptor??
[  251.845350][ T6573] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  252.099741][ T8668] input: syz0 as /devices/virtual/input/input21
[  252.277536][ T8674] netlink: 20 bytes leftover after parsing attributes in process `syz.1.886'.
[  252.718611][ T8681] FAULT_INJECTION: forcing a failure.
[  252.718611][ T8681] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  252.726697][ T8681] CPU: 3 PID: 8681 Comm: syz.3.890 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  252.731374][ T8681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  252.736215][ T8681] Call Trace:
[  252.737721][ T8681]  <TASK>
[  252.739112][ T8681]  dump_stack_lvl+0x16c/0x1f0
[  252.741230][ T8681]  should_fail_ex+0x497/0x5b0
[  252.743520][ T8681]  _copy_from_iter+0x27a/0xfb0
[  252.746444][ T8681]  ? __pfx__copy_from_iter+0x10/0x10
[  252.749568][ T8681]  ? tun_build_skb.constprop.0+0x1b8/0x1390
[  252.752152][ T8681]  ? __pfx_lock_release+0x10/0x10
[  252.754835][ T8681]  copy_page_from_iter+0xa5/0x120
[  252.757536][ T8681]  tun_build_skb.constprop.0+0x294/0x1390
[  252.760513][ T8681]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  252.763306][ T8681]  tun_get_user+0x888/0x3c20
[  252.765626][ T8681]  ? __pfx_tun_get_user+0x10/0x10
[  252.767861][ T8681]  ? find_held_lock+0x2d/0x110
[  252.769938][ T8681]  ? __pfx_lock_release+0x10/0x10
[  252.772015][ T8681]  tun_chr_write_iter+0xe8/0x210
[  252.774877][ T8681]  vfs_write+0x6b6/0x1140
[  252.776896][ T8681]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  252.779276][ T8681]  ? __pfx_vfs_write+0x10/0x10
[  252.781310][ T8681]  ? __fget_files+0x256/0x400
[  252.783384][ T8681]  ? __fget_light+0x173/0x210
[  252.785707][ T8681]  ksys_write+0x12f/0x260
[  252.787609][ T8681]  ? __pfx_ksys_write+0x10/0x10
[  252.790142][ T8681]  __do_fast_syscall_32+0x73/0x120
[  252.792428][ T8681]  do_fast_syscall_32+0x32/0x80
[  252.794628][ T8681]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.797610][ T8681] RIP: 0023:0xf7f38579
[  252.799399][ T8681] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  252.808880][ T8681] RSP: 002b:00000000f5ce6530 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  252.812772][ T8681] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000140
[  252.817488][ T8681] RDX: 0000000000000036 RSI: 00000000f73b9ff4 RDI: 0000000000000000
[  252.821759][ T8681] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  252.825226][ T8681] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  252.828969][ T8681] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  252.832547][ T8681]  </TASK>
[  252.834014][    C3] vkms_vblank_simulate: vblank timer overrun
[  252.862123][ T6573] gp8psk: usb in 128 operation failed.
[  252.872361][ T6573] gp8psk: usb in 137 operation failed.
[  252.875421][ T6573] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  252.879432][ T6573] dvb_usb_gp8psk 6-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  252.917720][ T6573] usb 6-1: USB disconnect, device number 9
[  253.558755][ T8687] bond_slave_0: entered promiscuous mode
[  253.561929][ T8687] bond_slave_1: entered promiscuous mode
[  253.577251][ T8687] bond_slave_0: left promiscuous mode
[  253.580000][ T8687] bond_slave_1: left promiscuous mode
[  253.777535][ T8687] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  253.812249][ T8687] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  253.843884][ T8687] bond0 (unregistering): Released all slaves
[  254.861956][  T967] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  255.052054][  T967] usb 5-1: Using ep0 maxpacket: 16
[  255.071487][  T967] usb 5-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  255.075860][  T967] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.081365][  T967] usb 5-1: Product: syz
[  255.084569][  T967] usb 5-1: Manufacturer: syz
[  255.089844][  T967] usb 5-1: SerialNumber: syz
[  255.096638][  T967] usb 5-1: config 0 descriptor??
[  255.104827][  T967] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  255.352365][ T8718] ALSA: mixer_oss: invalid OSS volume ''
[  255.362002][ T8718] ALSA: mixer_oss: invalid OSS volume ''
[  255.376298][ T8713] input: syz0 as /devices/virtual/input/input22
[  255.527722][ T8721] netlink: 20 bytes leftover after parsing attributes in process `syz.0.900'.
[  256.014809][  T967] gp8psk: usb in 128 operation failed.
[  256.018617][  T967] gp8psk: usb in 137 operation failed.
[  256.021022][  T967] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  256.032868][  T967] dvb_usb_gp8psk 5-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  256.052866][  T967] usb 5-1: USB disconnect, device number 24
[  256.357052][ T8726] ALSA: mixer_oss: invalid OSS volume ''
[  256.359633][ T8726] ALSA: mixer_oss: invalid OSS volume ''
[  256.835107][ T8734] netlink: 112 bytes leftover after parsing attributes in process `syz.3.906'.
[  257.658158][ T8747] ALSA: mixer_oss: invalid OSS volume ''
[  257.661736][ T8747] ALSA: mixer_oss: invalid OSS volume ''
[  258.096064][    C2] hpet_rtc_timer_reinit: 545 callbacks suppressed
[  258.096083][    C2] hpet: Lost 1 RTC interrupts
[  258.191907][  T967] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  258.392030][  T967] usb 5-1: Using ep0 maxpacket: 16
[  258.407246][  T967] usb 5-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  258.411042][  T967] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.414613][  T967] usb 5-1: Product: syz
[  258.416532][  T967] usb 5-1: Manufacturer: syz
[  258.418560][  T967] usb 5-1: SerialNumber: syz
[  258.433864][  T967] usb 5-1: config 0 descriptor??
[  258.438945][  T967] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  258.757639][ T8751] input: syz0 as /devices/virtual/input/input23
[  258.894539][ T8757] netlink: 20 bytes leftover after parsing attributes in process `syz.0.913'.
[  258.923446][ T8759] FAULT_INJECTION: forcing a failure.
[  258.923446][ T8759] name failslab, interval 1, probability 0, space 0, times 0
[  258.941925][ T8759] CPU: 2 PID: 8759 Comm: syz.2.915 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  258.946047][ T8759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.950513][ T8759] Call Trace:
[  258.951944][ T8759]  <TASK>
[  258.953256][ T8759]  dump_stack_lvl+0x16c/0x1f0
[  258.955389][ T8759]  should_fail_ex+0x497/0x5b0
[  258.957477][ T8759]  should_failslab+0x9/0x20
[  258.959294][ T8759]  __kmalloc_noprof+0xcb/0x410
[  258.961226][ T8759]  constrain_params_by_rules+0x176/0xca0
[  258.963445][ T8759]  ? stack_depot_save_flags+0x31b/0x900
[  258.965935][ T8759]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  258.968626][ T8759]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  258.971225][ T8759]  ? lockdep_hardirqs_on+0x7c/0x110
[  258.973570][ T8759]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  258.976226][ T8759]  ? snd_pcm_oss_change_params_locked+0x13d7/0x3a50
[  258.979122][ T8759]  ? snd_pcm_oss_make_ready_locked+0xb7/0x130
[  258.981696][ T8759]  ? snd_pcm_oss_read+0x3a2/0x760
[  258.983652][ T8759]  ? vfs_read+0x1d4/0xbd0
[  258.985489][ T8759]  ? ksys_read+0x12f/0x260
[  258.987494][ T8759]  ? __do_fast_syscall_32+0x73/0x120
[  258.989818][ T8759]  ? snd_interval_refine+0x2fa/0x580
[  258.992100][ T8759]  snd_pcm_hw_refine+0x7ef/0xad0
[  258.994308][ T8759]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  258.996769][ T8759]  snd_pcm_hw_param_first+0x328/0x6b0
[  258.999156][ T8759]  snd_pcm_hw_param_near.constprop.0+0x711/0x8f0
[  259.001949][ T8759]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  259.004985][ T8759]  ? calc_src_frames.isra.0+0x187/0x1d0
[  259.007480][ T8759]  snd_pcm_oss_change_params_locked+0x13d7/0x3a50
[  259.010388][ T8759]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  259.013235][ T8759]  ? __mutex_lock+0x1a6/0x9c0
[  259.014690][ T8759]  ? __pfx_aa_file_perm+0x10/0x10
[  259.016422][ T8759]  ? snd_pcm_oss_read+0x380/0x760
[  259.018109][ T8759]  ? __pfx___mutex_lock+0x10/0x10
[  259.019806][ T8759]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  259.022290][ T8759]  snd_pcm_oss_read+0x3a2/0x760
[  259.024180][ T8759]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  259.026574][ T8759]  vfs_read+0x1d4/0xbd0
[  259.028309][ T8759]  ? __pfx_vfs_read+0x10/0x10
[  259.030315][ T8759]  ? __fget_files+0x256/0x400
[  259.032351][ T8759]  ? __fget_light+0x173/0x210
[  259.034348][ T8759]  ksys_read+0x12f/0x260
[  259.036012][ T8759]  ? __pfx_ksys_read+0x10/0x10
[  259.038084][ T8759]  __do_fast_syscall_32+0x73/0x120
[  259.040364][ T8759]  do_fast_syscall_32+0x32/0x80
[  259.042547][ T8759]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  259.044905][ T8759] RIP: 0023:0xf73ae579
[  259.046388][ T8759] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  259.053454][ T8759] RSP: 002b:00000000f5ca556c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  259.056586][ T8759] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200023c0
[  259.059809][ T8759] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  259.063223][ T8759] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  259.066687][ T8759] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  259.069603][ T8759] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  259.072919][ T8759]  </TASK>
[  259.365138][  T967] gp8psk: usb in 128 operation failed.
[  259.368331][  T967] gp8psk: usb in 137 operation failed.
[  259.370610][  T967] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  259.375277][  T967] dvb_usb_gp8psk 5-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  259.381405][  T967] usb 5-1: USB disconnect, device number 25
[  259.487582][ T8772] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.497462][ T8772] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.544801][ T8772] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.935639][ T8779] netlink: 'syz.0.921': attribute type 9 has an invalid length.
[  259.940980][ T8779] netlink: 134688 bytes leftover after parsing attributes in process `syz.0.921'.
[  259.949532][ T8774] xt_CT: You must specify a L4 protocol and not use inversions on it
[  260.085783][ T8785] FAULT_INJECTION: forcing a failure.
[  260.085783][ T8785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.090801][ T8785] CPU: 2 PID: 8785 Comm: syz.0.925 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  260.095542][ T8785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.100716][ T8785] Call Trace:
[  260.102241][ T8785]  <TASK>
[  260.103159][ T8783] ALSA: mixer_oss: invalid OSS volume ''
[  260.103590][ T8785]  dump_stack_lvl+0x16c/0x1f0
[  260.106160][ T8783] ALSA: mixer_oss: invalid OSS volume ''
[  260.107892][ T8785]  should_fail_ex+0x497/0x5b0
[  260.112557][ T8785]  _copy_to_user+0x30/0xc0
[  260.114658][ T8785]  simple_read_from_buffer+0xd0/0x160
[  260.116953][ T8785]  proc_fail_nth_read+0x1b0/0x290
[  260.118926][ T8785]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  260.121311][ T8785]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  260.123821][ T8785]  vfs_read+0x1d4/0xbd0
[  260.125839][ T8785]  ? __fdget_pos+0xeb/0x180
[  260.128204][ T8785]  ? do_user_addr_fault+0xdc7/0x13f0
[  260.130564][ T8785]  ? __pfx_vfs_read+0x10/0x10
[  260.132683][ T8785]  ? __pfx___mutex_lock+0x10/0x10
[  260.134883][ T8785]  ? __fget_files+0x256/0x400
[  260.137515][ T8785]  ksys_read+0x12f/0x260
[  260.139697][ T8785]  ? __pfx_ksys_read+0x10/0x10
[  260.142196][ T8785]  __do_fast_syscall_32+0x73/0x120
[  260.144651][ T8785]  do_fast_syscall_32+0x32/0x80
[  260.147088][ T8785]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  260.149903][ T8785] RIP: 0023:0xf7f1f579
[  260.151665][ T8785] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  260.160233][ T8785] RSP: 002b:00000000f5cd65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  260.164437][ T8785] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5cd6630
[  260.167952][ T8785] RDX: 000000000000000f RSI: 00000000f73a9ff4 RDI: 0000000000000000
[  260.171678][ T8785] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  260.175875][ T8785] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  260.180220][ T8785] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  260.184270][ T8785]  </TASK>
[  260.392001][ T8800] FAULT_INJECTION: forcing a failure.
[  260.392001][ T8800] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.397900][ T8800] CPU: 3 PID: 8800 Comm: syz.1.929 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  260.402092][ T8800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.406567][ T8800] Call Trace:
[  260.408036][ T8800]  <TASK>
[  260.409395][ T8800]  dump_stack_lvl+0x16c/0x1f0
[  260.411558][ T8800]  should_fail_ex+0x497/0x5b0
[  260.413683][ T8800]  _copy_to_user+0x30/0xc0
[  260.415662][ T8800]  simple_read_from_buffer+0xd0/0x160
[  260.417839][ T8800]  proc_fail_nth_read+0x1b0/0x290
[  260.420031][ T8800]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  260.422497][ T8800]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  260.425018][ T8800]  vfs_read+0x1d4/0xbd0
[  260.426928][ T8800]  ? __fdget_pos+0xeb/0x180
[  260.430717][ T8800]  ? __pfx_vfs_read+0x10/0x10
[  260.432733][ T8800]  ? __pfx___mutex_lock+0x10/0x10
[  260.435016][ T8800]  ? __fget_files+0x256/0x400
[  260.437180][ T8800]  ksys_read+0x12f/0x260
[  260.439097][ T8800]  ? __pfx_ksys_read+0x10/0x10
[  260.441252][ T8800]  __do_fast_syscall_32+0x73/0x120
[  260.443188][ T8800]  do_fast_syscall_32+0x32/0x80
[  260.445159][ T8800]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  260.447824][ T8800] RIP: 0023:0xf73de579
[  260.449611][ T8800] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  260.458205][ T8800] RSP: 002b:00000000f5cf65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  260.461626][ T8800] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000f5cf6630
[  260.464881][ T8800] RDX: 000000000000000f RSI: 00000000f73c9ff4 RDI: 0000000000000000
[  260.467795][ T8800] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  260.471479][ T8800] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  260.475114][ T8800] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  260.478478][ T8800]  </TASK>
[  260.651401][ T1091] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.741805][ T1091] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.792166][  T967] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  260.840855][ T1091] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.951568][ T1091] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.985566][  T967] usb 6-1: Using ep0 maxpacket: 16
[  260.997544][  T967] usb 6-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  261.001605][  T967] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.011730][  T967] usb 6-1: Product: syz
[  261.023988][  T967] usb 6-1: Manufacturer: syz
[  261.026525][ T1356] ieee802154 phy0 wpan0: encryption failed: -22
[  261.026724][  T967] usb 6-1: SerialNumber: syz
[  261.029345][ T1356] ieee802154 phy1 wpan1: encryption failed: -22
[  261.034499][  T967] usb 6-1: config 0 descriptor??
[  261.047151][  T967] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  261.068959][ T8810] netlink: 20 bytes leftover after parsing attributes in process `syz.2.934'.
[  261.142825][ T1091] bridge_slave_1: left allmulticast mode
[  261.146050][ T1091] bridge_slave_1: left promiscuous mode
[  261.148868][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.158609][ T4651] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  261.159032][ T1091] bridge_slave_0: left allmulticast mode
[  261.167086][ T1091] bridge_slave_0: left promiscuous mode
[  261.167186][ T4651] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  261.169893][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.182226][ T4651] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  261.193187][ T4651] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  261.197021][ T4651] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  261.201306][ T4651] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  261.296742][ T8802] input: syz0 as /devices/virtual/input/input24
[  261.440060][ T8821] netlink: 20 bytes leftover after parsing attributes in process `syz.1.930'.
[  261.538147][ T1091] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.547372][ T1091] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  261.559856][ T1091] bond0 (unregistering): Released all slaves
[  261.580710][ T8814] FAULT_INJECTION: forcing a failure.
[  261.580710][ T8814] name failslab, interval 1, probability 0, space 0, times 0
[  261.586298][ T8814] CPU: 2 PID: 8814 Comm: syz.2.936 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  261.589836][ T8814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  261.594253][ T8814] Call Trace:
[  261.595260][ T8814]  <TASK>
[  261.596297][ T8814]  dump_stack_lvl+0x16c/0x1f0
[  261.598205][ T8814]  should_fail_ex+0x497/0x5b0
[  261.600083][ T8814]  should_failslab+0x9/0x20
[  261.602189][ T8814]  __kmalloc_cache_noprof+0x6b/0x310
[  261.604423][ T8814]  ? rtnl_newlink+0x49/0xa0
[  261.606313][ T8814]  rtnl_newlink+0x49/0xa0
[  261.608171][ T8814]  ? __pfx_rtnl_newlink+0x10/0x10
[  261.610369][ T8814]  rtnetlink_rcv_msg+0x3c7/0xea0
[  261.612613][ T8814]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  261.615020][ T8814]  ? __pfx___dev_queue_xmit+0x10/0x10
[  261.617363][ T8814]  netlink_rcv_skb+0x165/0x410
[  261.619420][ T8814]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  261.621769][ T8814]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  261.624083][ T8814]  ? netlink_deliver_tap+0x1ae/0xcf0
[  261.626454][ T8814]  netlink_unicast+0x544/0x830
[  261.628528][ T8814]  ? __pfx_netlink_unicast+0x10/0x10
[  261.630868][ T8814]  ? __phys_addr_symbol+0x30/0x80
[  261.633343][ T8814]  ? __check_object_size+0x48e/0x720
[  261.635188][ T8814]  netlink_sendmsg+0x8b8/0xd70
[  261.636833][ T8814]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.638669][ T8814]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  261.640502][ T8814]  ____sys_sendmsg+0x9b4/0xb50
[  261.642150][ T8814]  ? __pfx_____sys_sendmsg+0x10/0x10
[  261.643931][ T8814]  ? get_compat_msghdr+0x11b/0x170
[  261.645818][ T8814]  ? __pfx___lock_acquire+0x10/0x10
[  261.647820][ T8814]  ___sys_sendmsg+0x135/0x1e0
[  261.649648][ T8814]  ? __pfx____sys_sendmsg+0x10/0x10
[  261.651663][ T8814]  ? ksys_write+0x21c/0x260
[  261.653513][ T8814]  ? __fget_light+0x173/0x210
[  261.655359][ T8814]  __sys_sendmsg+0x117/0x1f0
[  261.657149][ T8814]  ? __pfx___sys_sendmsg+0x10/0x10
[  261.659363][ T8814]  __do_fast_syscall_32+0x73/0x120
[  261.661611][ T8814]  do_fast_syscall_32+0x32/0x80
[  261.663494][ T8814]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  261.665945][ T8814] RIP: 0023:0xf73ae579
[  261.667415][ T8814] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  261.674883][ T8814] RSP: 002b:00000000f5cc656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  261.678070][ T8814] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000380
[  261.681244][ T8814] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  261.684372][ T8814] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  261.687403][ T8814] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  261.690435][ T8814] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  261.693609][ T8814]  </TASK>
[  261.736833][ T1091] Êü: left promiscuous mode
[  261.744107][ T8823] Cannot find add_set index 0 as target
[  261.909849][  T967] gp8psk: usb in 128 operation failed.
[  261.913857][  T967] gp8psk: usb in 137 operation failed.
[  261.917262][  T967] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  261.917998][ T8815] chnl_net:caif_netlink_parms(): no params data found
[  261.921727][  T967] dvb_usb_gp8psk 6-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  261.932469][  T967] usb 6-1: USB disconnect, device number 10
[  262.151799][ T8815] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.156392][ T8815] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.159921][ T8815] bridge_slave_0: entered allmulticast mode
[  262.163555][ T8815] bridge_slave_0: entered promiscuous mode
[  262.168745][ T8815] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.171542][ T8815] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.174987][ T8815] bridge_slave_1: entered allmulticast mode
[  262.178857][ T8815] bridge_slave_1: entered promiscuous mode
[  262.221988][ T6572] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  262.246271][ T1091] hsr_slave_0: left promiscuous mode
[  262.249549][ T1091] hsr_slave_1: left promiscuous mode
[  262.261978][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  262.265705][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_0
[  262.269369][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  262.273430][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_1
[  262.309830][ T1091] veth1_macvtap: left promiscuous mode
[  262.312243][ T1091] veth0_macvtap: left promiscuous mode
[  262.315549][ T1091] veth1_vlan: left promiscuous mode
[  262.317641][ T1091] veth0_vlan: left promiscuous mode
[  262.432916][ T6572] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.436736][ T6572] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.440460][ T6572] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  262.444109][ T6572] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.449475][ T6572] usb 5-1: config 0 descriptor??
[  262.936363][ T6572] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0
[  262.939683][ T6572] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0
[  262.958558][ T6572] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0D8C:0022.0005/input/input25
[  262.993321][ T6572] cm6533_jd 0003:0D8C:0022.0005: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
[  263.258464][ T4651] Bluetooth: hci0: command tx timeout
[  263.322841][ T6572] usb 5-1: USB disconnect, device number 26
[  263.619479][ T1091] team0 (unregistering): Port device team_slave_1 removed
[  263.709074][ T1091] team0 (unregistering): Port device team_slave_0 removed
[  264.087801][   T39] audit: type=1326 audit(1721392552.526:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8863 comm="syz.1.943" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000
[  264.428723][ T8815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.432522][ T8851] netlink: 'syz.2.940': attribute type 1 has an invalid length.
[  264.436583][ T8851] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  264.453740][ T8870] netlink: 20 bytes leftover after parsing attributes in process `syz.0.944'.
[  264.464056][ T8815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.559668][ T8815] team0: Port device team_slave_0 added
[  264.580386][ T8815] team0: Port device team_slave_1 added
[  264.662008][ T8815] batman_adv: batadv0: Adding interface: batadv_slave_0
[  264.664986][ T8815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.676543][ T8815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.683144][ T8815] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.686169][ T8815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.699823][ T8815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.796738][ T8815] hsr_slave_0: entered promiscuous mode
[  264.806180][ T8815] hsr_slave_1: entered promiscuous mode
[  264.960672][   T39] audit: type=1326 audit(1721392553.396:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.0.951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  265.342224][ T4651] Bluetooth: hci0: command tx timeout
[  265.453900][ T8893] netlink: 'syz.2.952': attribute type 2 has an invalid length.
[  265.457161][ T8893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.952'.
[  265.468621][ T8893] netlink: 'syz.2.952': attribute type 1 has an invalid length.
[  265.471734][ T8893] netlink: 9 bytes leftover after parsing attributes in process `syz.2.952'.
[  265.476478][ T8893] netlink: 24 bytes leftover after parsing attributes in process `syz.2.952'.
[  265.508719][ T8815] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  265.525247][ T8893] netlink: 20 bytes leftover after parsing attributes in process `syz.2.952'.
[  265.526990][ T8897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  265.529489][ T8815] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  265.548238][ T8815] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  265.548339][ T8897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  265.560652][ T8815] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  265.667489][ T8815] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.690525][ T8815] 8021q: adding VLAN 0 to HW filter on device team0
[  265.700501][   T39] audit: type=1326 audit(1721392554.126:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.0.951" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f1f579 code=0x7fc00000
[  265.701638][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.712543][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.712885][ T8907] FAULT_INJECTION: forcing a failure.
[  265.712885][ T8907] name failslab, interval 1, probability 0, space 0, times 0
[  265.721263][ T8907] CPU: 0 PID: 8907 Comm: syz.2.956 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  265.724960][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.725387][ T8907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  265.728209][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.732774][ T8907] Call Trace:
[  265.732785][ T8907]  <TASK>
[  265.732792][ T8907]  dump_stack_lvl+0x16c/0x1f0
[  265.741185][ T8907]  should_fail_ex+0x497/0x5b0
[  265.743265][ T8907]  should_failslab+0x9/0x20
[  265.745247][ T8907]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  265.747544][ T8907]  ? skb_clone+0x190/0x3f0
[  265.749500][ T8907]  skb_clone+0x190/0x3f0
[  265.751343][ T8907]  netlink_deliver_tap+0xb26/0xcf0
[  265.753577][ T8907]  netlink_unicast+0x606/0x830
[  265.755681][ T8907]  ? __pfx_netlink_unicast+0x10/0x10
[  265.758117][ T8907]  ? __phys_addr_symbol+0x30/0x80
[  265.760347][ T8907]  ? __check_object_size+0x48e/0x720
[  265.762651][ T8907]  netlink_sendmsg+0x8b8/0xd70
[  265.764755][ T8907]  ? __pfx_netlink_sendmsg+0x10/0x10
[  265.767000][ T8907]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  265.769357][ T8907]  ____sys_sendmsg+0x9b4/0xb50
[  265.771527][ T8907]  ? __pfx_____sys_sendmsg+0x10/0x10
[  265.773648][ T8907]  ? get_compat_msghdr+0x11b/0x170
[  265.776128][ T8907]  ? __pfx___lock_acquire+0x10/0x10
[  265.778363][ T8907]  ___sys_sendmsg+0x135/0x1e0
[  265.780404][ T8907]  ? __pfx____sys_sendmsg+0x10/0x10
[  265.782627][ T8907]  ? ksys_write+0x21c/0x260
[  265.784556][ T8907]  ? __fget_light+0x173/0x210
[  265.786632][ T8907]  __sys_sendmsg+0x117/0x1f0
[  265.788554][ T8907]  ? __pfx___sys_sendmsg+0x10/0x10
[  265.790891][ T8907]  __do_fast_syscall_32+0x73/0x120
[  265.793197][ T8907]  do_fast_syscall_32+0x32/0x80
[  265.795353][ T8907]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  265.798078][ T8907] RIP: 0023:0xf73ae579
[  265.799798][ T8907] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  265.807608][ T8907] RSP: 002b:00000000f5cc656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  265.810785][ T8907] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  265.814807][ T8907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  265.818350][ T8907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  265.821972][ T8907] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  265.825776][ T8907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  265.829340][ T8907]  </TASK>
[  265.921701][ T8815] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.963802][ T8815] veth0_vlan: entered promiscuous mode
[  265.970098][ T8815] veth1_vlan: entered promiscuous mode
[  265.996445][ T8815] veth0_macvtap: entered promiscuous mode
[  266.004106][ T8815] veth1_macvtap: entered promiscuous mode
[  266.020463][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  266.032228][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.036559][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  266.041180][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.048293][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  266.059055][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.063878][ T8920] binder: Unknown parameter 'ÿÿ'
[  266.066244][ T8815] batman_adv: batadv0: Interface activated: batadv_slave_0
[  266.075893][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.079755][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.083529][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.087818][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.092781][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.096409][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.101893][ T8815] batman_adv: batadv0: Interface activated: batadv_slave_1
[  266.110450][ T8815] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  266.115215][ T8815] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  266.118110][ T8815] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.121060][ T8815] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.121944][ T6572] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  266.169771][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.174316][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.190028][ T1198] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.193448][ T1198] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.289252][ T8922] xt_CT: You must specify a L4 protocol and not use inversions on it
[  266.304141][ T6572] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  266.308915][ T6572] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  266.313561][ T6572] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  266.318708][ T6572] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  266.323893][ T6572] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  266.327126][ T6572] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.331479][ T6572] usb 5-1: config 0 descriptor??
[  266.334060][ T8913] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  266.749405][ T6572] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x7
[  266.752830][ T6572] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  266.756302][ T6572] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  266.759772][ T6572] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  266.762937][ T6572] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  266.766419][ T6572] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  266.769570][ T6572] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  266.772888][ T6572] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  266.776948][ T6572] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  266.783956][ T6572] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  266.878983][ T8927] ALSA: mixer_oss: invalid OSS volume ''
[  266.882203][ T8927] ALSA: mixer_oss: invalid OSS volume ''
[  266.968963][ T8931] netlink: 'syz.2.962': attribute type 2 has an invalid length.
[  266.973773][ T8931] netlink: 4 bytes leftover after parsing attributes in process `syz.2.962'.
[  266.993307][ T8931] netlink: 'syz.2.962': attribute type 1 has an invalid length.
[  266.997334][ T8931] netlink: 9 bytes leftover after parsing attributes in process `syz.2.962'.
[  267.002228][ T8931] netlink: 24 bytes leftover after parsing attributes in process `syz.2.962'.
[  267.052418][ T8931] netlink: 20 bytes leftover after parsing attributes in process `syz.2.962'.
[  267.066187][ T6572] usb 5-1: USB disconnect, device number 27
[  267.210602][ T8939] can0: slcan on ptm0.
[  267.412491][ T4651] Bluetooth: hci0: command tx timeout
[  267.564316][ T8953] tmpfs: Bad value for 'mpol'
[  267.590934][ T8953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.969'.
[  267.779274][ T8957] ALSA: mixer_oss: invalid OSS volume ''
[  267.781677][ T8957] ALSA: mixer_oss: invalid OSS volume ''
[  267.990904][ T8961] support for the xor transformation has been removed.
[  268.015166][ T8963] random: crng reseeded on system resumption
[  268.032693][ T8938] can0 (unregistered): slcan off ptm0.
[  268.152053][ T8973] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  268.155367][ T8973] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  268.162949][ T8973] vhci_hcd vhci_hcd.0: Device attached
[  268.167349][ T8978] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 0
[  268.176691][ T1091] vhci_hcd: stop threads
[  268.176728][ T1091] vhci_hcd: release socket
[  268.176742][ T1091] vhci_hcd: disconnect device
[  268.207932][ T8981] netlink: 'syz.3.978': attribute type 2 has an invalid length.
[  268.212388][ T8981] tunl0: entered promiscuous mode
[  268.216360][ T8981] netlink: 'syz.3.978': attribute type 1 has an invalid length.
[  268.216706][ T8983] netlink: 'syz.1.979': attribute type 1 has an invalid length.
[  268.310945][   T39] audit: type=1800 audit(1721392556.746:762): pid=8983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.979" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  268.324395][ T8988] FAULT_INJECTION: forcing a failure.
[  268.324395][ T8988] name failslab, interval 1, probability 0, space 0, times 0
[  268.330235][ T8988] CPU: 2 PID: 8988 Comm: syz.3.980 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  268.334510][ T8988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  268.339189][ T8988] Call Trace:
[  268.340683][ T8988]  <TASK>
[  268.342011][ T8988]  dump_stack_lvl+0x16c/0x1f0
[  268.344146][ T8988]  should_fail_ex+0x497/0x5b0
[  268.346237][ T8988]  ? __pfx_lock_acquire+0x10/0x10
[  268.348456][ T8988]  should_failslab+0x9/0x20
[  268.350493][ T8988]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  268.352873][ T8988]  ? skb_clone+0x190/0x3f0
[  268.354911][ T8988]  skb_clone+0x190/0x3f0
[  268.356814][ T8988]  dev_queue_xmit_nit+0x38f/0xba0
[  268.359098][ T8988]  dev_hard_start_xmit+0x56/0x790
[  268.361372][ T8988]  ? kasan_save_track+0x14/0x30
[  268.363569][ T8988]  __dev_queue_xmit+0x7c7/0x4300
[  268.365797][ T8988]  ? __pfx___dev_queue_xmit+0x10/0x10
[  268.368189][ T8988]  ? rcu_is_watching+0x12/0xc0
[  268.370343][ T8988]  ? __copy_skb_header+0x2e8/0x5b0
[  268.372616][ T8988]  ? __skb_clone+0x570/0x760
[  268.374683][ T8988]  netlink_deliver_tap+0xa8a/0xcf0
[  268.376921][ T8988]  netlink_unicast+0x606/0x830
[  268.378979][ T8988]  ? __pfx_netlink_unicast+0x10/0x10
[  268.381264][ T8988]  ? __phys_addr_symbol+0x30/0x80
[  268.383502][ T8988]  ? __check_object_size+0x48e/0x720
[  268.385859][ T8988]  netlink_sendmsg+0x8b8/0xd70
[  268.387920][ T8988]  ? __pfx_netlink_sendmsg+0x10/0x10
[  268.390291][ T8988]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  268.392663][ T8988]  ____sys_sendmsg+0x9b4/0xb50
[  268.394840][ T8988]  ? __pfx_____sys_sendmsg+0x10/0x10
[  268.397153][ T8988]  ? get_compat_msghdr+0x11b/0x170
[  268.399454][ T8988]  ? __pfx___lock_acquire+0x10/0x10
[  268.401782][ T8988]  ___sys_sendmsg+0x135/0x1e0
[  268.403755][ T8988]  ? __pfx____sys_sendmsg+0x10/0x10
[  268.405849][ T8988]  ? ksys_write+0x21c/0x260
[  268.407918][ T8988]  ? __fget_light+0x173/0x210
[  268.410040][ T8988]  __sys_sendmsg+0x117/0x1f0
[  268.412126][ T8988]  ? __pfx___sys_sendmsg+0x10/0x10
[  268.414402][ T8988]  __do_fast_syscall_32+0x73/0x120
[  268.416639][ T8988]  do_fast_syscall_32+0x32/0x80
[  268.418708][ T8988]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  268.421485][ T8988] RIP: 0023:0xf73ae579
[  268.423289][ T8988] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  268.431214][ T8988] RSP: 002b:00000000f5cc656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  268.434737][ T8988] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000700
[  268.438116][ T8988] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  268.441616][ T8988] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  268.445137][ T8988] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  268.448160][ T8988] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  268.451333][ T8988]  </TASK>
[  268.600738][ T8993] netlink: 'syz.3.981': attribute type 1 has an invalid length.
[  268.993850][ T9007] tipc: Failed to remove unknown binding: 66,1,1/0:1890146930/1890146932
[  269.104637][ T9011] fuse: Bad value for 'group_id'
[  269.107022][ T9011] fuse: Bad value for 'group_id'
[  269.501986][ T4651] Bluetooth: hci0: command tx timeout
[  269.844076][ T9029] ieee802154 phy0 wpan0: encryption failed: -22
[  269.881182][ T9029] FAULT_INJECTION: forcing a failure.
[  269.881182][ T9029] name failslab, interval 1, probability 0, space 0, times 0
[  269.887806][ T9029] CPU: 2 PID: 9029 Comm: syz.1.994 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  269.892047][ T9029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.896727][ T9029] Call Trace:
[  269.898272][ T9029]  <TASK>
[  269.899597][ T9029]  dump_stack_lvl+0x16c/0x1f0
[  269.901724][ T9029]  should_fail_ex+0x497/0x5b0
[  269.903827][ T9029]  should_failslab+0x9/0x20
[  269.905862][ T9029]  kmem_cache_alloc_node_noprof+0x71/0x310
[  269.908465][ T9029]  ? __alloc_skb+0x2b3/0x380
[  269.910527][ T9029]  __alloc_skb+0x2b3/0x380
[  269.912510][ T9029]  ? __pfx___alloc_skb+0x10/0x10
[  269.914759][ T9029]  ? __pfx___might_resched+0x10/0x10
[  269.917035][ T9029]  netlink_alloc_large_skb+0x69/0x130
[  269.919389][ T9029]  netlink_sendmsg+0x689/0xd70
[  269.921541][ T9029]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.923890][ T9029]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  269.926143][ T9029]  ____sys_sendmsg+0x9b4/0xb50
[  269.928226][ T9029]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.930605][ T9029]  ? get_compat_msghdr+0x11b/0x170
[  269.932907][ T9029]  ? __pfx___lock_acquire+0x10/0x10
[  269.935251][ T9029]  ___sys_sendmsg+0x135/0x1e0
[  269.937321][ T9029]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.939683][ T9029]  ? ksys_write+0x21c/0x260
[  269.941547][ T9029]  ? __fget_light+0x173/0x210
[  269.943404][ T9029]  __sys_sendmsg+0x117/0x1f0
[  269.945441][ T9029]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.947722][ T9029]  __do_fast_syscall_32+0x73/0x120
[  269.950083][ T9029]  do_fast_syscall_32+0x32/0x80
[  269.952411][ T9029]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  269.955565][ T9029] RIP: 0023:0xf73de579
[  269.957427][ T9029] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  269.965732][ T9029] RSP: 002b:00000000f5cd556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  269.969373][ T9029] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000140
[  269.972796][ T9029] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  269.976108][ T9029] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  269.979146][ T9029] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  269.982483][ T9029] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  269.985456][ T9029]  </TASK>
[  270.462455][ T9038] can0: slcan on ptm0.
[  270.488844][ T9038] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  270.593208][ T9037] can0 (unregistered): slcan off ptm0.
[  270.624478][ T9041] netlink: 'syz.2.996': attribute type 1 has an invalid length.
[  270.856851][ T9041] =======================================================
[  270.856851][ T9041] WARNING: The mand mount option has been deprecated and
[  270.856851][ T9041]          and is ignored by this kernel. Remove the mand
[  270.856851][ T9041]          option from the mount to silence this warning.
[  270.856851][ T9041] =======================================================
[  271.950106][ T9051] netlink: 'syz.3.999': attribute type 2 has an invalid length.
[  271.967576][ T9051] __nla_validate_parse: 5 callbacks suppressed
[  271.967595][ T9051] netlink: 4 bytes leftover after parsing attributes in process `syz.3.999'.
[  271.995774][ T9051] netlink: 'syz.3.999': attribute type 1 has an invalid length.
[  271.999299][ T9051] netlink: 9 bytes leftover after parsing attributes in process `syz.3.999'.
[  272.005058][ T9051] netlink: 20 bytes leftover after parsing attributes in process `syz.3.999'.
[  272.241011][ T9059] FAULT_INJECTION: forcing a failure.
[  272.241011][ T9059] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.253756][ T9059] CPU: 2 PID: 9059 Comm: syz.3.1001 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  272.257942][ T9059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  272.262470][ T9059] Call Trace:
[  272.263918][ T9059]  <TASK>
[  272.265208][ T9059]  dump_stack_lvl+0x16c/0x1f0
[  272.267261][ T9059]  should_fail_ex+0x497/0x5b0
[  272.269299][ T9059]  _copy_to_user+0x30/0xc0
[  272.271242][ T9059]  simple_read_from_buffer+0xd0/0x160
[  272.273542][ T9059]  proc_fail_nth_read+0x1b0/0x290
[  272.275738][ T9059]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.278245][ T9059]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.280727][ T9059]  vfs_read+0x1d4/0xbd0
[  272.282631][ T9059]  ? __fdget_pos+0xeb/0x180
[  272.284695][ T9059]  ? __pfx_vfs_read+0x10/0x10
[  272.286612][ T9059]  ? __pfx___mutex_lock+0x10/0x10
[  272.288966][ T9059]  ? __fget_files+0x256/0x400
[  272.290810][ T9059]  ksys_read+0x12f/0x260
[  272.292489][ T9059]  ? __pfx_ksys_read+0x10/0x10
[  272.294383][ T9059]  __do_fast_syscall_32+0x73/0x120
[  272.296373][ T9059]  do_fast_syscall_32+0x32/0x80
[  272.298506][ T9059]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.301366][ T9059] RIP: 0023:0xf73ae579
[  272.303214][ T9059] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  272.311032][ T9059] RSP: 002b:00000000f5cc65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  272.314544][ T9059] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5cc6630
[  272.318069][ T9059] RDX: 000000000000000f RSI: 00000000f7399ff4 RDI: 0000000000000000
[  272.321591][ T9059] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  272.325089][ T9059] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  272.328463][ T9059] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  272.332108][ T9059]  </TASK>
[  272.630421][ T9061] xt_CT: You must specify a L4 protocol and not use inversions on it
[  273.979719][ T9092] netlink: 'syz.3.1011': attribute type 2 has an invalid length.
[  273.984387][ T9092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1011'.
[  273.996270][ T9092] netlink: 'syz.3.1011': attribute type 1 has an invalid length.
[  273.999979][ T9092] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1011'.
[  274.006757][ T9092] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1011'.
[  274.195417][ T9094] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1011'.
[  275.705871][ T9126] netlink: 'syz.3.1023': attribute type 8 has an invalid length.
[  275.751527][ T9128] FAULT_INJECTION: forcing a failure.
[  275.751527][ T9128] name failslab, interval 1, probability 0, space 0, times 0
[  275.757484][ T9128] CPU: 1 PID: 9128 Comm: syz.0.1022 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  275.761555][ T9128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  275.783040][ T9128] Call Trace:
[  275.784608][ T9128]  <TASK>
[  275.785761][ T9128]  dump_stack_lvl+0x16c/0x1f0
[  275.787726][ T9128]  should_fail_ex+0x497/0x5b0
[  275.789794][ T9128]  ? do_raw_spin_lock+0x12d/0x2c0
[  275.791944][ T9128]  should_failslab+0x9/0x20
[  275.793853][ T9128]  __kmalloc_cache_noprof+0x6b/0x310
[  275.796146][ T9128]  ? __module_get+0xd/0x50
[  275.798117][ T9128]  ? psample_group_get+0x15f/0x2e0
[  275.800381][ T9128]  psample_group_get+0x15f/0x2e0
[  275.802585][ T9128]  tcf_sample_init+0x36b/0x940
[  275.804739][ T9128]  ? __pfx_tcf_sample_init+0x10/0x10
[  275.807133][ T9128]  ? tcf_action_init_1+0x2d4/0x6c0
[  275.809447][ T9128]  tcf_action_init_1+0x45f/0x6c0
[  275.811681][ T9128]  ? __pfx_tcf_action_init_1+0x10/0x10
[  275.814144][ T9128]  ? tc_action_load_ops+0x187/0x430
[  275.816486][ T9128]  ? __nla_parse+0x40/0x60
[  275.818502][ T9128]  tcf_action_init+0x501/0x810
[  275.820655][ T9128]  ? __pfx_tcf_action_init+0x10/0x10
[  275.822882][ T9128]  ? find_held_lock+0x2d/0x110
[  275.824400][ T9128]  ? kernel_text_address+0x8d/0x100
[  275.826478][ T9128]  ? __kernel_text_address+0xd/0x40
[  275.828649][ T9128]  ? unwind_get_return_address+0x45/0xe0
[  275.830744][ T9128]  ? kfree_skbmem+0x10e/0x200
[  275.832899][ T9128]  ? kasan_save_stack+0x42/0x60
[  275.835086][ T9128]  ? kasan_save_stack+0x33/0x60
[  275.837105][ T9128]  ? kasan_save_track+0x14/0x30
[  275.839200][ T9128]  tcf_action_add+0xfd/0x5d0
[  275.841300][ T9128]  ? __pfx_tcf_action_add+0x10/0x10
[  275.843603][ T9128]  ? __nla_parse+0x40/0x60
[  275.845519][ T9128]  tc_ctl_action+0x35d/0x470
[  275.847302][ T9128]  ? __pfx_tc_ctl_action+0x10/0x10
[  275.849179][ T9128]  ? rtnetlink_rcv_msg+0x35a/0xea0
[  275.851063][ T9128]  ? __pfx_tc_ctl_action+0x10/0x10
[  275.853027][ T9128]  rtnetlink_rcv_msg+0x3c7/0xea0
[  275.855165][ T9128]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  275.857398][ T9128]  ? __pfx___dev_queue_xmit+0x10/0x10
[  275.859583][ T9128]  netlink_rcv_skb+0x165/0x410
[  275.861618][ T9128]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  275.863919][ T9128]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  275.866143][ T9128]  ? netlink_deliver_tap+0x1ae/0xcf0
[  275.868153][ T9128]  netlink_unicast+0x544/0x830
[  275.871197][ T9128]  ? __pfx_netlink_unicast+0x10/0x10
[  275.873466][ T9128]  ? __phys_addr_symbol+0x30/0x80
[  275.875615][ T9128]  ? __check_object_size+0x4a7/0x720
[  275.877835][ T9128]  netlink_sendmsg+0x8b8/0xd70
[  275.879843][ T9128]  ? __pfx_netlink_sendmsg+0x10/0x10
[  275.882141][ T9128]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  275.884387][ T9128]  ____sys_sendmsg+0x9b4/0xb50
[  275.886525][ T9128]  ? __pfx_____sys_sendmsg+0x10/0x10
[  275.888836][ T9128]  ? get_compat_msghdr+0x11b/0x170
[  275.891050][ T9128]  ? __pfx___lock_acquire+0x10/0x10
[  275.893319][ T9128]  ___sys_sendmsg+0x135/0x1e0
[  275.895250][ T9128]  ? __pfx____sys_sendmsg+0x10/0x10
[  275.897482][ T9128]  ? ksys_write+0x21c/0x260
[  275.899411][ T9128]  ? __fget_light+0x173/0x210
[  275.901248][ T9128]  __sys_sendmsg+0x117/0x1f0
[  275.903020][ T9128]  ? __pfx___sys_sendmsg+0x10/0x10
[  275.905001][ T9128]  __do_fast_syscall_32+0x73/0x120
[  275.906974][ T9128]  do_fast_syscall_32+0x32/0x80
[  275.908964][ T9128]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  275.911428][ T9128] RIP: 0023:0xf7f1f579
[  275.913104][ T9128] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  275.920533][ T9128] RSP: 002b:00000000f5cd656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  275.923640][ T9128] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000100
[  275.926830][ T9128] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  275.929605][ T9128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  275.932448][ T9128] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  275.935873][ T9128] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  275.939236][ T9128]  </TASK>
[  276.078418][ T9134] netlink: 'syz.2.1025': attribute type 2 has an invalid length.
[  276.087208][ T9134] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1025'.
[  276.095304][ T9134] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1025'.
[  276.107429][ T9138] tmpfs: Bad value for 'mpol'
[  276.157342][ T9137] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1025'.
[  276.248335][ T1393] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  276.461931][ T1393] usb 8-1: Using ep0 maxpacket: 8
[  276.467006][ T1393] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  276.471291][ T1393] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.478357][ T1393] usb 8-1: config 0 descriptor??
[  276.709181][ T9130] tunl0: left promiscuous mode
[  276.753832][ T9130] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  276.779653][ T1393] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  276.807473][ T1393] asix 8-1:0.0: probe with driver asix failed with error -71
[  276.824326][ T1393] usb 8-1: USB disconnect, device number 11
[  277.576683][ T9160] ALSA: mixer_oss: invalid OSS volume ''
[  277.582851][ T9160] ALSA: mixer_oss: invalid OSS volume ''
[  277.634402][ T9162] xt_CT: You must specify a L4 protocol and not use inversions on it
[  277.909066][ T9170] netlink: 'syz.2.1036': attribute type 2 has an invalid length.
[  277.912558][ T9170] __nla_validate_parse: 1 callbacks suppressed
[  277.912566][ T9170] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1036'.
[  277.920524][ T9170] netlink: 'syz.2.1036': attribute type 1 has an invalid length.
[  277.923279][ T9170] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1036'.
[  277.927880][ T9170] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1036'.
[  278.030248][ T9180] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1036'.
[  278.320637][ T9190] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  278.379814][ T9198] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1040'.
[  278.386300][ T9198] bond0: option ad_select: unable to set because the bond device is up
[  278.701934][ T1387] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  278.881951][ T1387] usb 7-1: Using ep0 maxpacket: 16
[  278.889834][ T1387] usb 7-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  278.898477][ T1387] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.903935][ T1387] usb 7-1: Product: syz
[  278.911756][ T1387] usb 7-1: Manufacturer: syz
[  278.915832][ T1387] usb 7-1: SerialNumber: syz
[  278.920692][ T1387] usb 7-1: config 0 descriptor??
[  278.926577][ T1387] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  279.194983][ T9202] input: syz0 as /devices/virtual/input/input26
[  279.325199][ T9225] netlink: 'syz.3.1053': attribute type 2 has an invalid length.
[  279.328830][ T9225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1053'.
[  279.335892][ T9225] tunl0: entered promiscuous mode
[  279.341592][ T9225] netlink: 'syz.3.1053': attribute type 1 has an invalid length.
[  279.367375][ T9229] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1043'.
[  279.369355][ T9225] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1053'.
[  279.392531][ T9230] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1053'.
[  279.500395][ T9225] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1053'.
[  279.824556][ T1387] gp8psk: usb in 128 operation failed.
[  279.832118][ T1387] gp8psk: usb in 137 operation failed.
[  279.845048][ T1387] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  279.857227][ T1387] dvb_usb_gp8psk 7-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  279.883771][ T1387] usb 7-1: USB disconnect, device number 24
[  280.095444][   T56] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  280.106238][   T56] hid-generic 0000:0000:0000.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  280.439870][ T9253] FAULT_INJECTION: forcing a failure.
[  280.439870][ T9253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.445933][ T9253] CPU: 2 PID: 9253 Comm: syz.3.1061 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  280.450175][ T9253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  280.454987][ T9253] Call Trace:
[  280.456233][ T9253]  <TASK>
[  280.457595][ T9253]  dump_stack_lvl+0x16c/0x1f0
[  280.459631][ T9253]  should_fail_ex+0x497/0x5b0
[  280.461762][ T9253]  _copy_to_user+0x30/0xc0
[  280.463765][ T9253]  simple_read_from_buffer+0xd0/0x160
[  280.466289][ T9253]  proc_fail_nth_read+0x1b0/0x290
[  280.468579][ T9253]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  280.470981][ T9253]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  280.473362][ T9253]  vfs_read+0x1d4/0xbd0
[  280.475263][ T9253]  ? __fdget_pos+0xeb/0x180
[  280.477129][ T9253]  ? __pfx_vfs_read+0x10/0x10
[  280.479142][ T9253]  ? __pfx___mutex_lock+0x10/0x10
[  280.481298][ T9253]  ? __fget_files+0x256/0x400
[  280.483316][ T9253]  ksys_read+0x12f/0x260
[  280.485239][ T9253]  ? __pfx_ksys_read+0x10/0x10
[  280.487381][ T9253]  __do_fast_syscall_32+0x73/0x120
[  280.489606][ T9253]  do_fast_syscall_32+0x32/0x80
[  280.491803][ T9253]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  280.494707][ T9253] RIP: 0023:0xf73ae579
[  280.496552][ T9253] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  280.504907][ T9253] RSP: 002b:00000000f5cc65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  280.508023][ T9253] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5cc6630
[  280.511345][ T9253] RDX: 000000000000000f RSI: 00000000f7399ff4 RDI: 0000000000000000
[  280.514811][ T9253] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  280.518405][ T9253] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  280.521995][ T9253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  280.525506][ T9253]  </TASK>
[  280.883861][ T9281] KVM: debugfs: duplicate directory 9281-7
[  280.893130][   T39] audit: type=1326 audit(1721392569.336:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  280.904445][   T39] audit: type=1326 audit(1721392569.336:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  280.922087][   T39] audit: type=1326 audit(1721392569.336:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  280.932115][   T39] audit: type=1326 audit(1721392569.336:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  280.941734][   T39] audit: type=1326 audit(1721392569.336:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  280.952685][   T39] audit: type=1326 audit(1721392569.336:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  280.961731][   T39] audit: type=1326 audit(1721392569.336:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  280.972167][   T39] audit: type=1326 audit(1721392569.336:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=254 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  280.984772][   T39] audit: type=1326 audit(1721392569.336:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  280.995031][   T39] audit: type=1326 audit(1721392569.336:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9280 comm="syz.2.1070" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  281.111935][ T1148] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  281.351933][ T1148] usb 5-1: Using ep0 maxpacket: 16
[  281.395974][ T1148] usb 5-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  281.399500][ T1148] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.403104][ T1148] usb 5-1: Product: syz
[  281.405311][ T1148] usb 5-1: Manufacturer: syz
[  281.407309][ T1148] usb 5-1: SerialNumber: syz
[  281.422056][ T1148] usb 5-1: config 0 descriptor??
[  281.429162][ T1148] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  281.690931][ T9278] input: syz0 as /devices/virtual/input/input27
[  282.048841][ T9310] FAULT_INJECTION: forcing a failure.
[  282.048841][ T9310] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.060279][ T9310] CPU: 2 PID: 9310 Comm: syz.3.1079 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  282.064588][ T9310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.071351][ T9310] Call Trace:
[  282.073134][ T9310]  <TASK>
[  282.074373][ T9310]  dump_stack_lvl+0x16c/0x1f0
[  282.076190][ T9310]  should_fail_ex+0x497/0x5b0
[  282.077956][ T9310]  _copy_to_user+0x30/0xc0
[  282.079723][ T9310]  simple_read_from_buffer+0xd0/0x160
[  282.081755][ T9310]  proc_fail_nth_read+0x1b0/0x290
[  282.083755][ T9310]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  282.086499][ T9310]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  282.089483][ T9310]  vfs_read+0x1d4/0xbd0
[  282.091744][ T9310]  ? __fdget_pos+0xeb/0x180
[  282.094155][ T9310]  ? __pfx_vfs_read+0x10/0x10
[  282.096739][ T9310]  ? __pfx___mutex_lock+0x10/0x10
[  282.098919][ T9310]  ? __fget_files+0x256/0x400
[  282.101829][ T9310]  ksys_read+0x12f/0x260
[  282.104478][ T9310]  ? __pfx_ksys_read+0x10/0x10
[  282.106690][ T9310]  __do_fast_syscall_32+0x73/0x120
[  282.108864][ T9310]  do_fast_syscall_32+0x32/0x80
[  282.111150][ T9310]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.114003][ T9310] RIP: 0023:0xf73ae579
[  282.115693][ T9310] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  282.123176][ T9310] RSP: 002b:00000000f5cc65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  282.126853][ T9310] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5cc6630
[  282.129670][ T9310] RDX: 000000000000000f RSI: 00000000f7399ff4 RDI: 0000000000000000
[  282.132930][ T9310] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  282.136654][ T9310] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  282.140013][ T9310] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.144151][ T9310]  </TASK>
[  282.313984][ T1148] gp8psk: usb in 128 operation failed.
[  282.319885][ T1148] gp8psk: usb in 137 operation failed.
[  282.343095][ T1148] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  282.347469][ T1148] dvb_usb_gp8psk 5-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  282.392160][ T9314] ALSA: mixer_oss: invalid OSS volume ''
[  282.394982][ T1148] usb 5-1: USB disconnect, device number 28
[  282.402014][ T9314] ALSA: mixer_oss: invalid OSS volume ''
[  282.599787][ T9316] ALSA: mixer_oss: invalid OSS volume ''
[  282.602634][ T9316] ALSA: mixer_oss: invalid OSS volume ''
[  282.864613][ T9328] netlink: 'syz.0.1086': attribute type 6 has an invalid length.
[  282.868345][ T9328] FAULT_INJECTION: forcing a failure.
[  282.868345][ T9328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.879026][ T9328] CPU: 2 PID: 9328 Comm: syz.0.1086 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  282.882679][ T9328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.887607][ T9328] Call Trace:
[  282.889146][ T9328]  <TASK>
[  282.890557][ T9328]  dump_stack_lvl+0x16c/0x1f0
[  282.892729][ T9328]  should_fail_ex+0x497/0x5b0
[  282.894927][ T9328]  _copy_to_user+0x30/0xc0
[  282.897372][ T9328]  simple_read_from_buffer+0xd0/0x160
[  282.899792][ T9328]  proc_fail_nth_read+0x1b0/0x290
[  282.902067][ T9328]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  282.904419][ T9328]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  282.906736][ T9328]  vfs_read+0x1d4/0xbd0
[  282.908491][ T9328]  ? __fdget_pos+0xeb/0x180
[  282.910054][ T9328]  ? __pfx_vfs_read+0x10/0x10
[  282.912071][ T9328]  ? __pfx___mutex_lock+0x10/0x10
[  282.914367][ T9328]  ? __fget_files+0x256/0x400
[  282.916574][ T9328]  ksys_read+0x12f/0x260
[  282.918538][ T9328]  ? __pfx_ksys_read+0x10/0x10
[  282.920829][ T9328]  __do_fast_syscall_32+0x73/0x120
[  282.923275][ T9328]  do_fast_syscall_32+0x32/0x80
[  282.925512][ T9328]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.928346][ T9328] RIP: 0023:0xf7f1f579
[  282.930195][ T9328] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  282.938752][ T9328] RSP: 002b:00000000f5cd65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  282.942470][ T9328] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5cd6630
[  282.945994][ T9328] RDX: 000000000000000f RSI: 00000000f73a9ff4 RDI: 0000000000000000
[  282.949510][ T9328] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  282.953049][ T9328] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  282.956462][ T9328] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.959939][ T9328]  </TASK>
[  283.086364][ T9331] __nla_validate_parse: 2 callbacks suppressed
[  283.086379][ T9331] netlink: 184 bytes leftover after parsing attributes in process `syz.1.1087'.
[  283.448925][ T9341] netlink: 'syz.2.1090': attribute type 6 has an invalid length.
[  283.802862][ T9346] ALSA: mixer_oss: invalid OSS volume ''
[  283.812709][ T9346] ALSA: mixer_oss: invalid OSS volume ''
[  284.025322][ T9349] cdrom: dropping to single frame dma
[  284.442059][ T1265] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  284.641993][ T1265] usb 8-1: Using ep0 maxpacket: 16
[  284.653247][ T1265] usb 8-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  284.660244][ T1265] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.680446][ T1265] usb 8-1: Product: syz
[  284.686462][ T1265] usb 8-1: Manufacturer: syz
[  284.690413][ T1265] usb 8-1: SerialNumber: syz
[  284.703462][ T1265] usb 8-1: config 0 descriptor??
[  284.725608][ T1265] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  284.926990][ T4651] Bluetooth: hci0: Unknown advertising packet type: 0x74
[  284.927070][ T4651] Bluetooth: hci0: Malformed LE Event: 0x0d
[  284.950122][ T9356] input: syz0 as /devices/virtual/input/input28
[  285.087741][ T9364] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1095'.
[  285.246874][ T9369] overlayfs: failed to resolve './file1': -2
[  285.561218][ T1265] gp8psk: usb in 128 operation failed.
[  285.564766][ T1265] gp8psk: usb in 137 operation failed.
[  285.567799][ T1265] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  285.571444][ T1265] dvb_usb_gp8psk 8-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  285.587015][ T1265] usb 8-1: USB disconnect, device number 12
[  285.981714][ T9381] FAULT_INJECTION: forcing a failure.
[  285.981714][ T9381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.987193][ T9381] CPU: 3 PID: 9381 Comm: syz.2.1102 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  285.991605][ T9381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.996404][ T9381] Call Trace:
[  285.997889][ T9381]  <TASK>
[  285.999104][ T9381]  dump_stack_lvl+0x16c/0x1f0
[  286.001158][ T9381]  should_fail_ex+0x497/0x5b0
[  286.003302][ T9381]  _copy_from_user+0x30/0xf0
[  286.005382][ T9381]  get_compat_msghdr+0xa8/0x170
[  286.007253][ T9381]  ? __pfx_get_compat_msghdr+0x10/0x10
[  286.009528][ T9381]  ? kfree+0x245/0x3b0
[  286.011146][ T9381]  ? find_held_lock+0x2d/0x110
[  286.013085][ T9381]  ___sys_recvmsg+0x193/0x1a0
[  286.014750][ T9381]  ? __pfx____sys_recvmsg+0x10/0x10
[  286.016627][ T9381]  ? __pfx___might_resched+0x10/0x10
[  286.018643][ T9381]  ? __fget_light+0x173/0x210
[  286.020271][ T9381]  do_recvmmsg+0x51a/0x750
[  286.021965][ T9381]  ? __pfx_do_recvmmsg+0x10/0x10
[  286.023645][ T9381]  ? __pfx_lock_release+0x10/0x10
[  286.025953][ T9381]  ? vfs_write+0x14d/0x1140
[  286.027977][ T9381]  __sys_recvmmsg+0x21e/0x280
[  286.030021][ T9381]  ? __pfx___sys_recvmmsg+0x10/0x10
[  286.032038][ T9381]  ? __pfx_ksys_write+0x10/0x10
[  286.034099][ T9381]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  286.037371][ T9381]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.039668][ T9381]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  286.042566][ T9381]  __do_fast_syscall_32+0x73/0x120
[  286.045033][ T9381]  do_fast_syscall_32+0x32/0x80
[  286.047436][ T9381]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.049810][ T9381] RIP: 0023:0xf73ae579
[  286.051535][ T9381] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  286.059968][ T9381] RSP: 002b:00000000f5cc656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  286.063761][ T9381] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200004c0
[  286.066804][ T9381] RDX: 0000000000000f00 RSI: 0000000000000000 RDI: 0000000000000000
[  286.070209][ T9381] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  286.073713][ T9381] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  286.090689][ T9381] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  286.094176][ T9381]  </TASK>
[  286.175889][ T9383] ALSA: mixer_oss: invalid OSS volume ''
[  286.178594][ T9383] ALSA: mixer_oss: invalid OSS volume ''
[  286.956240][ T9405] misc userio: No port type given on /dev/userio
[  287.195507][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.227875][ T9408] overlayfs: failed to resolve './file1': -2
[  287.304654][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.390470][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.491153][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.499856][ T5232] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  287.504924][ T5232] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  287.508977][ T5232] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  287.515568][ T5232] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  287.522495][ T5232] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  287.526311][ T5232] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  287.679905][ T9417] bridge_slave_0: default FDB implementation only supports local addresses
[  287.728456][   T11] bridge_slave_1: left allmulticast mode
[  287.731256][   T11] bridge_slave_1: left promiscuous mode
[  287.734135][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.739826][   T11] bridge_slave_0: left allmulticast mode
[  287.741819][   T11] bridge_slave_0: left promiscuous mode
[  287.744485][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.822537][ T9423] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  287.827067][ T9423] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  287.833024][ T9423] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[  288.047562][ T9427] netlink: 'syz.3.1119': attribute type 7 has an invalid length.
[  288.060079][ T9427] Êü: entered promiscuous mode
[  288.066869][ T9414] chnl_net:caif_netlink_parms(): no params data found
[  288.137815][   T11] Êü: left promiscuous mode
[  288.231357][ T9414] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.238410][ T9414] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.241355][ T9414] bridge_slave_0: entered allmulticast mode
[  288.247188][ T9414] bridge_slave_0: entered promiscuous mode
[  288.282513][ T9414] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.302371][ T9414] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.305237][ T9414] bridge_slave_1: entered allmulticast mode
[  288.309020][ T9414] bridge_slave_1: entered promiscuous mode
[  288.446281][ T9414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  288.454631][ T9414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.560452][   T11] hsr_slave_0: left promiscuous mode
[  288.565622][   T11] hsr_slave_1: left promiscuous mode
[  288.568980][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  288.578670][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  288.591284][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  288.597238][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  288.661683][   T11] veth1_macvtap: left promiscuous mode
[  288.664433][   T11] veth0_macvtap: left promiscuous mode
[  288.667307][   T11] veth1_vlan: left promiscuous mode
[  288.669972][   T11] veth0_vlan: left promiscuous mode
[  289.565975][   T56] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  289.574605][ T5232] Bluetooth: hci1: command tx timeout
[  289.763590][   T56] usb 7-1: Using ep0 maxpacket: 16
[  289.774951][   T56] usb 7-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  289.778848][   T56] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.783343][   T56] usb 7-1: Product: syz
[  289.785934][   T56] usb 7-1: Manufacturer: syz
[  289.788050][   T56] usb 7-1: SerialNumber: syz
[  289.791704][   T56] usb 7-1: config 0 descriptor??
[  289.795941][ T9444] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1123'.
[  289.799128][   T56] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  290.042968][ T9442] input: syz0 as /devices/virtual/input/input29
[  290.083459][   T11] team0 (unregistering): Port device team_slave_1 removed
[  290.272120][ T9449] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1122'.
[  290.406049][   T11] team0 (unregistering): Port device team_slave_0 removed
[  290.683281][   T56] gp8psk: usb in 128 operation failed.
[  290.689011][   T56] gp8psk: usb in 137 operation failed.
[  290.691981][   T56] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  290.698435][   T56] dvb_usb_gp8psk 7-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  290.705870][   T56] usb 7-1: USB disconnect, device number 25
[  291.415255][    C0] ==================================================================
[  291.418857][    C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2de0/0x3cb0
[  291.422071][    C0] Read of size 8 at addr ffff8880577fd418 by task kworker/u32:0/11
[  291.426492][    C0] 
[  291.427571][    C0] CPU: 0 PID: 11 Comm: kworker/u32:0 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  291.433774][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  291.438573][    C0] Workqueue: netns cleanup_net
[  291.440731][    C0] Call Trace:
[  291.442192][    C0]  <IRQ>
[  291.443640][    C0]  dump_stack_lvl+0x116/0x1f0
[  291.445870][    C0]  print_report+0xc3/0x620
[  291.447724][    C0]  ? __virt_addr_valid+0x5e/0x590
[  291.449786][    C0]  ? __phys_addr+0xc6/0x150
[  291.452494][    C0]  kasan_report+0xd9/0x110
[  291.454785][    C0]  ? __lock_acquire+0x2de0/0x3cb0
[  291.457404][    C0]  ? __lock_acquire+0x2de0/0x3cb0
[  291.459944][    C0]  __lock_acquire+0x2de0/0x3cb0
[  291.462480][    C0]  ? try_to_wake_up+0x5d7/0x13e0
[  291.464953][    C0]  ? __pfx_lock_release+0x10/0x10
[  291.467962][    C0]  ? rcu_is_watching+0x12/0xc0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  291.470646][    C0]  ? __smp_call_single_queue+0x174/0x1e0
[  291.473342][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  291.475692][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  291.477984][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  291.480554][    C0]  lock_acquire+0x1b1/0x560
[  291.482473][    C0]  ? p9_req_put+0xca/0x250
[  291.484594][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  291.487510][    C0]  ? __raw_callee_save___pv_queued_spin_unlock_slowpath+0x15/0x30
[  291.491288][    C0]  ? select_task_rq_fair+0x360/0x44b0
[  291.495325][    C0]  ? do_raw_spin_unlock+0x53/0x230
[  291.497688][    C0]  ? .slowpath+0x9/0x18
[  291.499583][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  291.501890][    C0]  ? p9_req_put+0xca/0x250
[  291.503622][    C0]  p9_req_put+0xca/0x250
[  291.505510][    C0]  req_done+0x1e7/0x2f0
[  291.507258][    C0]  ? __pfx_req_done+0x10/0x10
[  291.509332][    C0]  ? __pfx_req_done+0x10/0x10
[  291.511223][    C0]  vring_interrupt+0x31b/0x400
[  291.513190][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  291.515339][    C0]  __handle_irq_event_percpu+0x229/0x7c0
[  291.517772][    C0]  handle_irq_event+0xab/0x1e0
[  291.520137][    C0]  handle_edge_irq+0x263/0xd10
[  291.522374][    C0]  __common_interrupt+0xdf/0x250
[  291.524844][    C0]  common_interrupt+0x52/0xd0
[  291.526506][    C0]  asm_common_interrupt+0x26/0x40
[  291.528244][    C0] RIP: 0010:handle_softirqs+0x1da/0x8f0
[  291.529952][    C0] Code: 89 44 24 18 48 89 6c 24 10 48 c7 c7 40 60 2b 8b e8 6b 78 91 09 65 66 c7 05 09 d3 b0 7e 00 00 e8 7c af 42 00 fb bb ff ff ff ff <49> c7 c6 c0 a0 80 8d 41 0f bc dc 83 c3 01 0f 85 a7 00 00 00 e9 b4
[  291.538805][    C0] RSP: 0018:ffffc90000007f30 EFLAGS: 00000202
[  291.541219][    C0] RAX: 00000000006e8092 RBX: 00000000ffffffff RCX: 1ffffffff2848b2d
[  291.544454][    C0] RDX: 0000000000000000 RSI: ffffffff8b2cc020 RDI: ffffffff8b904c00
[  291.547646][    C0] RBP: ffff888015f42440 R08: 0000000000000001 R09: fffffbfff2847e69
[  291.550937][    C0] R10: ffffffff9423f34f R11: 0000000000000000 R12: 0000000000000082
[  291.554456][    C0] R13: 000000000000000a R14: 0000000000000001 R15: 0000000000000000
[  291.557852][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  291.560104][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  291.562387][    C0]  irq_exit_rcu+0xbb/0x120
[  291.564296][    C0]  sysvec_apic_timer_interrupt+0x95/0xb0
[  291.566764][    C0]  </IRQ>
[  291.567962][    C0]  <TASK>
[  291.569351][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  291.571967][    C0] RIP: 0010:lockdep_unregister_key+0x1ab/0x280
[  291.574625][    C0] Code: f2 22 94 48 89 df e8 54 fd ff ff 48 89 df e8 5c d9 ff ff e8 57 db ff ff 9c 58 f6 c4 02 75 66 41 f7 c5 00 02 00 00 74 01 fb 5b <5d> 41 5c 41 5d 41 5e 41 5f e9 67 0c 0a 00 48 c7 c0 b8 cd e4 8f 48
[  291.582749][    C0] RSP: 0018:ffffc900003d7858 EFLAGS: 00000206
[  291.585213][    C0] RAX: 0000000000000046 RBX: ffff88805669e800 RCX: 0000000000000001
[  291.587984][    C0] RDX: dffffc0000000000 RSI: ffffffff8b2cc2e0 RDI: ffffffff8b904c00
[  291.590979][    C0] RBP: ffff88805669ea98 R08: ffffffff92eb631a R09: 000000000001f98d
[  291.593764][    C0] R10: ffffffff94239087 R11: 0000000000000000 R12: 0000000000000000
[  291.596305][    C0] R13: 0000000000000246 R14: ffffffff943d28a8 R15: ffff88805669eaa0
[  291.599308][    C0]  __qdisc_destroy+0x11a/0x4a0
[  291.601119][    C0]  qdisc_put+0xd1/0xf0
[  291.602506][    C0]  dev_shutdown+0x1c4/0x430
[  291.604288][    C0]  unregister_netdevice_many_notify+0x620/0x1e40
[  291.607165][    C0]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  291.610115][    C0]  ? unregister_netdevice_queue+0x22f/0x3f0
[  291.612641][    C0]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  291.615263][    C0]  ? batadv_softif_destroy_vlan+0xf2/0x170
[  291.617366][    C0]  default_device_exit_batch+0x731/0x9b0
[  291.619309][    C0]  ? __pfx_netdev_run_todo+0x10/0x10
[  291.621493][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  291.624046][    C0]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  291.626175][    C0]  ? __pfx___might_resched+0x10/0x10
[  291.628489][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  291.631779][    C0]  ops_exit_list+0x128/0x180
[  291.633791][    C0]  cleanup_net+0x5b7/0xbf0
[  291.635689][    C0]  ? __pfx_cleanup_net+0x10/0x10
[  291.637784][    C0]  process_one_work+0x958/0x1ad0
[  291.639790][    C0]  ? __pfx_batadv_nc_worker+0x10/0x10
[  291.641584][    C0]  ? __pfx_process_one_work+0x10/0x10
[  291.643523][    C0]  ? assign_work+0x1a0/0x250
[  291.645005][    C0]  worker_thread+0x6c8/0xf20
[  291.646857][    C0]  ? __pfx_worker_thread+0x10/0x10
[  291.648969][    C0]  kthread+0x2c1/0x3a0
[  291.650485][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  291.652402][    C0]  ? __pfx_kthread+0x10/0x10
[  291.654489][    C0]  ret_from_fork+0x45/0x80
[  291.656014][    C0]  ? __pfx_kthread+0x10/0x10
[  291.657542][    C0]  ret_from_fork_asm+0x1a/0x30
[  291.659769][    C0]  </TASK>
[  291.660915][    C0] 
[  291.661860][    C0] Allocated by task 9462:
[  291.663686][    C0]  kasan_save_stack+0x33/0x60
[  291.666163][    C0]  kasan_save_track+0x14/0x30
[  291.668572][    C0]  __kasan_kmalloc+0xaa/0xb0
[  291.670335][    C0]  p9_client_create+0xcf/0x11b0
[  291.672362][    C0]  v9fs_session_init+0x1f8/0x1a80
[  291.674260][    C0]  v9fs_mount+0xc6/0xaa0
[  291.676489][    C0]  legacy_get_tree+0x109/0x220
[  291.678650][    C0]  vfs_get_tree+0x8f/0x380
[  291.680614][    C0]  path_mount+0x6e1/0x1f10
[  291.682750][    C0]  __ia32_sys_mount+0x292/0x310
[  291.685134][    C0]  __do_fast_syscall_32+0x73/0x120
[  291.687354][    C0]  do_fast_syscall_32+0x32/0x80
[  291.689511][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  291.692260][    C0] 
[  291.693274][    C0] Freed by task 9462:
[  291.694977][    C0]  kasan_save_stack+0x33/0x60
[  291.699268][    C0]  kasan_save_track+0x14/0x30
[  291.701763][    C0]  kasan_save_free_info+0x3b/0x60
[  291.704312][    C0]  poison_slab_object+0xf7/0x160
[  291.706700][    C0]  __kasan_slab_free+0x32/0x50
[  291.709518][    C0]  kfree+0x12a/0x3b0
[  291.711772][    C0]  p9_client_create+0x9ca/0x11b0
[  291.714239][    C0]  v9fs_session_init+0x1f8/0x1a80
[  291.716302][    C0]  v9fs_mount+0xc6/0xaa0
[  291.718165][    C0]  legacy_get_tree+0x109/0x220
[  291.720270][    C0]  vfs_get_tree+0x8f/0x380
[  291.722168][    C0]  path_mount+0x6e1/0x1f10
[  291.723973][    C0]  __ia32_sys_mount+0x292/0x310
[  291.726046][    C0]  __do_fast_syscall_32+0x73/0x120
[  291.728069][    C0]  do_fast_syscall_32+0x32/0x80
[  291.730110][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  291.732598][    C0] 
[  291.733578][    C0] The buggy address belongs to the object at ffff8880577fd400
[  291.733578][    C0]  which belongs to the cache kmalloc-512 of size 512
[  291.739837][    C0] The buggy address is located 24 bytes inside of
[  291.739837][    C0]  freed 512-byte region [ffff8880577fd400, ffff8880577fd600)
[  291.745681][    C0] 
[  291.746686][    C0] The buggy address belongs to the physical page:
[  291.749353][    C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x577fc
[  291.753388][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  291.756587][    C0] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  291.759381][    C0] page_type: 0xffffefff(slab)
[  291.761190][    C0] raw: 04fff00000000040 ffff888015442c80 dead000000000100 dead000000000122
[  291.765234][    C0] raw: 0000000000000000 0000000080100010 00000001ffffefff 0000000000000000
[  291.768683][    C0] head: 04fff00000000040 ffff888015442c80 dead000000000100 dead000000000122
[  291.772158][    C0] head: 0000000000000000 0000000080100010 00000001ffffefff 0000000000000000
[  291.775790][    C0] head: 04fff00000000002 ffffea00015dff01 ffffffffffffffff 0000000000000000
[  291.779481][    C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[  291.782910][    C0] page dumped because: kasan: bad access detected
[  291.785617][    C0] page_owner tracks the page as allocated
[  291.788092][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5230, tgid 5230 (syz-executor), ts 68725007623, free_ts 68298298589
[  291.796290][    C0]  post_alloc_hook+0x2d1/0x350
[  291.798201][    C0]  get_page_from_freelist+0x1353/0x2e50
[  291.800378][    C0]  __alloc_pages_noprof+0x22b/0x2460
[  291.804474][    C0]  alloc_slab_page+0x56/0x110
[  291.806533][    C0]  new_slab+0x84/0x260
[  291.808282][    C0]  ___slab_alloc+0xdac/0x1870
[  291.810150][    C0]  __slab_alloc.constprop.0+0x56/0xb0
[  291.812332][    C0]  __kmalloc_noprof+0x379/0x410
[  291.813992][    C0]  fib6_info_alloc+0x40/0x160
[  291.815854][    C0]  ip6_route_info_create+0x337/0x1ad0
[  291.818014][    C0]  addrconf_f6i_alloc+0x393/0x670
[  291.820115][    C0]  ipv6_add_addr+0x538/0x2090
[  291.822098][    C0]  add_addr+0xe0/0x350
[  291.823727][    C0]  add_v4_addrs+0x71a/0xa00
[  291.825587][    C0]  addrconf_init_auto_addrs+0x18a/0x820
[  291.828032][    C0]  addrconf_notify+0xe9e/0x19e0
[  291.830057][    C0] page last free pid 5218 tgid 5218 stack trace:
[  291.832796][    C0]  free_unref_page+0x64a/0xe40
[  291.834804][    C0]  __put_partials+0x14c/0x170
[  291.837562][    C0]  qlist_free_all+0x4e/0x140
[  291.839824][    C0]  kasan_quarantine_reduce+0x192/0x1e0
[  291.842503][    C0]  __kasan_slab_alloc+0x69/0x90
[  291.844804][    C0]  kmem_cache_alloc_node_noprof+0x153/0x310
[  291.848101][    C0]  __alloc_skb+0x2b3/0x380
[  291.850307][    C0]  rtmsg_ifinfo_build_skb+0x81/0x280
[  291.852997][    C0]  rtnetlink_event+0xf3/0x1f0
[  291.855140][    C0]  notifier_call_chain+0xb9/0x410
[  291.857485][    C0]  call_netdevice_notifiers_info+0xbe/0x140
[  291.860546][    C0]  dev_change_name+0x495/0x9c0
[  291.862874][    C0]  do_setlink+0x2f04/0x3ea0
[  291.864859][    C0]  __rtnl_newlink+0xc3a/0x1960
[  291.866935][    C0]  rtnl_newlink+0x67/0xa0
[  291.868798][    C0]  rtnetlink_rcv_msg+0x3c7/0xea0
[  291.870909][    C0] 
[  291.872219][    C0] Memory state around the buggy address:
[  291.876367][    C0]  ffff8880577fd300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  291.879976][    C0]  ffff8880577fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  291.883635][    C0] >ffff8880577fd400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  291.887540][    C0]                             ^
[  291.890193][    C0]  ffff8880577fd480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  291.893686][    C0]  ffff8880577fd500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  291.897948][    C0] ==================================================================
[  291.901413][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  291.904437][    C0] CPU: 0 PID: 11 Comm: kworker/u32:0 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  291.909433][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  291.914876][    C0] Workqueue: netns cleanup_net
[  291.917366][    C0] Call Trace:
[  291.918838][    C0]  <IRQ>
[  291.920155][    C0]  dump_stack_lvl+0x3d/0x1f0
[  291.922266][    C0]  panic+0x6f5/0x7a0
[  291.924310][    C0]  ? __pfx_panic+0x10/0x10
[  291.926495][    C0]  ? rcu_is_watching+0x12/0xc0
[  291.928523][    C0]  ? __pfx_lock_release+0x10/0x10
[  291.930843][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  291.933144][    C0]  check_panic_on_warn+0xab/0xb0
[  291.935190][    C0]  end_report+0x117/0x180
[  291.937038][    C0]  kasan_report+0xe9/0x110
[  291.938969][    C0]  ? __lock_acquire+0x2de0/0x3cb0
[  291.941310][    C0]  ? __lock_acquire+0x2de0/0x3cb0
[  291.944254][    C0]  __lock_acquire+0x2de0/0x3cb0
[  291.946675][    C0]  ? try_to_wake_up+0x5d7/0x13e0
[  291.948948][    C0]  ? __pfx_lock_release+0x10/0x10
[  291.951521][    C0]  ? rcu_is_watching+0x12/0xc0
[  291.953842][    C0]  ? __smp_call_single_queue+0x174/0x1e0
[  291.956231][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  291.958704][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  291.960814][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  291.963318][    C0]  lock_acquire+0x1b1/0x560
[  291.965300][    C0]  ? p9_req_put+0xca/0x250
[  291.967229][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  291.969618][    C0]  ? __raw_callee_save___pv_queued_spin_unlock_slowpath+0x15/0x30
[  291.973167][    C0]  ? select_task_rq_fair+0x360/0x44b0
[  291.975349][    C0]  ? do_raw_spin_unlock+0x53/0x230
[  291.977376][    C0]  ? .slowpath+0x9/0x18
[  291.979031][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  291.980958][    C0]  ? p9_req_put+0xca/0x250
[  291.982916][    C0]  p9_req_put+0xca/0x250
[  291.984835][    C0]  req_done+0x1e7/0x2f0
[  291.986718][    C0]  ? __pfx_req_done+0x10/0x10
[  291.988830][    C0]  ? __pfx_req_done+0x10/0x10
[  291.990981][    C0]  vring_interrupt+0x31b/0x400
[  291.993193][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  291.995681][    C0]  __handle_irq_event_percpu+0x229/0x7c0
[  291.998307][    C0]  handle_irq_event+0xab/0x1e0
[  292.000760][    C0]  handle_edge_irq+0x263/0xd10
[  292.002774][    C0]  __common_interrupt+0xdf/0x250
[  292.005117][    C0]  common_interrupt+0x52/0xd0
[  292.007239][    C0]  asm_common_interrupt+0x26/0x40
[  292.009558][    C0] RIP: 0010:handle_softirqs+0x1da/0x8f0
[  292.011944][    C0] Code: 89 44 24 18 48 89 6c 24 10 48 c7 c7 40 60 2b 8b e8 6b 78 91 09 65 66 c7 05 09 d3 b0 7e 00 00 e8 7c af 42 00 fb bb ff ff ff ff <49> c7 c6 c0 a0 80 8d 41 0f bc dc 83 c3 01 0f 85 a7 00 00 00 e9 b4
[  292.020834][    C0] RSP: 0018:ffffc90000007f30 EFLAGS: 00000202
[  292.023502][    C0] RAX: 00000000006e8092 RBX: 00000000ffffffff RCX: 1ffffffff2848b2d
[  292.027147][    C0] RDX: 0000000000000000 RSI: ffffffff8b2cc020 RDI: ffffffff8b904c00
[  292.030718][    C0] RBP: ffff888015f42440 R08: 0000000000000001 R09: fffffbfff2847e69
[  292.034193][    C0] R10: ffffffff9423f34f R11: 0000000000000000 R12: 0000000000000082
[  292.037314][    C0] R13: 000000000000000a R14: 0000000000000001 R15: 0000000000000000
[  292.041035][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  292.043515][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  292.045912][    C0]  irq_exit_rcu+0xbb/0x120
[  292.047901][    C0]  sysvec_apic_timer_interrupt+0x95/0xb0
[  292.050994][    C0]  </IRQ>
[  292.052899][    C0]  <TASK>
[  292.054257][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  292.056861][    C0] RIP: 0010:lockdep_unregister_key+0x1ab/0x280
[  292.059557][    C0] Code: f2 22 94 48 89 df e8 54 fd ff ff 48 89 df e8 5c d9 ff ff e8 57 db ff ff 9c 58 f6 c4 02 75 66 41 f7 c5 00 02 00 00 74 01 fb 5b <5d> 41 5c 41 5d 41 5e 41 5f e9 67 0c 0a 00 48 c7 c0 b8 cd e4 8f 48
[  292.068762][    C0] RSP: 0018:ffffc900003d7858 EFLAGS: 00000206
[  292.071487][    C0] RAX: 0000000000000046 RBX: ffff88805669e800 RCX: 0000000000000001
[  292.075692][    C0] RDX: dffffc0000000000 RSI: ffffffff8b2cc2e0 RDI: ffffffff8b904c00
[  292.079929][    C0] RBP: ffff88805669ea98 R08: ffffffff92eb631a R09: 000000000001f98d
[  292.084462][    C0] R10: ffffffff94239087 R11: 0000000000000000 R12: 0000000000000000
[  292.088935][    C0] R13: 0000000000000246 R14: ffffffff943d28a8 R15: ffff88805669eaa0
[  292.092796][    C0]  __qdisc_destroy+0x11a/0x4a0
[  292.095018][    C0]  qdisc_put+0xd1/0xf0
[  292.096934][    C0]  dev_shutdown+0x1c4/0x430
[  292.099540][    C0]  unregister_netdevice_many_notify+0x620/0x1e40
[  292.102645][    C0]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  292.106239][    C0]  ? unregister_netdevice_queue+0x22f/0x3f0
[  292.109417][    C0]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  292.112431][    C0]  ? batadv_softif_destroy_vlan+0xf2/0x170
[  292.115504][    C0]  default_device_exit_batch+0x731/0x9b0
[  292.119052][    C0]  ? __pfx_netdev_run_todo+0x10/0x10
[  292.122374][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  292.125623][    C0]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  292.128451][    C0]  ? __pfx___might_resched+0x10/0x10
[  292.131207][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  292.134283][    C0]  ops_exit_list+0x128/0x180
[  292.136914][    C0]  cleanup_net+0x5b7/0xbf0
[  292.139074][    C0]  ? __pfx_cleanup_net+0x10/0x10
[  292.141616][    C0]  process_one_work+0x958/0x1ad0
[  292.144435][    C0]  ? __pfx_batadv_nc_worker+0x10/0x10
[  292.147815][    C0]  ? __pfx_process_one_work+0x10/0x10
[  292.151030][    C0]  ? assign_work+0x1a0/0x250
[  292.153353][    C0]  worker_thread+0x6c8/0xf20
[  292.155716][    C0]  ? __pfx_worker_thread+0x10/0x10
[  292.158464][    C0]  kthread+0x2c1/0x3a0
[  292.160836][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.163501][    C0]  ? __pfx_kthread+0x10/0x10
[  292.165421][    C0]  ret_from_fork+0x45/0x80
[  292.167605][    C0]  ? __pfx_kthread+0x10/0x10
[  292.170002][    C0]  ret_from_fork_asm+0x1a/0x30
[  292.172188][    C0]  </TASK>
[  292.175492][    C0] Kernel Offset: disabled
[  292.177467][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:32:31  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fc1315 RDI=ffffffff94da62c0 RBP=ffffffff94da6280 RSP=ffffc90000007478
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3530383838666666
R12=0000000000000000 R13=0000000000000038 R14=ffffffff84fc12b0 R15=0000000000000000
RIP=ffffffff84fc133f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5ca4e8c CR3=0000000054f74000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000003cac85 RBX=0000000000000001 RCX=ffffffff8ae47699 RDX=0000000000000000
RSI=ffffffff8b2cc020 RDI=ffffffff8b904c00 RBP=ffffed1002cea910 RSP=ffffc90000477e08
R8 =0000000000000001 R9 =ffffed1005826fe1 R10=ffff88802c137f0b R11=0000000000000000
R12=0000000000000001 R13=ffff888016754880 R14=ffffffff8fe49ad8 R15=0000000000000000
RIP=ffffffff8ae48a8f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c408574 CR3=000000005824e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000000 RBX=1ffff9200071feac RCX=0000000000000001 RDX=ffff888018ef5358
RSI=ffffffff8b2cc2e0 RDI=ffffffff8b904c00 RBP=0000000000000003 RSP=ffffc900038ff550
R8 =0000000000000000 R9 =fffffbfff1fc935b R10=ffffffff8fe49adf R11=0000000000000000
R12=ffffffff8dbb4e60 R13=0000000000000008 R14=ffff888018ef5358 R15=ffff888018ef4880
RIP=ffffffff816c8510 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4907495d00 ffffffff 00c00000
GS =0000 ffff88802c200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000561fbbf7b000 CR3=0000000027186000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=f65730bff65730bf f65730bff65730bf f65730bff65730bf f65730bff65730bf f65730bff65730bf f65730bff65730bf f65730bff65730bf f65730bff65730bf
ZMM22=e4b62c31e4b62c31 e4b62c31e4b62c31 e4b62c31e4b62c31 e4b62c31e4b62c31 e4b62c31e4b62c31 e4b62c31e4b62c31 e4b62c31e4b62c31 e4b62c31e4b62c31
ZMM23=a86637a9a86637a9 a86637a9a86637a9 a86637a9a86637a9 a86637a9a86637a9 a86637a9a86637a9 a86637a9a86637a9 a86637a9a86637a9 a86637a9a86637a9
ZMM24=dc5aa1c1dc5aa1c1 dc5aa1c1dc5aa1c1 dc5aa1c1dc5aa1c1 dc5aa1c1dc5aa1c1 dc5aa1c1dc5aa1c1 dc5aa1c1dc5aa1c1 dc5aa1c1dc5aa1c1 dc5aa1c1dc5aa1c1
ZMM25=3bb4dd263bb4dd26 3bb4dd263bb4dd26 3bb4dd263bb4dd26 3bb4dd263bb4dd26 3bb4dd263bb4dd26 3bb4dd263bb4dd26 3bb4dd263bb4dd26 3bb4dd263bb4dd26
ZMM26=16b1dc8116b1dc81 16b1dc8116b1dc81 16b1dc8116b1dc81 16b1dc8116b1dc81 16b1dc8116b1dc81 16b1dc8116b1dc81 16b1dc8116b1dc81 16b1dc8116b1dc81
ZMM27=8dfa2b9e8dfa2b9e 8dfa2b9e8dfa2b9e 8dfa2b9e8dfa2b9e 8dfa2b9e8dfa2b9e 8dfa2b9e8dfa2b9e 8dfa2b9e8dfa2b9e 8dfa2b9e8dfa2b9e 8dfa2b9e8dfa2b9e
ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=4d0900004d090000 4d0900004d090000 4d0900004d090000 4d0900004d090000 4d0900004d090000 4d0900004d090000 4d0900004d090000 4d0900004d090000
info registers vcpu 3

CPU#3
RAX=00000000001a99c5 RBX=0000000000000003 RCX=ffffffff8ae47699 RDX=0000000000000000
RSI=ffffffff8b2cc020 RDI=ffffffff8b904c00 RBP=ffffed1002ced488 RSP=ffffc90000497e08
R8 =0000000000000001 R9 =ffffed1005866fe1 R10=ffff88802c337f0b R11=0000000000000000
R12=0000000000000003 R13=ffff88801676a440 R14=ffffffff8fe49ad8 R15=0000000000000000
RIP=ffffffff8ae48a8f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5cb5da4 CR3=0000000029928000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 88ed54c504ab5166 bcb37a05e032d047
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3f1bf9686ec9823e 39893729fb1eae3f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5ee2ab79c4d9db90 f3d2e8bde8beb7ea
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3434847c3938d41a 35001ed886b047c4
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003f80
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 74ef29a001a0cf97 00000000000000b1
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 77bf75f6b787bd76 002f4e77b78d2610
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7975cc78000000b1 000000b1000000b1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000b1 00e3049a00000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a91d2cc6a6e2484 1376e997357ecc12
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a5240f7a38e23c80 592d7f4ec4c7a737
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000