last executing test programs:

52.548527168s ago: executing program 3 (id=1495):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000104038000000000000000008100000a0500010004"], 0x1c}, 0x1, 0x0, 0xf5, 0x10}, 0x4000)

35.813630566s ago: executing program 3 (id=1495):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000104038000000000000000008100000a0500010004"], 0x1c}, 0x1, 0x0, 0xf5, 0x10}, 0x4000)

35.801553847s ago: executing program 3 (id=1495):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000104038000000000000000008100000a0500010004"], 0x1c}, 0x1, 0x0, 0xf5, 0x10}, 0x4000)

31.8470022s ago: executing program 3 (id=1495):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000104038000000000000000008100000a0500010004"], 0x1c}, 0x1, 0x0, 0xf5, 0x10}, 0x4000)

24.873999627s ago: executing program 3 (id=1495):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000104038000000000000000008100000a0500010004"], 0x1c}, 0x1, 0x0, 0xf5, 0x10}, 0x4000)

17.474593755s ago: executing program 1 (id=1659):
openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000005c0)='sched_switch\x00', r0}, 0x18)
r1 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
write$cgroup_int(r1, 0x0, 0x0)
remap_file_pages(&(0x7f000057a000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x1c0000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
getpid()
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
getdents64(r2, &(0x7f0000000080)=""/98, 0x62)
getdents(r2, 0xffffffffffffffff, 0x18)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
write(r4, &(0x7f0000000040)="cb", 0xfffffdef)
setpriority(0x2, 0x0, 0x7)
socket$netlink(0x10, 0x3, 0x0)
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8, 0x80000)
readv(r5, &(0x7f0000000000)=[{&(0x7f0000000140)=""/128, 0x80}], 0x1)
socket$nl_route(0x10, 0x3, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
syz_io_uring_setup(0x38fc, &(0x7f0000000300)={0x0, 0x200000, 0x2, 0x0, 0x12d, 0x0, r1}, 0x0, 0x0)

17.374096073s ago: executing program 2 (id=1660):
syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000240)=<r3=>0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="5b299c00", @ANYRES16=r6, @ANYBLOB="0103fcffffff000000002b0000000c0006000100000001000000"], 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r7=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x401, 0xfffffffe, 0x0, {0x0, 0x48, 0x0, r7, 0x2ceaf, 0x162}, [@IFLA_PROMISCUITY={0x8, 0x1e, 0x80000001}, @IFLA_ADDRESS={0xa, 0x1, @remote}, @IFLA_ALT_IFNAME={0x14, 0x35, 'syzkaller0\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000004}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00'})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r9)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x7e, &(0x7f0000000340)=ANY=[], 0x0)
recvmsg(r10, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
ioctl$SIOCSIFHWADDR(r9, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618000000008553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0), 0x106, 0xa}}, 0x20)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x110, 0x0, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x8})

16.772975405s ago: executing program 3 (id=1495):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000104038000000000000000008100000a0500010004"], 0x1c}, 0x1, 0x0, 0xf5, 0x10}, 0x4000)

16.046344493s ago: executing program 1 (id=1666):
mkdir(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000002580)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2f00000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000006000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258273b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e2b42bf0ed0c8cef3ba2a730a00c87c493e1fa60e63fda97a29682881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f07be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e015cae2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c0100ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f03006e1fa89917e131f4034a8383e99c3568fd04201b37cd92c52f87b039d5430b3c6643e9146d2478ce31344b554aca78a0000000000000010c65608fda6ed5d08e7a796042aa127d8741057e8c82d4cd1ff87d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de57f9c4af1e094fa4e3f05528c2a165996efb5a430c08dd810bc97204b767dd969721a26aa74e1bf4b9e0ac67ca77315af1c88265f494f88d1cc6cec905602f479c622422c7a6738cce189a2f4f3fd25a5e3a183e60144a8491333593188f1133a03db633428ff2cc0ed186f7c169386b22a65de09e7bc87ddc48d9f932f39639a012b43efd7c64221d5a36db82f045dc05a04da03df9eca141636c35f863a77f3ee3ba73b7d79d69494750de5fa25bfd0c4874041f3f2ef8db57e9c79039e47a010b998277837559c3a00000000b72cb719bfa4a7a95014dede3e21509f5042b4c9a27c9e3e7d71b388fca4ac8153c0accc452e849e52fab7496d96282fce364944000000000000978d4322143b27bfcdae624a79119351ae3643cc13db6119f1dd02f7477833191e8d140f5753eac5d4eb18d49c34136364b8540dbd4697762e003f3789c8bc31fd3ff8c1495f9ddac0607739f47d7e75401e6c1c1150e8d5b2ed2a233316e597a2112f9d68f15b7eec5a80666551d568eaa402f0848641753e6cdb871ad262ec8576c78e88f27707b93c1de78900"/1223], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x1f2f, 0xf, 0x3ce, &(0x7f00000007c0)="9f44948721919580680710a486dd", 0x0, 0x23b, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x7fffffffffffef9, 0x40000002, 0x0)
socket$unix(0x1, 0x1, 0x0)
r4 = shmget$private(0x0, 0xc00000, 0x200, &(0x7f00003fd000/0xc00000)=nil)
shmat(r4, &(0x7f0000f7e000/0x1000)=nil, 0x5000)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@mcast1, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x6, 0x20000000, 0xfffffffffffffffc}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x2, @in=@empty, 0x10000000, 0x4}}, 0xe8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

16.03949121s ago: executing program 2 (id=1667):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="0815000000051104000000000000000001000005540201"], 0x1508}, 0x1, 0x0, 0x0, 0x24000080}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@private2, @in=@multicast2, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x400000000, 0x8, 0x0, 0x7fffffffffffffff, 0x0, 0xffffffff}, {0x0, 0x0, 0x1}}, {{@in6=@mcast1, 0x0, 0x2b}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x3507, 0x0, 0x0, 0x0, 0xfffffffe, 0x4000000}}, 0xfffffe77)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="180800181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bc0908000000000035090100000000009500000000070000b7020000000000007b9a00fe000000006609000000000000dbaaf0ff50000000bf8620000000000007080000f8ffffffbfa400000000000007040000f0ffffff770000000800000018220000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000010000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @sack_perm, @timestamp, @sack_perm, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x5b)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0xb400, 0x0, 0x11)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)
bind$x25(r0, &(0x7f0000000100)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}}, 0x12)

15.975108216s ago: executing program 2 (id=1668):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="0815000000051104000000000000000001000005540201"], 0x1508}, 0x1, 0x0, 0x0, 0x24000080}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@private2, @in=@multicast2, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x400000000, 0x8, 0x0, 0x7fffffffffffffff, 0x0, 0xffffffff}, {0x0, 0x0, 0x1}}, {{@in6=@mcast1, 0x0, 0x2b}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x3507, 0x0, 0x0, 0x0, 0xfffffffe, 0x4000000}}, 0xfffffe77)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="180800181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bc0908000000000035090100000000009500000000070000b7020000000000007b9a00fe000000006609000000000000dbaaf0ff50000000bf8620000000000007080000f8ffffffbfa400000000000007040000f0ffffff770000000800000018220000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000010000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @sack_perm, @timestamp, @sack_perm, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x5b)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
shmget$private(0x0, 0x2000, 0x203, &(0x7f0000ffc000/0x2000)=nil)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0x8, 0x0, 0x0, 0x0)
bind$x25(r0, &(0x7f0000000100)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}}, 0x12)

15.974657745s ago: executing program 0 (id=1669):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x0, 0x0) (fail_nth: 62)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x400000d2, 0x4)
shutdown(r1, 0x0)

15.838418283s ago: executing program 2 (id=1670):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x50313134, 0x0, 0xa, [{}, {0x10}, {}, {}, {0x6}]}})
socket(0x2c, 0x803, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x104, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0xf0, 0x1, [@m_ct={0x98, 0xb, 0x0, 0x0, {{0x7}, {0x28, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x1ff}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCA_CT_LABELS={0x14, 0x7, "e676ce1a91d1ed1211b456a99b6294c7"}]}, {0x4a, 0x6, "63571f949496b26900c4e5ccf38b213c50acfaf282bc366a8fede9c7695af61557ec9f83f05c5d37cd6e6651ece8339ddaf06b373c6a8fc26d7f6e54098c2af235987c9847f2"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ife={0x54, 0x201b, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x1}}}]}, {0xf, 0x6, "d8378a6ad864825bb979f5"}, {0xc}, {0xc}}}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x804}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

15.838101811s ago: executing program 0 (id=1671):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x203, @void, @value}, 0x94)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = fcntl$dupfd(r0, 0x0, r1)
ioctl$LOOP_SET_STATUS64(r2, 0x4008af10, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x12, 0x19, 0x11, "49b82f03fc06fea6e074521ddfdfc72133f2ba4d96b4f2ff6891d045afdc9a96a4c71fc9171bc6e5eece71ea3569a825a937330d7c962e524ef0d77344c59104", "c5ecde5f1ff9afde67b9f08d3ad1eb460a7eb4ae1909ac0ac88e3533bfd0970714142bed7373d18c17806cfffd07635a223d2385413eb9faa13a4ef62626583c", "ffaded6e58281d2c6c49d855ac19032d65f4250a894464749e89c21a03fdc318", [0x4, 0xffffffffffffffff]})

15.804409398s ago: executing program 0 (id=1672):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd1, &(0x7f0000000000)=0x9, 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f00000000c0)={0x0, 0x1, 0x6}, 0xc)

15.714178729s ago: executing program 0 (id=1673):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newqdisc={0x5c, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x2c, 0x2, [@TCA_CAKE_ATM={0x8, 0x4, 0x1}, @TCA_CAKE_OVERHEAD={0x8, 0x6, 0xfffffffffffffff9}, @TCA_CAKE_INGRESS={0x8}, @TCA_CAKE_OVERHEAD={0x8, 0x6, 0xd2}, @TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x5}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x55}, 0x4000)

15.71383795s ago: executing program 0 (id=1674):
ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x1, 0xa, 0x3, "2e85f85a3b9156e89e82960ad936188f4429f4bf777d1b56926c75b050d4c3f0", 0x39555659})
read$snddsp(0xffffffffffffffff, &(0x7f0000001040)=""/141, 0x8d)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
keyctl$clear(0x7, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010e7010000000000000000000000000a20000000000a03000000000000000000070000000c00044000000000000000021c000000090a010400000000000000000700000008000a4000000003"], 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000d0425bd7000fcdbff2500000022", @ANYRES32=0x0, @ANYBLOB="10000000000000001c0012800b00010062726964676500000c0002800800030019000000"], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmmsg$alg(r3, &(0x7f00000000c0), 0x492492492492627, 0x0)
setgroups(0x0, 0x0)
r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$int_in(r4, 0x5421, &(0x7f0000000000)=0x5)
connect$bt_rfcomm(r4, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0xb}, 0xa)
close(r4)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x80)
syz_open_dev$tty1(0xc, 0x4, 0x1)
getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))

15.049963356s ago: executing program 1 (id=1675):
clock_adjtime(0x0, &(0x7f0000000240)={0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000})

15.049386847s ago: executing program 2 (id=1676):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x39011, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2, 0x400000000000003, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3, 0x0, 0x0, 0x0, 0x3fffffffc}, @sadb_address={0x5, 0x6, 0x93, 0x20, 0x0, @in6={0xa, 0x0, 0x0, @remote}}, @sadb_lifetime={0x4, 0x4}, @sadb_sa={0x2, 0x1, 0x4d6, 0x0, 0x0, 0x0, 0x4, 0xe0000001}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}]}, 0xb0}}, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000100)=0x10000007, 0x4)
ioctl$KVM_GET_VCPU_EVENTS(r5, 0xc048aeca, &(0x7f0000000100))
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='debugfs\x00', 0x0, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x40020, &(0x7f00000003c0))
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_START_AP(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x8c, r8, 0x5, 0x0, 0x3, {{}, {@val={0x8, 0x3, r10}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4d, 0xe, {{{}, {}, @broadcast, @broadcast, @from_mac}, 0x0, @random=0x1a8, 0x4003, @void, @val, @val={0x3, 0x1, 0xae}, @val={0x4, 0x6, {0x3, 0x7, 0x7f, 0xfc}}, @void, @void, @val={0x25, 0x3, {0x0, 0x24, 0x4}}, @val={0x2a, 0x1, {0x1}}, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x3, 0xff, 0x1b, 0x401}}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x80000000}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}]]}, 0x8c}, 0x1, 0x8000000}, 0x4040870)
sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, r6, 0x8, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x3, 0x2a}}}}, [@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x48004)
r11 = syz_open_procfs(0x0, &(0x7f0000000340)='net/ip_vs\x00')
preadv(r11, &(0x7f0000000000)=[{&(0x7f0000000240)=""/232, 0xe8}], 0x1, 0x4, 0x5)

15.049220893s ago: executing program 1 (id=1677):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'ip_vti0\x00', &(0x7f00000001c0)={'ip_vti0\x00', <r1=>0x0, 0x20, 0x8, 0x80000000, 0x5, {{0x20, 0x4, 0x2, 0x3e, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@end, @timestamp_addr={0x44, 0x44, 0x65, 0x1, 0x6, [{@private=0xa010102, 0x10000}, {@multicast2, 0x6}, {@multicast1, 0x8}, {@broadcast, 0x5}, {@local, 0x40}, {@local, 0x4}, {@private=0xa010102, 0xfffffffb}, {@private=0xa010101, 0x2}]}, @ssrr={0x89, 0x27, 0xa1, [@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2e}, @loopback, @private=0xa010102, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @remote, @dev={0xac, 0x14, 0x14, 0x28}]}]}}}}})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@ipv4_getnetconf={0x24, 0x52, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x1}, @NETCONFA_IFINDEX={0x8, 0x1, r1}]}, 0x24}}, 0x20040055)
mq_open(&(0x7f0000000000)='/@})-\x00', 0x800, 0x28, &(0x7f0000000040)={0x7fff, 0x5b11, 0x3, 0x100})

14.969141561s ago: executing program 1 (id=1678):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
vmsplice(r1, &(0x7f0000000880)=[{&(0x7f0000000380)="75baa38c", 0x4}], 0x1, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r2, 0x89f9, &(0x7f00000002c0)={'sit0\x00', &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x3f}, 0x1e, 0x1c}})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = syz_open_dev$evdev(&(0x7f0000000140), 0xb, 0x101000)
ioctl$EVIOCSABS2F(r4, 0x401845ef, &(0x7f0000000240)={0x7, 0x4, 0xad, 0x9, 0x8, 0xad1})
syz_open_dev$vim2m(&(0x7f0000000000), 0x20003, 0x2)
r5 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x80}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000240)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x47ba, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @private1, 0x1}, 0x1c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000100)='scalable\x00', 0x9)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000c80)={'lo\x00', <r10=>0x0})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
remap_file_pages(&(0x7f000053a000/0x3000)=nil, 0x3000, 0x4, 0xc, 0x4000)
sendmsg$nl_route_sched(r8, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x0, 0x0, 0x7fffffff}}}}]}, 0x4c}}, 0x0)
shutdown(r3, 0x2)

14.800271706s ago: executing program 0 (id=1679):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r1, @ANYBLOB="2c727a6f746d6f64653d30303033f0303030302f303030303030303034303030302c757300000000643d", @ANYRESDEC=0x0, @ANYRES16=r1, @ANYRESDEC=0x0, @ANYRESOCT=0x0])
read$FUSE(r1, &(0x7f0000006840)={0x2020, 0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x29, 0x0, 0x200000, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x8000, 0x0, r3, 0x0, 0xfcc00000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x3, 0x0, 0xffff, 0x4000000000000, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x2000, 0x0, r3, 0x0, 0x440, 0x880000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = open(&(0x7f0000000000)='./file0/file0\x00', 0xa02, 0x1)
ioctl$FS_IOC_GETVERSION(r4, 0x5459, 0x0)

14.726364092s ago: executing program 1 (id=1680):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$6lowpan_control(r0, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
io_uring_setup(0x6bcb, &(0x7f0000000080)={0x0, 0x6e16, 0x400, 0xffffffff, 0x33c})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$IP_VS_SO_GET_INFO(r2, 0x0, 0x481, &(0x7f0000005fc0), &(0x7f0000000080)=0xc)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f00000000c0)={0x1, 0x3, 0x1000, 0x7, &(0x7f0000000000)="9fc47ff1b14ff1", 0x17, 0x0, &(0x7f0000000080)="d091920a8a4d82e4e4b38ca913bb87ea26899f157b5b4c"})

12.172964398s ago: executing program 2 (id=1681):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x203, @void, @value}, 0x94)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = fcntl$dupfd(r0, 0x0, r1)
ioctl$LOOP_SET_STATUS64(r2, 0x4008af10, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x12, 0x19, 0x11, "49b82f03fc06fea6e074521ddfdfc72133f2ba4d96b4f2ff6891d045afdc9a96a4c71fc9171bc6e5eece71ea3569a825a937330d7c962e524ef0d77344c59104", "c5ecde5f1ff9afde67b9f08d3ad1eb460a7eb4ae1909ac0ac88e3533bfd0970714142bed7373d18c17806cfffd07635a223d2385413eb9faa13a4ef62626583c", "ffaded6e58281d2c6c49d855ac19032d65f4250a894464749e89c21a03fdc318", [0x4, 0xffffffffffffffff]})

41.919425ms ago: executing program 32 (id=1679):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r1, @ANYBLOB="2c727a6f746d6f64653d30303033f0303030302f303030303030303034303030302c757300000000643d", @ANYRESDEC=0x0, @ANYRES16=r1, @ANYRESDEC=0x0, @ANYRESOCT=0x0])
read$FUSE(r1, &(0x7f0000006840)={0x2020, 0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x29, 0x0, 0x200000, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x8000, 0x0, r3, 0x0, 0xfcc00000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x3, 0x0, 0xffff, 0x4000000000000, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x2000, 0x0, r3, 0x0, 0x440, 0x880000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = open(&(0x7f0000000000)='./file0/file0\x00', 0xa02, 0x1)
ioctl$FS_IOC_GETVERSION(r4, 0x5459, 0x0)

0s ago: executing program 33 (id=1680):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$6lowpan_control(r0, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
io_uring_setup(0x6bcb, &(0x7f0000000080)={0x0, 0x6e16, 0x400, 0xffffffff, 0x33c})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$IP_VS_SO_GET_INFO(r2, 0x0, 0x481, &(0x7f0000005fc0), &(0x7f0000000080)=0xc)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f00000000c0)={0x1, 0x3, 0x1000, 0x7, &(0x7f0000000000)="9fc47ff1b14ff1", 0x17, 0x0, &(0x7f0000000080)="d091920a8a4d82e4e4b38ca913bb87ea26899f157b5b4c"})

kernel console output (not intermixed with test programs):

rofile+0x47/0x60
[  209.334576][ T9531]  tomoyo_path_number_perm+0x245/0x580
[  209.334591][ T9531]  ? tomoyo_path_number_perm+0x237/0x580
[  209.334609][ T9531]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  209.334641][ T9531]  ? do_raw_spin_unlock+0x172/0x230
[  209.334657][ T9531]  ? current_check_access_path+0x33c/0x460
[  209.334676][ T9531]  ? __pfx_current_check_access_path+0x10/0x10
[  209.334693][ T9531]  ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160
[  209.334709][ T9531]  ? lookup_dcache+0x66/0x170
[  209.334728][ T9531]  tomoyo_path_mkdir+0x9b/0xe0
[  209.334741][ T9531]  ? __pfx_tomoyo_path_mkdir+0x10/0x10
[  209.334758][ T9531]  security_path_mkdir+0x154/0x2f0
[  209.334777][ T9531]  do_mkdirat+0x175/0x3e0
[  209.334796][ T9531]  ? __pfx_do_mkdirat+0x10/0x10
[  209.334808][ T9531]  ? getname_flags.part.0+0x1c5/0x550
[  209.334828][ T9531]  __ia32_sys_mkdirat+0x82/0xb0
[  209.334841][ T9531]  __do_fast_syscall_32+0x7c/0x3a0
[  209.334855][ T9531]  do_fast_syscall_32+0x32/0x80
[  209.334868][ T9531]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.334882][ T9531] RIP: 0023:0xf705e579
[  209.334892][ T9531] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.334904][ T9531] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000128
[  209.334915][ T9531] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000080
[  209.334923][ T9531] RDX: 00000000000001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  209.334930][ T9531] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.334936][ T9531] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.334943][ T9531] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.334958][ T9531]  </TASK>
[  209.334963][ T9531] ERROR: Out of memory at tomoyo_realpath_from_path.
[  209.673116][ T9538] overlayfs: failed to clone lowerpath
[  210.494064][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.496389][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.506385][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.509656][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.512536][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.515373][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.523610][ T9563] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  210.527093][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.529627][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.534703][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.539792][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.546749][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.551764][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.558034][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.563359][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.568746][ T5939] hid-generic 00A0:1006:0003.0020: unknown main item tag 0x0
[  210.578974][ T5939] hid-generic 00A0:1006:0003.0020: hidraw1: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  210.713615][ T9569] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1034'.
[  210.716385][ T9569] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1034'.
[  210.839384][ T9575] overlayfs: failed to clone upperpath
[  211.067780][ T9590] overlayfs: failed to clone lowerpath
[  211.830056][ T9612] random: crng reseeded on system resumption
[  211.841135][ T9612] Restarting kernel threads ...
[  211.843806][ T9612] Done restarting kernel threads.
[  211.846478][ T9612] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1051'.
[  211.850228][ T9612] netlink: 'syz.1.1051': attribute type 30 has an invalid length.
[  211.858211][ T9612] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  211.863587][ T9612] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  211.867399][ T9612] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  211.871245][ T9612] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  212.182498][ T9636] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1062'.
[  213.073990][ T9664] netlink: 'syz.2.1071': attribute type 10 has an invalid length.
[  213.076676][ T9664] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  213.120379][ T9667] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  214.421026][ T9674] fuse: Unknown parameter '0x0000000000000006ÿÿ'
[  214.452928][ T9685] xt_recent: Unsupported userspace flags (000000fe)
[  214.511107][ T9673] mkiss: ax0: crc mode is auto.
[  214.794873][ T5939] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  215.198032][ T5939] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  215.207624][ T5939] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  215.212895][ T5939] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  215.218923][ T5939] usb 6-1: Product: syz
[  215.220720][ T5939] usb 6-1: Manufacturer: syz
[  215.222698][ T5939] usb 6-1: SerialNumber: syz
[  215.422707][ T5939] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  215.611121][ T5939] usb 6-1: USB disconnect, device number 6
[  215.616001][ T5939] usblp0: removed
[  215.841434][ T9725] overlayfs: failed to clone upperpath
[  215.932395][ T9731] netlink: 'syz.3.1091': attribute type 1 has an invalid length.
[  215.947260][ T9731] 8021q: adding VLAN 0 to HW filter on device bond2
[  215.990954][ T9731] bond2: (slave veth3): Enslaving as an active interface with a down link
[  216.034681][ T9731] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1091'.
[  216.311707][ T9750] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1096'.
[  216.362871][ T9751] wireguard0: entered promiscuous mode
[  216.366433][ T9751] wireguard0: entered allmulticast mode
[  217.188027][ T9776] overlayfs: failed to clone upperpath
[  217.215432][ T9779] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1103'.
[  217.289277][   T40] kauditd_printk_skb: 179 callbacks suppressed
[  217.289294][   T40] audit: type=1326 audit(2000000028.884:4626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9684 comm="syz.1.1078" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7fc00000
[  217.300506][ T9784] lo speed is unknown, defaulting to 1000
[  217.301271][ T9784] lo speed is unknown, defaulting to 1000
[  217.415994][ T9791] futex_wake_op: syz.3.1100 tries to shift op by -33; fix this program
[  218.067408][ T9804] Bluetooth: MGMT ver 1.23
[  218.162215][ T9811] openvswitch: netlink: EtherType 50a is less than min 600
[  218.396700][ T9827] netlink: 'syz.2.1116': attribute type 10 has an invalid length.
[  218.507416][ T9830] overlayfs: overlapping lowerdir path
[  219.377592][ T9842] openvswitch: netlink: EtherType 0 is less than min 600
[  220.180026][ T9868] lo speed is unknown, defaulting to 1000
[  220.185247][ T9868] lo speed is unknown, defaulting to 1000
[  220.574788][ T9880] overlayfs: failed to clone lowerpath
[  220.653739][ T9885] syz.3.1136: attempt to access beyond end of device
[  220.653739][ T9885] loop3: rw=0, sector=0, nr_sectors = 1 limit=0
[  220.658631][ T9885] FAT-fs (loop3): unable to read boot sector
[  220.719445][ T9889] overlayfs: failed to clone upperpath
[  221.243902][ T9931] syz_tun: entered allmulticast mode
[  221.253548][ T9931] dvmrp1: entered allmulticast mode
[  221.280147][ T9929] syz_tun: left allmulticast mode
[  221.301700][   T40] audit: type=1326 audit(2000000033.240:4627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9903 comm="syz.0.1143" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x0
[  223.210900][ T1455] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  223.213984][ T9974] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1165'.
[  223.216800][ T9974] netlink: 'syz.1.1165': attribute type 5 has an invalid length.
[  223.219274][ T9974] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1165'.
[  223.271118][ T9960] xt_CT: You must specify a L4 protocol and not use inversions on it
[  223.360015][ T1455] usb 5-1: Using ep0 maxpacket: 16
[  223.366259][ T1455] usb 5-1: config 63 has an invalid interface number: 171 but max is 0
[  223.369626][ T1455] usb 5-1: config 63 has no interface number 0
[  223.371607][ T1455] usb 5-1: config 63 interface 171 altsetting 8 bulk endpoint 0x1 has invalid maxpacket 1023
[  223.374834][ T1455] usb 5-1: config 63 interface 171 has no altsetting 0
[  223.379441][ T1455] usb 5-1: New USB device found, idVendor=0c45, idProduct=607c, bcdDevice=c5.ad
[  223.382501][ T1455] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.385011][ T1455] usb 5-1: Product: syz
[  223.386334][ T1455] usb 5-1: Manufacturer: syz
[  223.388015][ T1455] usb 5-1: SerialNumber: syz
[  223.394761][ T9973] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  223.649097][ T1455] gspca_main: sonixj-2.14.0 probing 0c45:607c
[  223.651629][ T1455] gspca_sonixj: reg_w1 err -71
[  223.653176][ T1455] sonixj 5-1:63.171: probe with driver sonixj failed with error -71
[  223.662199][ T1455] usb 5-1: USB disconnect, device number 4
[  223.969102][ T9991] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1168'.
[  224.685895][   T40] audit: type=1326 audit(2000000036.866:4628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1178" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  224.718653][   T40] audit: type=1326 audit(2000000036.866:4629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1178" exe="/syz-executor" sig=0 arch=40000003 syscall=305 compat=1 ip=0xf703e579 code=0x7ffc0000
[  224.725338][   T40] audit: type=1326 audit(2000000036.866:4630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1178" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  224.732280][   T40] audit: type=1326 audit(2000000036.866:4631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1178" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  224.738833][   T40] audit: type=1326 audit(2000000036.866:4632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1178" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf703e579 code=0x7ffc0000
[  224.762980][T10013] fuse: Bad value for 'group_id'
[  224.764569][T10013] fuse: Bad value for 'group_id'
[  224.773788][   T40] audit: type=1326 audit(2000000036.866:4633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1178" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  224.827988][T10013] netlink: 'syz.2.1179': attribute type 1 has an invalid length.
[  224.830418][T10013] netlink: 'syz.2.1179': attribute type 2 has an invalid length.
[  224.832923][T10013] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1179'.
[  225.105364][T10027] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1183'.
[  225.631603][T10034] binder: 10033:10034 ioctl c0306201 80000280 returned -14
[  226.014844][T10053] overlayfs: overlapping lowerdir path
[  226.866913][T10067] 9pnet_fd: Insufficient options for proto=fd
[  226.876974][T10067] loop6: detected capacity change from 0 to 524287999
[  227.210676][T10075] netlink: zone id is out of range
[  227.213042][T10075] FAULT_INJECTION: forcing a failure.
[  227.213042][T10075] name failslab, interval 1, probability 0, space 0, times 0
[  227.218307][T10075] CPU: 0 UID: 0 PID: 10075 Comm: syz.3.1198 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  227.218333][T10075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  227.218345][T10075] Call Trace:
[  227.218352][T10075]  <TASK>
[  227.218360][T10075]  dump_stack_lvl+0x16c/0x1f0
[  227.218407][T10075]  should_fail_ex+0x512/0x640
[  227.218433][T10075]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  227.218455][T10075]  should_failslab+0xc2/0x120
[  227.218494][T10075]  __kmalloc_cache_noprof+0x6a/0x3e0
[  227.218512][T10075]  ? mark_held_locks+0x49/0x80
[  227.218532][T10075]  ? ovs_ct_limit_cmd_set+0x30a/0xa90
[  227.218563][T10075]  ovs_ct_limit_cmd_set+0x30a/0xa90
[  227.218594][T10075]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  227.218620][T10075]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  227.218642][T10075]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  227.218671][T10075]  genl_family_rcv_msg_doit+0x206/0x2f0
[  227.218693][T10075]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  227.218719][T10075]  ? trace_cap_capable+0x18d/0x200
[  227.218766][T10075]  ? bpf_lsm_capable+0x9/0x10
[  227.218785][T10075]  ? security_capable+0x7e/0x260
[  227.218808][T10075]  ? ns_capable+0xd7/0x110
[  227.218838][T10075]  genl_rcv_msg+0x55c/0x800
[  227.218859][T10075]  ? __pfx_genl_rcv_msg+0x10/0x10
[  227.218877][T10075]  ? __pfx___dev_queue_xmit+0x10/0x10
[  227.218900][T10075]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  227.218928][T10075]  ? __lock_acquire+0xb8a/0x1c90
[  227.218952][T10075]  netlink_rcv_skb+0x16d/0x440
[  227.218980][T10075]  ? __pfx_genl_rcv_msg+0x10/0x10
[  227.219001][T10075]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  227.219043][T10075]  ? __pfx_down_read+0x10/0x10
[  227.219066][T10075]  ? netlink_deliver_tap+0x1ae/0xd30
[  227.219097][T10075]  genl_rcv+0x28/0x40
[  227.219113][T10075]  netlink_unicast+0x53a/0x7f0
[  227.219144][T10075]  ? __pfx_netlink_unicast+0x10/0x10
[  227.219170][T10075]  ? __build_skb_around+0x278/0x3b0
[  227.219192][T10075]  ? is_vmalloc_addr+0x86/0xa0
[  227.219216][T10075]  netlink_sendmsg+0x8d1/0xdd0
[  227.219248][T10075]  ? __pfx_netlink_sendmsg+0x10/0x10
[  227.219276][T10075]  ? __import_iovec+0x1dd/0x650
[  227.219303][T10075]  ____sys_sendmsg+0xa95/0xc70
[  227.219325][T10075]  ? __pfx_____sys_sendmsg+0x10/0x10
[  227.219342][T10075]  ? get_compat_msghdr+0x11a/0x170
[  227.219378][T10075]  ___sys_sendmsg+0x134/0x1d0
[  227.219404][T10075]  ? __pfx____sys_sendmsg+0x10/0x10
[  227.219442][T10075]  ? find_held_lock+0x2b/0x80
[  227.219485][T10075]  __sys_sendmsg+0x16d/0x220
[  227.219509][T10075]  ? __pfx___sys_sendmsg+0x10/0x10
[  227.219546][T10075]  ? rcu_is_watching+0x12/0xc0
[  227.219575][T10075]  __do_fast_syscall_32+0x7c/0x3a0
[  227.219598][T10075]  do_fast_syscall_32+0x32/0x80
[  227.219616][T10075]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  227.219639][T10075] RIP: 0023:0xf707e579
[  227.219653][T10075] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  227.219670][T10075] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  227.219687][T10075] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  227.219698][T10075] RDX: 0000000000004010 RSI: 0000000000000000 RDI: 0000000000000000
[  227.219714][T10075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  227.219724][T10075] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  227.219734][T10075] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  227.219759][T10075]  </TASK>
[  227.389646][T10076] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1196'.
[  227.520111][T10078] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1199'.
[  227.534388][T10078] ata1.00: invalid multi_count 128 ignored
[  227.886856][T10091] overlayfs: overlapping lowerdir path
[  228.124284][T10102] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[  228.330780][T10108] overlayfs: failed to clone lowerpath
[  228.614584][T10120] usb 2-1: USB disconnect, device number 2
[  228.615488][T10116] tun0: tun_chr_ioctl cmd 1074025675
[  228.622145][T10116] tun0: persist enabled
[  228.627543][T10116] tun0: tun_chr_ioctl cmd 1074025675
[  228.630124][T10116] tun0: persist enabled
[  228.681102][T10120] hub 2-0:1.0: USB hub found
[  228.683722][T10120] hub 2-0:1.0: 6 ports detected
[  228.780815][T10132] loop6: detected capacity change from 0 to 524287999
[  228.792580][ T5953] Buffer I/O error on dev loop6, logical block 65535999, async page read
[  228.840301][ T1455] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  229.014523][ T1455] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  229.019935][ T1455] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  229.023220][ T1455] usb 2-1: Product: QEMU USB Tablet
[  229.025290][ T1455] usb 2-1: Manufacturer: QEMU
[  229.028169][ T1455] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  229.053148][ T1455] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0021/input/input11
[  229.120083][ T1455] hid-generic 0003:0627:0001.0021: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  229.273502][T10136] 9pnet_fd: Insufficient options for proto=fd
[  229.697303][T10152] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1223'.
[  229.705355][T10152] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1223'.
[  229.748809][T10154] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1224'.
[  229.755071][T10154] vlan2: entered promiscuous mode
[  229.756637][T10154] syz_tun: entered promiscuous mode
[  229.841522][T10157] netlink: 'syz.0.1225': attribute type 4 has an invalid length.
[  229.844558][T10157] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1225'.
[  230.054068][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802adf2000: rx timeout, send abort
[  230.521264][    C1] vcan0: j1939_tp_rxtimer: 0xffff888075f08000: rx timeout, send abort
[  230.523903][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802adf2000: abort rx timeout. Force session deactivation
[  230.685715][ T1455] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  230.841533][ T1455] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  230.845695][ T1455] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.849068][ T1455] usb 5-1: Product: syz
[  230.850965][ T1455] usb 5-1: Manufacturer: syz
[  230.853472][ T1455] usb 5-1: SerialNumber: syz
[  230.862834][ T1455] usb 5-1: config 0 descriptor??
[  230.990317][    C1] vcan0: j1939_tp_rxtimer: 0xffff888075f08000: abort rx timeout. Force session deactivation
[  231.670933][T10179] overlayfs: overlapping lowerdir path
[  231.879994][   T10] usb 5-1: USB disconnect, device number 5
[  232.666145][T10198] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.669977][T10198] netdevsim netdevsim3 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  232.755001][T10203] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1238'.
[  232.755528][T10198] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.762388][T10198] netdevsim netdevsim3 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  232.845279][T10198] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.848280][T10198] netdevsim netdevsim3 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  232.927505][T10198] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.930679][T10198] netdevsim netdevsim3 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  233.133461][T10198] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  233.136261][T10198] netdevsim netdevsim3 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  233.551140][T10198] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  233.553753][T10198] netdevsim netdevsim3 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  233.560521][T10198] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  233.563105][T10198] netdevsim netdevsim3 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  233.572616][T10198] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  233.575202][T10198] netdevsim netdevsim3 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  233.668007][T10225] input: syz1 as /devices/virtual/input/input12
[  233.670330][T10225] input: failed to attach handler leds to device input12, error: -6
[  233.685424][T10227] overlayfs: missing 'workdir'
[  233.740171][T10231] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1246'.
[  233.966792][   T59] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  234.173066][   T59] usb 5-1: Using ep0 maxpacket: 16
[  234.176356][   T59] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x1 has invalid maxpacket 1023
[  234.179710][   T59] usb 5-1: config 1 interface 0 altsetting 3 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  234.193800][   T59] usb 5-1: config 1 interface 0 has no altsetting 0
[  234.198007][   T59] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  234.207995][   T59] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.231445][   T59] usb 5-1: Product: â°Š
[  234.233041][   T59] usb 5-1: Manufacturer: 䑱튶䧊ݛ�ﻻ䦎
[  234.235185][   T59] usb 5-1: SerialNumber: syz
[  234.258815][T10231] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  234.261483][T10231] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  234.494846][   T59] usb 5-1: USB disconnect, device number 6
[  234.765780][T10247] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1251'.
[  235.044908][T10260] overlayfs: overlapping lowerdir path
[  235.444753][T10274] netlink: 216 bytes leftover after parsing attributes in process `syz.0.1261'.
[  235.448565][T10274] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1261'.
[  235.452565][T10274] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1261'.
[  235.619308][T10278] infiniband syz1: set active
[  235.621209][T10278] infiniband syz1: added syz_tun
[  235.652112][T10278] RDS/IB: syz1: added
[  235.655037][T10278] smc: adding ib device syz1 with port count 1
[  235.657084][T10278] smc:    ib device syz1 port 1 has pnetid 
[  236.100379][T10296] netlink: 3908 bytes leftover after parsing attributes in process `syz.2.1268'.
[  236.162074][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.164537][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.171058][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.173385][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.175461][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.185287][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.187680][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.190085][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.192379][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.194882][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.204086][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.206662][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.209026][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.211373][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.213781][   T59] hid-generic 00A0:1006:0003.0022: unknown main item tag 0x0
[  236.226279][   T59] hid-generic 00A0:1006:0003.0022: hidraw1: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  236.350307][T10299] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  236.861271][T10313] overlayfs: overlapping lowerdir path
[  236.914740][T10315] 9pnet_fd: Insufficient options for proto=fd
[  237.157961][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.160330][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.162716][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.167818][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.171890][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.174380][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.177000][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.179309][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.181614][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.184031][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.186972][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.189285][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.191606][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.194008][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.196421][   T59] hid-generic 00A0:1006:0003.0023: unknown main item tag 0x0
[  237.204547][   T59] hid-generic 00A0:1006:0003.0023: hidraw1: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  237.272186][T10321] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  237.649831][T10337] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.881178][   T29] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  238.031086][   T29] usb 8-1: Using ep0 maxpacket: 8
[  238.034198][   T29] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  238.037168][   T29] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  238.040590][   T29] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 800
[  238.043709][   T29] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  238.047730][   T29] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  238.058633][   T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.111645][T10343] lo speed is unknown, defaulting to 1000
[  238.114517][T10343] lo speed is unknown, defaulting to 1000
[  238.158612][T10346] binder: 10345:10346 unknown command 0
[  238.160509][T10346] binder: 10345:10346 ioctl c0306201 80000280 returned -22
[  238.290786][T10354] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  238.290786][T10354]    program syz.1.1287 not setting count and/or reply_len properly
[  238.297596][   T29] usb 8-1: usb_control_msg returned -32
[  238.297629][   T29] usbtmc 8-1:16.0: can't read capabilities
[  238.313043][T10354] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1287'.
[  238.471629][T10360] overlayfs: overlapping lowerdir path
[  238.637909][T10362] openvswitch: netlink: Message has 24 unknown bytes.
[  238.709754][   T29] usb 8-1: USB disconnect, device number 5
[  239.138100][T10377] bridge2: entered promiscuous mode
[  239.180970][T10377] 9pnet_fd: Insufficient options for proto=fd
[  239.754693][T10399] input: syz1 as /devices/virtual/input/input13
[  240.165557][T10408] overlayfs: overlapping lowerdir path
[  241.321023][T10441] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1316'.
[  243.513256][   T40] audit: type=1326 audit(2000000057.075:4634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.0.1326" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705e579 code=0x0
[  244.098468][   T40] audit: type=1326 audit(2000000057.687:4635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10491 comm="syz.3.1328" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x0
[  245.142940][T10515] mkiss: ax0: crc mode is auto.
[  246.709598][T10530] netlink: 'syz.1.1340': attribute type 23 has an invalid length.
[  246.839816][T10546] overlayfs: failed to clone lowerpath
[  247.018796][T10552] FAULT_INJECTION: forcing a failure.
[  247.018796][T10552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.023048][T10552] CPU: 1 UID: 0 PID: 10552 Comm: syz.3.1345 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  247.023065][T10552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.023085][T10552] Call Trace:
[  247.023091][T10552]  <TASK>
[  247.023097][T10552]  dump_stack_lvl+0x16c/0x1f0
[  247.023113][T10552]  should_fail_ex+0x512/0x640
[  247.023128][T10552]  _copy_from_user+0x2e/0xd0
[  247.023141][T10552]  memdup_user+0x6b/0xe0
[  247.023156][T10552]  strndup_user+0x78/0xe0
[  247.023170][T10552]  __keyctl_dh_compute+0x287/0x10e0
[  247.023185][T10552]  ? __pfx___keyctl_dh_compute+0x10/0x10
[  247.023197][T10552]  ? __lock_acquire+0xb8a/0x1c90
[  247.023226][T10552]  compat_keyctl_dh_compute+0x143/0x1c0
[  247.023244][T10552]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[  247.023261][T10552]  ? __seccomp_filter+0x641/0xea0
[  247.023285][T10552]  ? fput+0x70/0xf0
[  247.023298][T10552]  ? ksys_write+0x1ac/0x250
[  247.023312][T10552]  __ia32_compat_sys_keyctl+0x347/0x540
[  247.023331][T10552]  __do_fast_syscall_32+0x7c/0x3a0
[  247.023345][T10552]  do_fast_syscall_32+0x32/0x80
[  247.023357][T10552]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.023372][T10552] RIP: 0023:0xf707e579
[  247.023382][T10552] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  247.023393][T10552] RSP: 002b:00000000f502c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[  247.023404][T10552] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000080000000
[  247.023411][T10552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000080000280
[  247.023417][T10552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  247.023423][T10552] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  247.023430][T10552] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  247.023444][T10552]  </TASK>
[  247.258242][T10559] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1350'.
[  247.762630][T10573] binder: 10566:10573 ioctl 40046205 0 returned -22
[  247.936623][T10575] overlayfs: overlapping lowerdir path
[  248.532700][T10590] overlayfs: failed to clone lowerpath
[  248.768758][T10596] tmpfs: Unknown parameter 'quota>g¾psrHÊuota_block_hardlimit'
[  248.771255][T10596] tmpfs: Unknown parameter 'quota>g¾psrHÊuota_block_hardlimit'
[  248.875463][   T40] audit: type=1326 audit(2000000062.826:4636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  248.884330][   T40] audit: type=1326 audit(2000000062.837:4637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  248.908773][   T40] audit: type=1326 audit(2000000062.837:4638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf707e579 code=0x7ffc0000
[  248.917571][   T40] audit: type=1326 audit(2000000062.837:4639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf707e579 code=0x7ffc0000
[  248.925846][   T40] audit: type=1326 audit(2000000062.837:4640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf707e579 code=0x7ffc0000
[  248.934397][   T40] audit: type=1326 audit(2000000062.837:4641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf707e579 code=0x7ffc0000
[  248.941146][   T40] audit: type=1326 audit(2000000062.837:4642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf707e579 code=0x7ffc0000
[  248.947836][   T40] audit: type=1326 audit(2000000062.837:4643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf707e579 code=0x7ffc0000
[  248.954406][   T40] audit: type=1326 audit(2000000062.837:4644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf707e579 code=0x7ffc0000
[  248.961033][   T40] audit: type=1326 audit(2000000062.837:4645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10602 comm="syz.3.1365" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf707e579 code=0x7ffc0000
[  249.363417][T10614] FAULT_INJECTION: forcing a failure.
[  249.363417][T10614] name failslab, interval 1, probability 0, space 0, times 0
[  249.369111][T10614] CPU: 2 UID: 0 PID: 10614 Comm: syz.1.1368 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  249.369128][T10614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  249.369135][T10614] Call Trace:
[  249.369139][T10614]  <TASK>
[  249.369143][T10614]  dump_stack_lvl+0x16c/0x1f0
[  249.369159][T10614]  should_fail_ex+0x512/0x640
[  249.369171][T10614]  ? fs_reclaim_acquire+0xae/0x150
[  249.369190][T10614]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  249.369201][T10614]  should_failslab+0xc2/0x120
[  249.369244][T10614]  __kmalloc_noprof+0xd2/0x510
[  249.369260][T10614]  tomoyo_realpath_from_path+0xc2/0x6e0
[  249.369272][T10614]  ? tomoyo_profile+0x47/0x60
[  249.369285][T10614]  tomoyo_path_number_perm+0x245/0x580
[  249.369300][T10614]  ? tomoyo_path_number_perm+0x237/0x580
[  249.369317][T10614]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  249.369346][T10614]  ? find_held_lock+0x2b/0x80
[  249.369363][T10614]  ? hook_file_ioctl_common+0x145/0x410
[  249.369381][T10614]  ? __fget_files+0x20e/0x3c0
[  249.369391][T10614]  ? __fput_deferred+0x360/0x370
[  249.369408][T10614]  security_file_ioctl_compat+0x9b/0x240
[  249.369426][T10614]  __ia32_compat_sys_ioctl+0xc3/0x370
[  249.369444][T10614]  __do_fast_syscall_32+0x7c/0x3a0
[  249.369462][T10614]  do_fast_syscall_32+0x32/0x80
[  249.369473][T10614]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  249.369487][T10614] RIP: 0023:0xf70fe579
[  249.369497][T10614] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  249.369508][T10614] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  249.369519][T10614] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000000089f3
[  249.369526][T10614] RDX: 0000000080000300 RSI: 0000000000000000 RDI: 0000000000000000
[  249.369532][T10614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  249.369538][T10614] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  249.369544][T10614] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  249.369558][T10614]  </TASK>
[  249.369563][T10614] ERROR: Out of memory at tomoyo_realpath_from_path.
[  249.673960][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  249.675988][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  249.902169][T10626] netlink: 'syz.3.1372': attribute type 1 has an invalid length.
[  250.870582][T10639] FAULT_INJECTION: forcing a failure.
[  250.870582][T10639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.876042][T10639] CPU: 3 UID: 0 PID: 10639 Comm: syz.3.1375 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  250.876067][T10639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  250.876078][T10639] Call Trace:
[  250.876084][T10639]  <TASK>
[  250.876091][T10639]  dump_stack_lvl+0x16c/0x1f0
[  250.876114][T10639]  should_fail_ex+0x512/0x640
[  250.876136][T10639]  _copy_from_user+0x2e/0xd0
[  250.876157][T10639]  get_compat_msghdr+0xa7/0x170
[  250.876181][T10639]  ? __pfx_get_compat_msghdr+0x10/0x10
[  250.876206][T10639]  ? __lock_acquire+0x622/0x1c90
[  250.876231][T10639]  ___sys_recvmsg+0x191/0x1a0
[  250.876256][T10639]  ? __pfx____sys_recvmsg+0x10/0x10
[  250.876283][T10639]  ? find_held_lock+0x2b/0x80
[  250.876316][T10639]  ? __pfx___might_resched+0x10/0x10
[  250.876349][T10639]  do_recvmmsg+0x55d/0x750
[  250.876376][T10639]  ? __pfx_do_recvmmsg+0x10/0x10
[  250.876418][T10639]  ? __fget_files+0x20e/0x3c0
[  250.876447][T10639]  __sys_recvmmsg+0x21c/0x280
[  250.876472][T10639]  ? __pfx___sys_recvmmsg+0x10/0x10
[  250.876498][T10639]  ? __pfx_ksys_write+0x10/0x10
[  250.876519][T10639]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  250.876544][T10639]  ? lockdep_hardirqs_on+0x7c/0x110
[  250.876562][T10639]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  250.876581][T10639]  __do_fast_syscall_32+0x7c/0x3a0
[  250.876602][T10639]  do_fast_syscall_32+0x32/0x80
[  250.876621][T10639]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  250.876641][T10639] RIP: 0023:0xf707e579
[  250.876656][T10639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  250.876674][T10639] RSP: 002b:00000000f504d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  250.876690][T10639] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080002440
[  250.876702][T10639] RDX: 00000000ffffff67 RSI: 0000000000000000 RDI: 0000000000000000
[  250.876712][T10639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  250.876723][T10639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  250.876733][T10639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  250.876757][T10639]  </TASK>
[  251.398691][T10650] overlayfs: failed to clone lowerpath
[  251.812214][T10632] block nbd1: shutting down sockets
[  253.056135][T10676] ieee802154 phy0 wpan0: encryption failed: -22
[  253.109477][T10676] netlink: 'syz.3.1385': attribute type 23 has an invalid length.
[  253.334167][T10682] overlayfs: overlapping lowerdir path
[  255.043324][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.047246][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.051306][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.055183][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.060768][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.065496][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.069988][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.074434][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.078900][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.083218][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  255.994270][T10738] netlink: 'syz.0.1400': attribute type 5 has an invalid length.
[  256.009390][T10738] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  256.012883][T10738] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  256.016138][T10738] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  256.019590][T10738] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  256.023080][T10738] geneve2: entered promiscuous mode
[  256.025128][T10738] geneve2: entered allmulticast mode
[  257.760766][T10770] netlink: 'syz.2.1407': attribute type 21 has an invalid length.
[  257.764334][T10770] netlink: 'syz.2.1407': attribute type 6 has an invalid length.
[  257.773371][T10773] netlink: 'syz.0.1408': attribute type 8 has an invalid length.
[  258.058456][T10789] overlayfs: failed to clone upperpath
[  258.599631][T10804] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  258.670580][T10804] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  258.784937][T10804] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  258.856082][T10804] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  258.944103][T10804] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  258.959959][T10804] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  258.973300][T10804] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  258.988485][T10804] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  259.053365][   T40] kauditd_printk_skb: 94 callbacks suppressed
[  259.053374][   T40] audit: type=1326 audit(2000000302.746:4740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.066962][   T40] audit: type=1326 audit(2000000302.746:4741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.074422][   T40] audit: type=1326 audit(2000000302.757:4742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=433 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.082827][   T40] audit: type=1326 audit(2000000302.757:4743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.094873][   T40] audit: type=1326 audit(2000000302.757:4744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.104260][   T40] audit: type=1326 audit(2000000302.757:4745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.113443][   T40] audit: type=1326 audit(2000000302.757:4746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.120933][   T40] audit: type=1326 audit(2000000302.757:4747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.127799][   T40] audit: type=1326 audit(2000000302.757:4748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.496825][T10842] FAULT_INJECTION: forcing a failure.
[  259.496825][T10842] name failslab, interval 1, probability 0, space 0, times 0
[  259.500974][T10842] CPU: 2 UID: 0 PID: 10842 Comm: syz.1.1430 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  259.500991][T10842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  259.501000][T10842] Call Trace:
[  259.501007][T10842]  <TASK>
[  259.501013][T10842]  dump_stack_lvl+0x16c/0x1f0
[  259.501113][T10842]  should_fail_ex+0x512/0x640
[  259.501172][T10842]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  259.501191][T10842]  should_failslab+0xc2/0x120
[  259.501211][T10842]  __kmalloc_cache_noprof+0x6a/0x3e0
[  259.501227][T10842]  ? hash_ipport_create+0x7c1/0x1a20
[  259.501247][T10842]  hash_ipport_create+0x7c1/0x1a20
[  259.501268][T10842]  ? __pfx_hash_ipport_create+0x10/0x10
[  259.501287][T10842]  ? __pfx_hash_ipport_create+0x10/0x10
[  259.501310][T10842]  ? ip_set_create+0x7e4/0x14d0
[  259.501327][T10842]  ? ip_set_create+0x6da/0x14d0
[  259.501343][T10842]  ip_set_create+0x7e4/0x14d0
[  259.501366][T10842]  ? __pfx_ip_set_create+0x10/0x10
[  259.501391][T10842]  ? find_held_lock+0x2b/0x80
[  259.501412][T10842]  nfnetlink_rcv_msg+0x9f9/0x1200
[  259.501430][T10842]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  259.501440][T10842]  ? kmem_cache_free+0x2d1/0x4d0
[  259.501471][T10842]  netlink_rcv_skb+0x16d/0x440
[  259.501489][T10842]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  259.501501][T10842]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  259.501517][T10842]  ? __pfx_aa_get_newest_label+0x10/0x10
[  259.501538][T10842]  ? bpf_lsm_capable+0x9/0x10
[  259.501548][T10842]  ? security_capable+0x7e/0x260
[  259.501562][T10842]  ? ns_capable+0xd7/0x110
[  259.501581][T10842]  nfnetlink_rcv+0x1b3/0x430
[  259.501591][T10842]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  259.501606][T10842]  ? netlink_deliver_tap+0x1ae/0xd30
[  259.501625][T10842]  netlink_unicast+0x53a/0x7f0
[  259.501643][T10842]  ? __pfx_netlink_unicast+0x10/0x10
[  259.501664][T10842]  netlink_sendmsg+0x8d1/0xdd0
[  259.501683][T10842]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.501701][T10842]  ? __import_iovec+0x1dd/0x650
[  259.501718][T10842]  ____sys_sendmsg+0xa95/0xc70
[  259.501731][T10842]  ? __pfx_____sys_sendmsg+0x10/0x10
[  259.501742][T10842]  ? get_compat_msghdr+0x11a/0x170
[  259.501764][T10842]  ___sys_sendmsg+0x134/0x1d0
[  259.501781][T10842]  ? __pfx____sys_sendmsg+0x10/0x10
[  259.501803][T10842]  ? find_held_lock+0x2b/0x80
[  259.501828][T10842]  __sys_sendmsg+0x16d/0x220
[  259.501844][T10842]  ? __pfx___sys_sendmsg+0x10/0x10
[  259.501865][T10842]  ? rcu_is_watching+0x12/0xc0
[  259.501884][T10842]  __do_fast_syscall_32+0x7c/0x3a0
[  259.501897][T10842]  do_fast_syscall_32+0x32/0x80
[  259.501909][T10842]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  259.501923][T10842] RIP: 0023:0xf70fe579
[  259.501933][T10842] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  259.501944][T10842] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  259.501954][T10842] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  259.501961][T10842] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  259.501967][T10842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  259.501974][T10842] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  259.501980][T10842] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  259.501993][T10842]  </TASK>
[  259.728371][T10849] __nla_validate_parse: 51 callbacks suppressed
[  259.728388][T10849] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1433'.
[  259.830219][   T40] audit: type=1326 audit(2000000303.572:4749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  259.872197][T10857] overlayfs: failed to clone lowerpath
[  260.206961][T10876] IPVS: stopping master sync thread 6210 ...
[  260.331813][T10878] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1442'.
[  260.725925][   T59] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  260.875569][   T59] usb 6-1: Using ep0 maxpacket: 8
[  260.880558][   T59] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  260.884937][   T59] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  260.888600][   T59] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  260.893077][   T59] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  260.897650][   T59] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  260.901353][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.916940][   T59] hub 6-1:1.0: bad descriptor, ignoring hub
[  260.919342][   T59] hub 6-1:1.0: probe with driver hub failed with error -5
[  260.932152][   T59] cdc_wdm 6-1:1.0: skipping garbage
[  260.940548][   T59] cdc_wdm 6-1:1.0: skipping garbage
[  260.945329][   T59] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  260.947713][   T59] cdc_wdm 6-1:1.0: Unknown control protocol
[  261.062968][T10888] overlayfs: overlapping lowerdir path
[  261.602354][T10882] usb 6-1: reset high-speed USB device number 7 using dummy_hcd
[  262.088724][T10924] overlayfs: failed to clone lowerpath
[  262.136541][T10929] netlink: zone id is out of range
[  262.138299][T10929] netlink: zone id is out of range
[  262.140026][T10929] netlink: zone id is out of range
[  262.141786][T10929] netlink: zone id is out of range
[  262.145875][T10929] netlink: zone id is out of range
[  262.147804][T10929] netlink: zone id is out of range
[  262.149471][T10929] netlink: zone id is out of range
[  262.151187][T10929] netlink: zone id is out of range
[  262.160548][ T5999] usb 6-1: USB disconnect, device number 7
[  262.162037][T10929] netlink: set zone limit has 4 unknown bytes
[  262.712614][T10940] trusted_key: syz.0.1462 sent an empty control message without MSG_MORE.
[  262.797130][T10945] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  263.273209][T10968] netlink: 'syz.2.1468': attribute type 10 has an invalid length.
[  263.288822][T10968] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  264.670901][T10991] FAULT_INJECTION: forcing a failure.
[  264.670901][T10991] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.675680][T10991] CPU: 3 UID: 0 PID: 10991 Comm: syz.0.1476 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  264.675696][T10991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  264.675703][T10991] Call Trace:
[  264.675717][T10991]  <TASK>
[  264.675722][T10991]  dump_stack_lvl+0x16c/0x1f0
[  264.675749][T10991]  should_fail_ex+0x512/0x640
[  264.675767][T10991]  _copy_from_user+0x2e/0xd0
[  264.675781][T10991]  snd_pcm_oss_write2+0x1c2/0x410
[  264.675794][T10991]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  264.675805][T10991]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  264.675820][T10991]  ? snd_pcm_oss_prepare+0x11e/0x220
[  264.675840][T10991]  snd_pcm_oss_write+0x711/0xa10
[  264.675853][T10991]  ? security_file_permission+0x71/0x210
[  264.675873][T10991]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  264.675885][T10991]  vfs_write+0x2a0/0x1150
[  264.675899][T10991]  ? __pfx_vfs_write+0x10/0x10
[  264.675909][T10991]  ? find_held_lock+0x2b/0x80
[  264.675926][T10991]  ? __fget_files+0x204/0x3c0
[  264.675938][T10991]  ? __fget_files+0x20e/0x3c0
[  264.675952][T10991]  ksys_write+0x12a/0x250
[  264.675963][T10991]  ? __pfx_ksys_write+0x10/0x10
[  264.675975][T10991]  ? rcu_is_watching+0x12/0xc0
[  264.675994][T10991]  __do_fast_syscall_32+0x7c/0x3a0
[  264.676007][T10991]  do_fast_syscall_32+0x32/0x80
[  264.676019][T10991]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  264.676033][T10991] RIP: 0023:0xf705e579
[  264.676042][T10991] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  264.676053][T10991] RSP: 002b:00000000f502d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  264.676064][T10991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  264.676071][T10991] RDX: 00000000ffffffd9 RSI: 0000000000000000 RDI: 0000000000000000
[  264.676077][T10991] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  264.676083][T10991] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  264.676089][T10991] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  264.676104][T10991]  </TASK>
[  265.123796][T10999] netlink: 'syz.0.1477': attribute type 10 has an invalid length.
[  265.366830][T11008] cgroup: Invalid name
[  265.628566][ T5999] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  265.644327][T11020] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1485'.
[  265.799855][ T5999] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  265.804354][ T5999] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  265.818862][ T5999] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  265.822972][ T5999] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  265.846052][ T5999] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  265.851495][ T5999] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.856936][ T5999] usb 6-1: config 0 descriptor??
[  265.859119][T11010] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  265.946822][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1489'.
[  266.274589][ T5999] plantronics 0003:047F:FFFF.0024: reserved main item tag 0xd
[  266.282636][ T5999] plantronics 0003:047F:FFFF.0024: No inputs registered, leaving
[  266.302198][ T5999] plantronics 0003:047F:FFFF.0024: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  266.499035][T11010] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1481'.
[  266.502446][T11010] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1481'.
[  267.133450][T11047] lo speed is unknown, defaulting to 1000
[  267.135944][T11047] lo speed is unknown, defaulting to 1000
[  267.203241][   T60] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  267.209860][   T60] netdevsim netdevsim3 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  267.277706][   T60] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  267.282896][   T60] netdevsim netdevsim3 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  267.403771][   T60] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  267.407409][   T60] netdevsim netdevsim3 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  267.472612][ T5945] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  267.479979][ T5945] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  267.485312][ T5945] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  267.488932][ T5945] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  267.492284][ T5945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  267.496715][   T60] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  267.500304][   T60] netdevsim netdevsim3 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  267.506334][   T63] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  267.509749][   T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  267.512875][   T63] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  267.516204][   T63] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  267.519078][   T63] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  267.521271][   T29] usb 6-1: reset high-speed USB device number 8 using dummy_hcd
[  267.555592][T11062] lo speed is unknown, defaulting to 1000
[  267.559538][T11062] lo speed is unknown, defaulting to 1000
[  267.694720][   T60] bridge_slave_1: left allmulticast mode
[  267.696850][   T60] bridge_slave_1: left promiscuous mode
[  267.703812][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.710408][   T60] bridge_slave_0: left allmulticast mode
[  267.712299][   T60] bridge_slave_0: left promiscuous mode
[  267.715105][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.120763][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  268.126928][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  268.135089][   T60] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  268.139769][   T60] bond0 (unregistering): Released all slaves
[  268.243465][   T60] bond1 (unregistering): Released all slaves
[  268.327227][   T60] bond2 (unregistering): (slave veth3): Releasing active interface
[  268.331210][   T60] bond2 (unregistering): Released all slaves
[  268.435111][   T60] tipc: Left network mode
[  268.446002][T11062] chnl_net:caif_netlink_parms(): no params data found
[  268.481422][   T60] IPVS: stopping master sync thread 6417 ...
[  268.525362][T11093] IPVS: Error connecting to the multicast addr
[  268.594971][T11062] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.597873][T11062] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.600798][T11062] bridge_slave_0: entered allmulticast mode
[  268.610125][T11062] bridge_slave_0: entered promiscuous mode
[  268.613908][T11062] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.616159][T11062] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.618410][T11062] bridge_slave_1: entered allmulticast mode
[  268.625333][T11062] bridge_slave_1: entered promiscuous mode
[  268.678822][T11062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.687223][T11062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.764788][T11062] team0: Port device team_slave_0 added
[  268.769453][T11062] team0: Port device team_slave_1 added
[  268.820766][T11062] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.823613][T11062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.840239][T11062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.863450][T11062] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.866327][T11062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.880242][T11062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.891766][ T6289] usb 6-1: USB disconnect, device number 8
[  268.930671][T11126] Cannot find del_set index 3 as target
[  269.102382][   T60] hsr_slave_0: left promiscuous mode
[  269.104927][   T60] hsr_slave_1: left promiscuous mode
[  269.107357][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  269.109805][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  269.112996][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  269.115496][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  269.161811][   T60] veth1_macvtap: left promiscuous mode
[  269.164956][   T60] veth0_macvtap: left promiscuous mode
[  269.167315][   T60] veth1_vlan: left promiscuous mode
[  269.171015][   T60] veth0_vlan: left promiscuous mode
[  269.431849][ T5945] Bluetooth: hci3: command tx timeout
[  270.103745][   T60] team0 (unregistering): Port device team_slave_1 removed
[  270.239223][   T60] team0 (unregistering): Port device team_slave_0 removed
[  270.866014][T11062] hsr_slave_0: entered promiscuous mode
[  270.869250][T11062] hsr_slave_1: entered promiscuous mode
[  270.872604][T11133] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  270.875511][T11133] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  270.880933][T11133] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  271.194538][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  271.194554][   T40] audit: type=1800 audit(2000000317.770:4751): pid=11161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1522" name="file1" dev="overlay" ino=1980 res=0 errno=0
[  271.370484][ T5945] Bluetooth: hci3: command tx timeout
[  271.870952][T11062] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  271.882106][T11062] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  271.886536][T11062] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  271.891712][T11062] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  271.942281][T11062] 8021q: adding VLAN 0 to HW filter on device bond0
[  271.951365][T11062] 8021q: adding VLAN 0 to HW filter on device team0
[  271.971519][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.971590][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.973473][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.973522][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.079133][T11203] FAULT_INJECTION: forcing a failure.
[  272.079133][T11203] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  272.081407][T11198] can: request_module (can-proto-3) failed.
[  272.084372][T11203] CPU: 3 UID: 0 PID: 11203 Comm: syz.1.1526 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  272.084391][T11203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  272.084398][T11203] Call Trace:
[  272.084402][T11203]  <TASK>
[  272.084407][T11203]  dump_stack_lvl+0x16c/0x1f0
[  272.084435][T11203]  should_fail_ex+0x512/0x640
[  272.084451][T11203]  should_fail_alloc_page+0xe7/0x130
[  272.084472][T11203]  prepare_alloc_pages+0x3c2/0x610
[  272.084496][T11203]  ? rcu_is_watching+0x12/0xc0
[  272.084520][T11203]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  272.084539][T11203]  ? should_fail_alloc_page+0xee/0x130
[  272.084562][T11203]  ? rcu_is_watching+0x12/0xc0
[  272.084585][T11203]  ? trace_mm_page_alloc+0x11f/0x1a0
[  272.084608][T11203]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  272.084628][T11203]  ? __pfx_stack_trace_save+0x10/0x10
[  272.084654][T11203]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  272.084681][T11203]  ? alloc_vmap_area+0x64e/0x28f0
[  272.084702][T11203]  ? __vmalloc_node_range_noprof+0x277/0x1520
[  272.084726][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.084751][T11203]  ? ip_set_create+0x7e4/0x14d0
[  272.084768][T11203]  ? nfnetlink_rcv_msg+0x9f9/0x1200
[  272.084784][T11203]  ? netlink_rcv_skb+0x16d/0x440
[  272.084806][T11203]  ? nfnetlink_rcv+0x1b3/0x430
[  272.084819][T11203]  ? netlink_unicast+0x53a/0x7f0
[  272.084840][T11203]  ? netlink_sendmsg+0x8d1/0xdd0
[  272.084863][T11203]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.084887][T11203]  alloc_pages_bulk_noprof+0x71c/0x1410
[  272.084905][T11203]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  272.084928][T11203]  ? policy_nodemask+0xea/0x4e0
[  272.084950][T11203]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  272.084970][T11203]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  272.085019][T11203]  kasan_populate_vmalloc+0xf1/0x1f0
[  272.085043][T11203]  alloc_vmap_area+0x963/0x28f0
[  272.085075][T11203]  ? __pfx_alloc_vmap_area+0x10/0x10
[  272.085105][T11203]  __get_vm_area_node+0x1ca/0x330
[  272.085134][T11203]  __vmalloc_node_range_noprof+0x277/0x1520
[  272.085160][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.085183][T11203]  ? nfnetlink_rcv_msg+0x9f9/0x1200
[  272.085201][T11203]  ? __do_fast_syscall_32+0x7c/0x3a0
[  272.085218][T11203]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.085239][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.085275][T11203]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  272.085300][T11203]  ? __alloc_pages_noprof+0xb/0x1b0
[  272.085318][T11203]  ? ___kmalloc_large_node+0x84/0x1e0
[  272.085347][T11203]  __kvmalloc_node_noprof+0x308/0x620
[  272.085365][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.085391][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.085421][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.085444][T11203]  hash_netportnet_create+0x3ec/0x1250
[  272.085470][T11203]  ? __pfx___nla_validate+0x3/0x10
[  272.085492][T11203]  ? __pfx_hash_netportnet_create+0x10/0x10
[  272.085518][T11203]  ip_set_create+0x7e4/0x14d0
[  272.085543][T11203]  ? __pfx_ip_set_create+0x10/0x10
[  272.085579][T11203]  ? find_held_lock+0x2b/0x80
[  272.085609][T11203]  nfnetlink_rcv_msg+0x9f9/0x1200
[  272.085634][T11203]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  272.085649][T11203]  ? kmem_cache_free+0x2d1/0x4d0
[  272.085701][T11203]  netlink_rcv_skb+0x16d/0x440
[  272.085725][T11203]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  272.085744][T11203]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  272.085767][T11203]  ? __pfx_aa_get_newest_label+0x10/0x10
[  272.085798][T11203]  ? bpf_lsm_capable+0x9/0x10
[  272.085813][T11203]  ? security_capable+0x7e/0x260
[  272.085833][T11203]  ? ns_capable+0xd7/0x110
[  272.085860][T11203]  nfnetlink_rcv+0x1b3/0x430
[  272.085876][T11203]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  272.085892][T11203]  ? netlink_deliver_tap+0x1ae/0xd30
[  272.085920][T11203]  netlink_unicast+0x53a/0x7f0
[  272.085948][T11203]  ? __pfx_netlink_unicast+0x10/0x10
[  272.085978][T11203]  netlink_sendmsg+0x8d1/0xdd0
[  272.086007][T11203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  272.086032][T11203]  ? __import_iovec+0x1dd/0x650
[  272.086057][T11203]  ____sys_sendmsg+0xa95/0xc70
[  272.086078][T11203]  ? __pfx_____sys_sendmsg+0x10/0x10
[  272.086094][T11203]  ? get_compat_msghdr+0x11a/0x170
[  272.086126][T11203]  ___sys_sendmsg+0x134/0x1d0
[  272.086151][T11203]  ? __pfx____sys_sendmsg+0x10/0x10
[  272.086186][T11203]  ? find_held_lock+0x2b/0x80
[  272.086224][T11203]  __sys_sendmsg+0x16d/0x220
[  272.086247][T11203]  ? __pfx___sys_sendmsg+0x10/0x10
[  272.086285][T11203]  ? rcu_is_watching+0x12/0xc0
[  272.086311][T11203]  __do_fast_syscall_32+0x7c/0x3a0
[  272.086331][T11203]  do_fast_syscall_32+0x32/0x80
[  272.086348][T11203]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.086367][T11203] RIP: 0023:0xf70fe579
[  272.086380][T11203] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  272.086396][T11203] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  272.086412][T11203] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  272.086424][T11203] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  272.086434][T11203] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  272.086443][T11203] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  272.086453][T11203] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  272.086476][T11203]  </TASK>
[  272.086610][T11203] syz.1.1526: vmalloc error: size 4194328, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null)
[  272.093204][   T40] audit: type=1326 audit(2000000318.735:4752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11197 comm="syz.0.1525" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705e579 code=0x0
[  272.094681][T11203] ,cpuset=
[  272.139732][T11062] 8021q: adding VLAN 0 to HW filter on device batadv0
[  272.139988][T11203] /
[  272.168051][T11062] veth0_vlan: entered promiscuous mode
[  272.169556][T11203] ,mems_allowed=0-1
[  272.175302][T11062] veth1_vlan: entered promiscuous mode
[  272.176394][T11203] 
[  272.176405][T11203] CPU: 3 UID: 0 PID: 11203 Comm: syz.1.1526 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  272.176421][T11203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  272.176427][T11203] Call Trace:
[  272.176432][T11203]  <TASK>
[  272.176437][T11203]  dump_stack_lvl+0x16c/0x1f0
[  272.176452][T11203]  warn_alloc+0x248/0x3a0
[  272.176466][T11203]  ? __pfx_warn_alloc+0x10/0x10
[  272.176480][T11203]  ? kfree+0x2b4/0x4d0
[  272.176494][T11203]  ? __get_vm_area_node+0x208/0x330
[  272.176514][T11203]  __vmalloc_node_range_noprof+0xd32/0x1520
[  272.176532][T11203]  ? nfnetlink_rcv_msg+0x9f9/0x1200
[  272.176545][T11203]  ? __do_fast_syscall_32+0x7c/0x3a0
[  272.176557][T11203]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.176573][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.176594][T11203]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  272.176613][T11203]  ? __alloc_pages_noprof+0xb/0x1b0
[  272.176625][T11203]  ? ___kmalloc_large_node+0x84/0x1e0
[  272.176645][T11203]  __kvmalloc_node_noprof+0x308/0x620
[  272.176657][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.176675][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.176695][T11203]  ? hash_netportnet_create+0x3ec/0x1250
[  272.176711][T11203]  hash_netportnet_create+0x3ec/0x1250
[  272.176730][T11203]  ? __pfx___nla_validate+0x3/0x10
[  272.176746][T11203]  ? __pfx_hash_netportnet_create+0x10/0x10
[  272.176765][T11203]  ip_set_create+0x7e4/0x14d0
[  272.176781][T11203]  ? __pfx_ip_set_create+0x10/0x10
[  272.176803][T11203]  ? find_held_lock+0x2b/0x80
[  272.176823][T11203]  nfnetlink_rcv_msg+0x9f9/0x1200
[  272.176840][T11203]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  272.176850][T11203]  ? kmem_cache_free+0x2d1/0x4d0
[  272.176881][T11203]  netlink_rcv_skb+0x16d/0x440
[  272.176899][T11203]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  272.176911][T11203]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  272.176927][T11203]  ? __pfx_aa_get_newest_label+0x10/0x10
[  272.176948][T11203]  ? bpf_lsm_capable+0x9/0x10
[  272.176959][T11203]  ? security_capable+0x7e/0x260
[  272.176973][T11203]  ? ns_capable+0xd7/0x110
[  272.176991][T11203]  nfnetlink_rcv+0x1b3/0x430
[  272.177016][T11203]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  272.177028][T11203]  ? netlink_deliver_tap+0x1ae/0xd30
[  272.177047][T11203]  netlink_unicast+0x53a/0x7f0
[  272.177066][T11203]  ? __pfx_netlink_unicast+0x10/0x10
[  272.177087][T11203]  netlink_sendmsg+0x8d1/0xdd0
[  272.177107][T11203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  272.177125][T11203]  ? __import_iovec+0x1dd/0x650
[  272.177142][T11203]  ____sys_sendmsg+0xa95/0xc70
[  272.177156][T11203]  ? __pfx_____sys_sendmsg+0x10/0x10
[  272.177166][T11203]  ? get_compat_msghdr+0x11a/0x170
[  272.177188][T11203]  ___sys_sendmsg+0x134/0x1d0
[  272.177206][T11203]  ? __pfx____sys_sendmsg+0x10/0x10
[  272.177228][T11203]  ? find_held_lock+0x2b/0x80
[  272.177253][T11203]  __sys_sendmsg+0x16d/0x220
[  272.177272][T11203]  ? __pfx___sys_sendmsg+0x10/0x10
[  272.177294][T11203]  ? rcu_is_watching+0x12/0xc0
[  272.177313][T11203]  __do_fast_syscall_32+0x7c/0x3a0
[  272.177326][T11203]  do_fast_syscall_32+0x32/0x80
[  272.177338][T11203]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.177351][T11203] RIP: 0023:0xf70fe579
[  272.177361][T11203] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  272.177372][T11203] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  272.177383][T11203] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  272.177390][T11203] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  272.177396][T11203] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  272.177402][T11203] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  272.177408][T11203] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  272.177422][T11203]  </TASK>
[  272.177426][T11203] Mem-Info:
[  272.197939][T11062] veth0_macvtap: entered promiscuous mode
[  272.199136][T11203] active_anon:4033 inactive_anon:5480 isolated_anon:0
[  272.199136][T11203]  active_file:2455 inactive_file:18248 isolated_file:0
[  272.199136][T11203]  unevictable:1768 dirty:314 writeback:0
[  272.199136][T11203]  slab_reclaimable:5820 slab_unreclaimable:75636
[  272.199136][T11203]  mapped:28002 shmem:5257 pagetables:1014
[  272.199136][T11203]  sec_pagetables:322 bounce:0
[  272.199136][T11203]  kernel_misc_reclaimable:0
[  272.199136][T11203]  free:53748 free_pcp:2184 free_cma:0
[  272.203432][T11062] veth1_macvtap: entered promiscuous mode
[  272.203719][T11203] Node 0 active_anon:636kB inactive_anon:136kB active_file:8kB inactive_file:144kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:4676kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7836kB pagetables:1244kB sec_pagetables:1176kB all_unreclaimable? yes Balloon:0kB
[  272.217216][T11062] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.218105][T11203] Node 1 active_anon:15336kB inactive_anon:21784kB active_file:9812kB inactive_file:72848kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:111908kB dirty:1256kB writeback:0kB shmem:16320kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4892kB pagetables:2812kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB
[  272.218137][T11203] Node 0 DMA free:2044kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:760kB local_pcp:232kB free_cma:0kB
[  272.218168][T11203] lowmem_reserve[]: 0 290 290 290 290
[  272.218190][T11203] Node 0 DMA32 free:19176kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:4096KB active_anon:636kB inactive_anon:136kB active_file:8kB inactive_file:144kB unevictable:3536kB writepending:0kB present:1032196kB managed:297400kB mlocked:0kB bounce:0kB free_pcp:5496kB local_pcp:4048kB free_cma:0kB
[  272.218220][T11203] lowmem_reserve[]: 0 0 0 0 0
[  272.218242][T11203] Node 1 
[  272.231030][T11062] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.231242][T11203] DMA32 free:193188kB boost:6144kB min:53292kB low:65076kB high:76860kB reserved_highatomic:0KB active_anon:15336kB inactive_anon:21784kB active_file:9812kB inactive_file:72848kB unevictable:3536kB writepending:1256kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:2984kB local_pcp:880kB free_cma:0kB
[  272.234885][T11062] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.235166][T11203] lowmem_reserve[]:
[  272.236612][T11062] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.242593][T11203]  0
[  272.245227][T11062] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.247641][T11203]  0
[  272.250150][T11062] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.252554][T11203]  0 0 0
[  272.252571][T11203] Node 0 DMA: 21*4kB (UM) 29*8kB (UM) 10*16kB (UM) 7*32kB (UM) 3*64kB (UM) 1*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2044kB
[  272.491383][T11203] Node 0 DMA32: 11*4kB (UMEH) 21*8kB (UMEH) 68*16kB (UMEH) 69*32kB (UMEH) 43*64kB (MEH) 23*128kB (MEH) 12*256kB (UMH) 7*512kB (UMH) 1*1024kB (U) 1*2048kB (U) 0*4096kB = 18932kB
[  272.496838][T11203] Node 1 DMA32: 421*4kB (UME) 695*8kB (UME) 746*16kB (UME) 518*32kB (UME) 361*64kB (UME) 61*128kB (UME) 56*256kB (UME) 58*512kB (UME) 30*1024kB (UM) 21*2048kB (UM) 2*4096kB (M) = 192620kB
[  272.505937][T11203] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  272.509084][T11203] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  272.517088][T11203] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  272.522634][T11203] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  272.529095][T11203] 26196 total pagecache pages
[  272.530609][T11203] 248 pages in swap cache
[  272.531984][T11203] Free swap  = 122556kB
[  272.533293][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.536330][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.538786][T11203] Total swap = 124996kB
[  272.540099][T11203] 524155 pages RAM
[  272.541319][T11203] 0 pages HighMem/MovableOnly
[  272.542792][T11203] 208894 pages reserved
[  272.544096][T11203] 0 pages cma reserved
[  272.556121][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.560889][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.687769][T11225] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1527'.
[  272.691128][T11225] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1527'.
[  272.694397][T11225] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1527'.
[  272.697824][T11225] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1527'.
[  273.094691][ T5939] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  273.234535][ T5939] usb 6-1: Using ep0 maxpacket: 32
[  273.239868][ T5939] usb 6-1: config 0 has no interfaces?
[  273.241696][ T5939] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  273.244656][ T5939] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.249016][ T5939] usb 6-1: config 0 descriptor??
[  273.441236][ T5999] usb 6-1: USB disconnect, device number 9
[  274.205686][ T5999] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  274.289740][T11275] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1537'.
[  274.469285][   T68] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.587717][T11289] netlink: 'syz.1.1539': attribute type 4 has an invalid length.
[  274.652122][   T63] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  274.656839][   T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  274.660677][   T63] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  274.664330][   T63] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  274.667051][   T63] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  274.691829][T11291] lo speed is unknown, defaulting to 1000
[  274.866222][T11291] chnl_net:caif_netlink_parms(): no params data found
[  274.969310][T11291] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.972149][T11291] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.975254][T11291] bridge_slave_0: entered allmulticast mode
[  274.979016][T11291] bridge_slave_0: entered promiscuous mode
[  274.983027][T11291] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.985548][T11291] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.988609][T11291] bridge_slave_1: entered allmulticast mode
[  274.991302][T11291] bridge_slave_1: entered promiscuous mode
[  275.025840][T11291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.034503][T11291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.068756][T11291] team0: Port device team_slave_0 added
[  275.073122][T11291] team0: Port device team_slave_1 added
[  275.111399][T11291] batman_adv: batadv0: Adding interface: batadv_slave_0
[  275.114389][T11291] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.125130][T11291] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  275.131361][T11291] batman_adv: batadv0: Adding interface: batadv_slave_1
[  275.134269][T11291] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.145133][T11291] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  275.208677][T11291] hsr_slave_0: entered promiscuous mode
[  275.211180][T11291] hsr_slave_1: entered promiscuous mode
[  275.213288][T11291] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  275.215900][T11291] Cannot create hsr debugfs directory
[  276.204389][   T68] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.268099][   T68] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.331322][   T68] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.468487][   T68] bridge_slave_1: left allmulticast mode
[  276.470848][   T68] bridge_slave_1: left promiscuous mode
[  276.473415][   T68] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.478844][   T68] bridge_slave_0: left allmulticast mode
[  276.481186][   T68] bridge_slave_0: left promiscuous mode
[  276.483618][   T68] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.591728][ T5945] Bluetooth: hci3: command tx timeout
[  276.777896][   T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  276.782073][   T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  276.785741][   T68] bond0 (unregistering): Released all slaves
[  277.201481][   T68] hsr_slave_0: left promiscuous mode
[  277.204342][   T68] hsr_slave_1: left promiscuous mode
[  277.214016][   T68] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  277.217005][   T68] batman_adv: batadv0: Removing interface: batadv_slave_0
[  277.219708][   T68] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  277.222672][   T68] batman_adv: batadv0: Removing interface: batadv_slave_1
[  277.255403][   T68] veth1_macvtap: left promiscuous mode
[  277.258436][   T68] veth0_macvtap: left promiscuous mode
[  277.260756][   T68] veth1_vlan: left promiscuous mode
[  277.263377][   T68] veth0_vlan: left promiscuous mode
[  277.935413][   T68] team0 (unregistering): Port device team_slave_1 removed
[  278.009795][   T68] team0 (unregistering): Port device team_slave_0 removed
[  278.537972][ T5945] Bluetooth: hci3: command tx timeout
[  278.594551][T11291] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  278.601524][T11291] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  278.617959][T11291] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  278.624257][T11291] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  278.687426][T11291] 8021q: adding VLAN 0 to HW filter on device bond0
[  278.701648][T11291] 8021q: adding VLAN 0 to HW filter on device team0
[  278.725756][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.728393][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.734614][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.737398][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.887873][T11291] 8021q: adding VLAN 0 to HW filter on device batadv0
[  278.909541][T11291] veth0_vlan: entered promiscuous mode
[  278.916382][T11291] veth1_vlan: entered promiscuous mode
[  278.931559][T11291] veth0_macvtap: entered promiscuous mode
[  278.935295][T11291] veth1_macvtap: entered promiscuous mode
[  278.943898][T11291] batman_adv: batadv0: Interface activated: batadv_slave_0
[  278.950927][T11291] batman_adv: batadv0: Interface activated: batadv_slave_1
[  278.955254][T11291] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.958674][T11291] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.961417][T11291] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.964086][T11291] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  279.006013][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.008378][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.029814][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.032389][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  281.125113][ T1224] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.352651][   T63] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  281.357689][   T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  281.361630][   T63] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  281.365634][   T63] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  281.369329][   T63] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  281.393043][T11336] lo speed is unknown, defaulting to 1000
[  281.585293][T11336] chnl_net:caif_netlink_parms(): no params data found
[  281.651186][T11336] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.654053][T11336] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.656878][T11336] bridge_slave_0: entered allmulticast mode
[  281.660059][T11336] bridge_slave_0: entered promiscuous mode
[  281.663681][T11336] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.666379][T11336] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.668617][T11336] bridge_slave_1: entered allmulticast mode
[  281.671406][T11336] bridge_slave_1: entered promiscuous mode
[  281.704884][T11336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  281.710494][T11336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.758750][T11336] team0: Port device team_slave_0 added
[  281.764391][T11336] team0: Port device team_slave_1 added
[  281.801696][T11336] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.803864][T11336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.811740][T11336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.816208][T11336] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.818408][T11336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.827514][T11336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  281.864270][T11336] hsr_slave_0: entered promiscuous mode
[  281.868357][T11336] hsr_slave_1: entered promiscuous mode
[  282.657598][ T1224] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.738079][ T1224] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.797163][ T1224] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.917057][ T1224] bridge_slave_1: left allmulticast mode
[  282.920464][ T1224] bridge_slave_1: left promiscuous mode
[  282.922229][ T1224] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.925544][ T1224] bridge_slave_0: left allmulticast mode
[  282.927281][ T1224] bridge_slave_0: left promiscuous mode
[  282.929325][ T1224] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.220049][ T1224] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  283.226117][ T1224] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  283.232788][ T1224] bond0 (unregistering): Released all slaves
[  283.312005][ T5945] Bluetooth: hci3: command tx timeout
[  283.650956][ T1224] hsr_slave_0: left promiscuous mode
[  283.652870][ T1224] hsr_slave_1: left promiscuous mode
[  283.656609][ T1224] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  283.658739][ T1224] batman_adv: batadv0: Removing interface: batadv_slave_0
[  283.661622][ T1224] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  283.664141][ T1224] batman_adv: batadv0: Removing interface: batadv_slave_1
[  283.691199][ T1224] veth1_macvtap: left promiscuous mode
[  283.692992][ T1224] veth0_macvtap: left promiscuous mode
[  283.694676][ T1224] veth1_vlan: left promiscuous mode
[  283.696237][ T1224] veth0_vlan: left promiscuous mode
[  284.114522][T11361] netlink: 'syz.2.1542': attribute type 23 has an invalid length.
[  284.254460][T11366] (syz.1.1541,11366,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  284.257464][T11366] (syz.1.1541,11366,1):ocfs2_fill_super:1177 ERROR: status = -22
[  284.620364][ T1224] team0 (unregistering): Port device team_slave_1 removed
[  284.692672][ T1224] team0 (unregistering): Port device team_slave_0 removed
[  285.204099][T11362] syz_tun: entered allmulticast mode
[  285.205955][T11362] syz_tun: left allmulticast mode
[  285.249035][ T5945] Bluetooth: hci3: command tx timeout
[  285.256668][T11378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1544'.
[  285.264503][T11336] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  285.281111][T11336] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  285.290125][T11336] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  285.296442][T11336] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  285.362147][T11380] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1545'.
[  285.374860][T11336] 8021q: adding VLAN 0 to HW filter on device bond0
[  285.404455][T11389] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  285.408743][T11336] 8021q: adding VLAN 0 to HW filter on device team0
[  285.408988][   T40] audit: type=1804 audit(2000000333.016:4753): pid=11389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1547" name="/newroot/365/file0" dev="tmpfs" ino=1936 res=1 errno=0
[  285.411777][T11391] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1548'.
[  285.413890][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.413936][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.418584][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.418631][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.422904][T11389] ref_ctr increment failed for inode: 0x790 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88801b47e0c0
[  285.584031][T11336] 8021q: adding VLAN 0 to HW filter on device batadv0
[  285.597795][T11407] overlayfs: overlapping lowerdir path
[  285.619242][T11336] veth0_vlan: entered promiscuous mode
[  285.641518][T11336] veth1_vlan: entered promiscuous mode
[  285.657885][T11336] veth0_macvtap: entered promiscuous mode
[  285.666897][T11336] veth1_macvtap: entered promiscuous mode
[  285.678186][T11336] batman_adv: batadv0: Interface activated: batadv_slave_0
[  285.682782][T11336] batman_adv: batadv0: Interface activated: batadv_slave_1
[  285.690944][T11336] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  285.694215][T11336] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.701126][T11336] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.704279][T11336] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  285.737628][T11410] netlink: 'syz.2.1551': attribute type 10 has an invalid length.
[  285.742219][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  285.749682][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  285.764942][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  285.767942][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  285.822855][T11413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1554'.
[  286.576320][T11432] netlink: 'syz.2.1558': attribute type 1 has an invalid length.
[  286.578837][T11432] netlink: 'syz.2.1558': attribute type 2 has an invalid length.
[  286.665889][T11436] FAULT_INJECTION: forcing a failure.
[  286.665889][T11436] name failslab, interval 1, probability 0, space 0, times 0
[  286.670520][T11436] CPU: 0 UID: 0 PID: 11436 Comm: syz.1.1561 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  286.670548][T11436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.670560][T11436] Call Trace:
[  286.670567][T11436]  <TASK>
[  286.670574][T11436]  dump_stack_lvl+0x16c/0x1f0
[  286.670599][T11436]  should_fail_ex+0x512/0x640
[  286.670619][T11436]  ? fs_reclaim_acquire+0xae/0x150
[  286.670649][T11436]  should_failslab+0xc2/0x120
[  286.670672][T11436]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  286.670693][T11436]  ? security_inode_alloc+0x3b/0x2b0
[  286.670719][T11436]  security_inode_alloc+0x3b/0x2b0
[  286.670744][T11436]  inode_init_always_gfp+0xce4/0x1030
[  286.670767][T11436]  alloc_inode+0x86/0x240
[  286.670790][T11436]  new_inode+0x22/0x1c0
[  286.670817][T11436]  ovl_new_inode+0x1d/0x50
[  286.670836][T11436]  ovl_create_object+0x17c/0x300
[  286.670857][T11436]  ? __pfx_ovl_create_object+0x10/0x10
[  286.670881][T11436]  ? bpf_lsm_inode_permission+0x9/0x10
[  286.670905][T11436]  ? security_inode_permission+0xbf/0x260
[  286.670936][T11436]  ovl_mkdir+0x2a/0x40
[  286.670955][T11436]  vfs_mkdir+0x590/0x8c0
[  286.670985][T11436]  do_mkdirat+0x304/0x3e0
[  286.671006][T11436]  ? __pfx_do_mkdirat+0x10/0x10
[  286.671026][T11436]  ? getname_flags.part.0+0x1c5/0x550
[  286.671056][T11436]  __ia32_sys_mkdirat+0x82/0xb0
[  286.671076][T11436]  __do_fast_syscall_32+0x7c/0x3a0
[  286.671099][T11436]  do_fast_syscall_32+0x32/0x80
[  286.671125][T11436]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.671147][T11436] RIP: 0023:0xf70fe579
[  286.671163][T11436] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  286.671180][T11436] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000128
[  286.671198][T11436] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000080
[  286.671209][T11436] RDX: 00000000000001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  286.671220][T11436] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  286.671230][T11436] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  286.671242][T11436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  286.671267][T11436]  </TASK>
[  286.897912][T11439] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.1562'.
[  287.968817][   T68] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.983123][T11454] netlink: 'syz.1.1566': attribute type 10 has an invalid length.
[  288.545262][   T63] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  288.550279][   T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  288.554062][   T63] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  288.557108][   T63] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  288.560232][   T63] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  288.583016][T11463] lo speed is unknown, defaulting to 1000
[  288.603311][T11467] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1569'.
[  288.882226][T11463] chnl_net:caif_netlink_parms(): no params data found
[  289.009467][T11463] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.012621][T11463] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.015364][T11463] bridge_slave_0: entered allmulticast mode
[  289.018011][T11463] bridge_slave_0: entered promiscuous mode
[  289.021146][T11463] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.023532][T11463] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.025929][T11463] bridge_slave_1: entered allmulticast mode
[  289.028556][T11463] bridge_slave_1: entered promiscuous mode
[  289.064586][T11463] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.069275][T11463] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  289.103694][T11463] team0: Port device team_slave_0 added
[  289.107405][T11463] team0: Port device team_slave_1 added
[  289.137943][T11463] batman_adv: batadv0: Adding interface: batadv_slave_0
[  289.140145][T11463] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.148151][T11463] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  289.152408][T11463] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.154950][T11463] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.162789][T11463] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.176358][T11501] kAFS: unparsable volume name
[  289.198984][T11501] netlink: set zone limit has 4 unknown bytes
[  289.219565][T11463] hsr_slave_0: entered promiscuous mode
[  289.221846][T11463] hsr_slave_1: entered promiscuous mode
[  289.223925][T11463] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  289.226268][T11463] Cannot create hsr debugfs directory
[  289.234336][T11505] netlink: 'syz.2.1578': attribute type 10 has an invalid length.
[  289.559503][   T68] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.650581][   T68] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.659391][T11510] lo speed is unknown, defaulting to 1000
[  289.661502][T11510] lo speed is unknown, defaulting to 1000
[  289.664913][T11510] lo speed is unknown, defaulting to 1000
[  289.688583][T11510] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  289.722954][   T68] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.740604][T11510] lo speed is unknown, defaulting to 1000
[  289.746806][T11510] lo speed is unknown, defaulting to 1000
[  289.752101][T11510] lo speed is unknown, defaulting to 1000
[  289.758308][T11510] lo speed is unknown, defaulting to 1000
[  289.767688][T11510] lo speed is unknown, defaulting to 1000
[  289.786129][T11510] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1581'.
[  289.835703][T11514] netlink: 'syz.2.1582': attribute type 27 has an invalid length.
[  289.855682][T11514] vlan2: left promiscuous mode
[  289.857672][T11514] syz_tun: left promiscuous mode
[  289.859853][T11514] geneve2: left promiscuous mode
[  289.861846][T11514] geneve2: left allmulticast mode
[  289.864719][T11514] batadv1: left promiscuous mode
[  289.869216][T11514] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 256 - 0
[  289.874735][T11514] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 256 - 0
[  289.877866][T11514] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 256 - 0
[  289.881739][T11514] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 256 - 0
[  289.885087][T11514] geneve3: left promiscuous mode
[  289.887002][T11514] geneve3: left allmulticast mode
[  289.890929][   T68] bridge_slave_1: left allmulticast mode
[  289.892789][   T68] bridge_slave_1: left promiscuous mode
[  289.894658][   T68] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.898428][   T68] bridge_slave_0: left allmulticast mode
[  289.900725][   T68] bridge_slave_0: left promiscuous mode
[  289.902574][   T68] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.067421][T11522] overlayfs: overlapping lowerdir path
[  290.162756][   T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  290.167088][   T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  290.171178][   T68] bond0 (unregistering): Released all slaves
[  290.211764][T11514] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.214660][T11514] 8021q: adding VLAN 0 to HW filter on device team0
[  290.220907][T11514] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  290.317686][ T5939] lo speed is unknown, defaulting to 1000
[  290.321445][ T5939] sÌR4: Port: 1 Link ACTIVE
[  290.468026][   T63] Bluetooth: hci3: command tx timeout
[  290.763673][   T68] hsr_slave_0: left promiscuous mode
[  290.766272][   T68] hsr_slave_1: left promiscuous mode
[  290.768532][   T68] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  290.770932][   T68] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.773733][   T68] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  290.778347][   T68] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.807987][   T68] veth1_macvtap: left promiscuous mode
[  290.809776][   T68] veth0_macvtap: left promiscuous mode
[  290.811590][   T68] veth1_vlan: left promiscuous mode
[  290.813543][   T68] veth0_vlan: left promiscuous mode
[  291.347088][T11563] tmpfs: Bad value for 'nr_inodes'
[  291.499702][   T68] team0 (unregistering): Port device team_slave_1 removed
[  291.575938][   T68] team0 (unregistering): Port device team_slave_0 removed
[  292.080853][T11541] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  292.084688][T11541] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  292.089778][T11541] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  292.237130][T11463] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  292.241260][T11463] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  292.245158][T11463] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  292.252812][T11463] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  292.306245][T11463] 8021q: adding VLAN 0 to HW filter on device bond0
[  292.324964][T11463] 8021q: adding VLAN 0 to HW filter on device team0
[  292.330266][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.332672][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  292.354174][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.356437][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  292.419330][   T63] Bluetooth: hci3: command tx timeout
[  292.525998][T11463] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.547479][T11463] veth0_vlan: entered promiscuous mode
[  292.552880][T11463] veth1_vlan: entered promiscuous mode
[  292.570298][T11463] veth0_macvtap: entered promiscuous mode
[  292.577667][T11463] veth1_macvtap: entered promiscuous mode
[  292.586601][T11463] batman_adv: batadv0: Interface activated: batadv_slave_0
[  292.592142][T11463] batman_adv: batadv0: Interface activated: batadv_slave_1
[  292.600679][T11463] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  292.605442][T11463] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  292.608193][T11463] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  292.610927][T11463] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  292.615832][T11600] batadv_slave_1: entered promiscuous mode
[  292.689789][T11599] batadv_slave_1: left promiscuous mode
[  292.690071][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.696714][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.710133][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.713444][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.860083][T11634] xt_NFQUEUE: number of total queues is 0
[  294.894429][ T1141] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.449485][T11641] netlink: 'syz.0.1605': attribute type 10 has an invalid length.
[  295.562160][T11652] overlayfs: failed to clone upperpath
[  295.643900][ T5945] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  295.648287][ T5945] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  295.653079][ T5945] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  295.657474][ T5945] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  295.660729][ T5945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  295.663943][T11658] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1610'.
[  295.666647][T11658] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1610'.
[  295.693512][T11653] lo speed is unknown, defaulting to 1000
[  295.795642][T11653] lo speed is unknown, defaulting to 1000
[  295.824547][   T40] audit: type=1326 audit(2000000344.195:4754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.1.1614" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70fe579 code=0x0
[  295.901819][T11653] chnl_net:caif_netlink_parms(): no params data found
[  295.986974][T11653] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.989297][T11653] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.991553][T11653] bridge_slave_0: entered allmulticast mode
[  295.994176][T11653] bridge_slave_0: entered promiscuous mode
[  295.997523][T11653] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.999780][T11653] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.002355][T11653] bridge_slave_1: entered allmulticast mode
[  296.006575][T11653] bridge_slave_1: entered promiscuous mode
[  296.044667][T11653] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.048075][T11672] netlink: 'syz.1.1614': attribute type 4 has an invalid length.
[  296.055835][T11653] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.099694][T11653] team0: Port device team_slave_0 added
[  296.104250][T11653] team0: Port device team_slave_1 added
[  296.147689][T11653] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.150632][T11653] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.160990][T11653] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.165697][T11653] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.167969][T11653] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.176207][T11653] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.234840][T11653] hsr_slave_0: entered promiscuous mode
[  296.238031][T11653] hsr_slave_1: entered promiscuous mode
[  296.682843][T11689] FAULT_INJECTION: forcing a failure.
[  296.682843][T11689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.688619][T11689] CPU: 1 UID: 0 PID: 11689 Comm: syz.1.1620 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  296.688660][T11689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  296.688670][T11689] Call Trace:
[  296.688677][T11689]  <TASK>
[  296.688684][T11689]  dump_stack_lvl+0x16c/0x1f0
[  296.688708][T11689]  should_fail_ex+0x512/0x640
[  296.688731][T11689]  _copy_from_user+0x2e/0xd0
[  296.688753][T11689]  get_user_ifreq+0x116/0x1c0
[  296.688803][T11689]  sock_ioctl+0x586/0x6b0
[  296.688824][T11689]  ? __pfx_sock_ioctl+0x10/0x10
[  296.688842][T11689]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  296.688883][T11689]  compat_sock_ioctl+0x58b/0x730
[  296.688906][T11689]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  296.688925][T11689]  ? hook_file_ioctl_common+0x145/0x410
[  296.688954][T11689]  ? __fget_files+0x20e/0x3c0
[  296.688971][T11689]  ? __fput_deferred+0x360/0x370
[  296.688999][T11689]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  296.689017][T11689]  __ia32_compat_sys_ioctl+0x23f/0x370
[  296.689046][T11689]  __do_fast_syscall_32+0x7c/0x3a0
[  296.689075][T11689]  do_fast_syscall_32+0x32/0x80
[  296.689094][T11689]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  296.689116][T11689] RIP: 0023:0xf70fe579
[  296.689131][T11689] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  296.689148][T11689] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  296.689165][T11689] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000000089f3
[  296.689177][T11689] RDX: 0000000080000300 RSI: 0000000000000000 RDI: 0000000000000000
[  296.689188][T11689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  296.689198][T11689] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  296.689209][T11689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  296.689233][T11689]  </TASK>
[  296.789340][T11695] netlink: 368 bytes leftover after parsing attributes in process `syz.1.1622'.
[  296.792238][T11695] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1622'.
[  296.833610][T11701] fuse: Unknown parameter 'fg¡”%d'
[  297.051577][T11706] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  297.087525][ T1141] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.171717][ T1141] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.228461][ T1141] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.336997][ T1141] bridge_slave_1: left allmulticast mode
[  297.346302][ T1141] bridge_slave_1: left promiscuous mode
[  297.348214][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.353165][ T1141] bridge_slave_0: left allmulticast mode
[  297.355023][ T1141] bridge_slave_0: left promiscuous mode
[  297.360025][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.469460][T11724] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1632'.
[  297.472322][T11724] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1632'.
[  297.543346][   T63] Bluetooth: hci3: command tx timeout
[  297.603845][T11729] block device autoloading is deprecated and will be removed.
[  297.607107][T11729] syz.0.1634: attempt to access beyond end of device
[  297.607107][T11729] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  297.634375][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.639588][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.643350][ T1141] bond0 (unregistering): Released all slaves
[  297.766250][T11739] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  298.161546][T11653] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  298.196440][ T1141] hsr_slave_0: left promiscuous mode
[  298.198799][ T1141] hsr_slave_1: left promiscuous mode
[  298.200836][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.203167][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.209172][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.211462][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.239966][ T1141] veth1_macvtap: left promiscuous mode
[  298.242024][ T1141] veth0_macvtap: left promiscuous mode
[  298.243856][ T1141] veth1_vlan: left promiscuous mode
[  298.245557][ T1141] veth0_vlan: left promiscuous mode
[  299.048503][ T1141] team0 (unregistering): Port device team_slave_1 removed
[  299.129134][ T1141] team0 (unregistering): Port device team_slave_0 removed
[  299.489880][   T63] Bluetooth: hci3: command tx timeout
[  299.738526][T11653] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  299.749420][T11780] batadv_slave_0: entered promiscuous mode
[  299.753811][T11653] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  299.763966][T11653] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  299.820004][   T40] audit: type=1326 audit(2000000348.476:4755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.1646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  299.830524][   T40] audit: type=1326 audit(2000000348.476:4756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.1646" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf703e579 code=0x7ffc0000
[  299.837040][   T40] audit: type=1326 audit(2000000348.476:4757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.1646" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf703e5a7 code=0x7ffc0000
[  299.844871][   T40] audit: type=1326 audit(2000000348.476:4758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.1646" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf703e579 code=0x7ffc0000
[  299.863669][   T40] audit: type=1326 audit(2000000348.476:4759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.1646" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf703e5a7 code=0x7ffc0000
[  299.870056][   T40] audit: type=1326 audit(2000000348.476:4760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.1646" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf703e579 code=0x7ffc0000
[  299.876591][   T40] audit: type=1326 audit(2000000348.476:4761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.1646" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf703e5a7 code=0x7ffc0000
[  299.884677][   T40] audit: type=1326 audit(2000000348.476:4762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.1646" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf703e579 code=0x7ffc0000
[  299.891154][   T40] audit: type=1326 audit(2000000348.476:4763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.1646" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf703e5a7 code=0x7ffc0000
[  300.023652][T11653] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.037704][T11653] 8021q: adding VLAN 0 to HW filter on device team0
[  300.047875][ T1224] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.050847][ T1224] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.059706][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.061970][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.216938][T11653] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.251070][T11653] veth0_vlan: entered promiscuous mode
[  300.257858][T11653] veth1_vlan: entered promiscuous mode
[  300.272161][T11653] veth0_macvtap: entered promiscuous mode
[  300.276611][T11653] veth1_macvtap: entered promiscuous mode
[  300.291878][T11653] batman_adv: batadv0: Interface activated: batadv_slave_0
[  300.298491][T11653] batman_adv: batadv0: Interface activated: batadv_slave_1
[  300.312799][T11653] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.315555][T11653] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.318296][T11653] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.322352][T11653] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.366725][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  300.369108][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  300.382724][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  300.386321][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.519003][T11820] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1653'.
[  301.740336][T11832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1657'.
[  301.744103][T11832] erspan0: entered promiscuous mode
[  301.847418][T11835] netlink: 'syz.2.1658': attribute type 27 has an invalid length.
[  302.259962][T11835] batadv_slave_0: left promiscuous mode
[  302.310310][T11836] 8021q: adding VLAN 0 to HW filter on device bond0
[  302.313228][T11836] 8021q: adding VLAN 0 to HW filter on device team0
[  302.319354][T11836] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  302.325547][   T61] lo speed is unknown, defaulting to 1000
[  302.327402][T11837] lo speed is unknown, defaulting to 1000
[  302.538849][T11850] netlink: 'syz.2.1660': attribute type 10 has an invalid length.
[  302.915972][T11859] pim6reg9: entered allmulticast mode
[  303.036902][ T1139] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.110154][T11865] netlink: 'syz.0.1665': attribute type 10 has an invalid length.
[  303.740557][T11869] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1667'.
[  303.810052][T11872] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1668'.
[  303.870084][T11874] FAULT_INJECTION: forcing a failure.
[  303.870084][T11874] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.875787][T11874] CPU: 3 UID: 0 PID: 11874 Comm: syz.0.1669 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  303.875806][T11874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  303.875816][T11874] Call Trace:
[  303.875822][T11874]  <TASK>
[  303.875829][T11874]  dump_stack_lvl+0x16c/0x1f0
[  303.875853][T11874]  should_fail_ex+0x512/0x640
[  303.875876][T11874]  save_fsave_header+0x14c/0x2f0
[  303.875895][T11874]  ? __pfx_save_fsave_header+0x10/0x10
[  303.875921][T11874]  ? copy_fpstate_to_sigframe+0x2c3/0xaf0
[  303.875939][T11874]  ? rcu_is_watching+0x12/0xc0
[  303.875965][T11874]  ? __local_bh_enable_ip+0xa4/0x120
[  303.875979][T11874]  copy_fpstate_to_sigframe+0x77c/0xaf0
[  303.875993][T11874]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  303.876004][T11874]  ? posixtimer_deliver_signal+0xed/0x6a0
[  303.876021][T11874]  ? posixtimer_deliver_signal+0x1af/0x6a0
[  303.876034][T11874]  ? x86_task_fpu+0x5f/0x90
[  303.876052][T11874]  get_sigframe+0x4a8/0x9c0
[  303.876071][T11874]  ? __pfx_get_sigframe+0x10/0x10
[  303.876090][T11874]  ? _raw_spin_unlock_irq+0x23/0x50
[  303.876107][T11874]  ? siginfo_layout+0x177/0x290
[  303.876125][T11874]  ia32_setup_rt_frame+0xe3/0xb30
[  303.876143][T11874]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  303.876160][T11874]  arch_do_signal_or_restart+0x480/0x790
[  303.876179][T11874]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  303.876200][T11874]  ? __do_compat_sys_rt_sigreturn+0x14d/0x1f0
[  303.876221][T11874]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  303.876237][T11874]  exit_to_user_mode_loop+0x84/0x110
[  303.876253][T11874]  do_int80_emulation+0x352/0x460
[  303.876267][T11874]  asm_int80_emulation+0x1a/0x20
[  303.876278][T11874] RIP: 0023:0xf705e577
[  303.876287][T11874] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  303.876299][T11874] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  303.876310][T11874] RAX: 0000000000000151 RBX: 0000000000000003 RCX: 0000000080000400
[  303.876317][T11874] RDX: 0000000000000f00 RSI: 0000000000000000 RDI: 0000000000000000
[  303.876323][T11874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  303.876329][T11874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  303.876336][T11874] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  303.876349][T11874]  </TASK>
[  303.900984][ T5945] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  303.959705][ T5945] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  303.962588][ T5945] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  303.966054][ T5945] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  303.969228][ T5945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  303.996894][T11877] lo speed is unknown, defaulting to 1000
[  304.074424][T11877] lo speed is unknown, defaulting to 1000
[  304.161420][T11877] chnl_net:caif_netlink_parms(): no params data found
[  304.243009][T11877] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.245960][T11877] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.248212][T11877] bridge_slave_0: entered allmulticast mode
[  304.251142][T11877] bridge_slave_0: entered promiscuous mode
[  304.254389][T11877] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.256603][T11877] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.258835][T11877] bridge_slave_1: entered allmulticast mode
[  304.261430][T11877] bridge_slave_1: entered promiscuous mode
[  304.314294][T11877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  304.319453][T11877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  304.321423][T11902] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1674'.
[  304.365329][T11902] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  304.368816][T11902] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  304.372503][T11902] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  304.375371][T11902] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  304.406107][T11902] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  304.409094][T11902] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  304.411982][T11902] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  304.414561][T11902] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  304.619581][T11877] team0: Port device team_slave_0 added
[  304.623224][T11877] team0: Port device team_slave_1 added
[  304.690849][T11877] batman_adv: batadv0: Adding interface: batadv_slave_0
[  304.693130][T11877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.702104][T11877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  304.706423][T11877] batman_adv: batadv0: Adding interface: batadv_slave_1
[  304.708595][T11877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.717586][T11877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  304.772321][T11877] hsr_slave_0: entered promiscuous mode
[  304.774815][T11877] hsr_slave_1: entered promiscuous mode
[  304.778314][T11877] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  304.780819][T11877] Cannot create hsr debugfs directory
[  305.105881][ T1139] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.108339][T11922] fuse: Bad value for 'fd'
[  305.232913][ T1139] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.310612][ T1139] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.454206][ T1139] bridge_slave_1: left allmulticast mode
[  305.458128][ T1139] bridge_slave_1: left promiscuous mode
[  305.460065][ T1139] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.464977][ T1139] bridge_slave_0: left allmulticast mode
[  305.467257][ T1139] bridge_slave_0: left promiscuous mode
[  305.469782][ T1139] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.708562][ T1139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  305.712777][ T1139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  305.716678][ T1139] bond0 (unregistering): Released all slaves
[  306.048506][ T1139] hsr_slave_0: left promiscuous mode
[  306.050657][ T1139] hsr_slave_1: left promiscuous mode
[  306.052865][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  306.055188][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_0
[  306.057876][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  306.060271][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_1
[  306.098808][ T1139] veth1_macvtap: left promiscuous mode
[  306.100604][ T1139] veth0_macvtap: left promiscuous mode
[  306.102382][ T1139] veth1_vlan: left promiscuous mode
[  306.104051][ T1139] veth0_vlan: left promiscuous mode
[  306.726691][ T1139] team0 (unregistering): Port device team_slave_1 removed
[  306.799415][ T1139] team0 (unregistering): Port device team_slave_0 removed
[  306.949341][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  306.951410][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  307.011904][ T5945] Bluetooth: hci3: command 0x041b tx timeout
[  307.019181][T11918] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  307.022268][T11918] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  308.950905][ T5945] Bluetooth: hci3: command 0x041b tx timeout
[  310.889543][ T5945] Bluetooth: hci3: command 0x041b tx timeout
[  312.827972][ T5945] Bluetooth: hci3: command 0x041b tx timeout
[  314.766927][ T5945] Bluetooth: hci3: command 0x041b tx timeout
[  316.715242][ T5945] Bluetooth: hci3: command 0x041b tx timeout
[  318.654599][ T5945] Bluetooth: hci3: command 0x041b tx timeout
[  319.805343][ T1417] ==================================================================
[  319.807755][ T1417] BUG: KASAN: slab-use-after-free in handle_tx+0x5dc/0x630
SYZFAIL: failed to recv rpc
[  319.810012][ T1417] Read of size 1 at addr ffff8880728be490 by task aoe_tx0/1417
[  319.813091][ T1417] 
[  319.814576][ T1417] CPU: 0 UID: 0 PID: 1417 Comm: aoe_tx0 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  319.814592][ T1417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  319.814599][ T1417] Call Trace:
[  319.814604][ T1417]  <TASK>
[  319.814608][ T1417]  dump_stack_lvl+0x116/0x1f0
[  319.814623][ T1417]  print_report+0xcd/0x680
[  319.814637][ T1417]  ? __virt_addr_valid+0x81/0x610
[  319.814655][ T1417]  ? __phys_addr+0xe8/0x180
[  319.814672][ T1417]  ? handle_tx+0x5dc/0x630
[  319.814684][ T1417]  kasan_report+0xe0/0x110
[  319.814697][ T1417]  ? handle_tx+0x5dc/0x630
[  319.814711][ T1417]  handle_tx+0x5dc/0x630
[  319.814726][ T1417]  dev_hard_start_xmit+0x96/0x740
[  319.814741][ T1417]  __dev_queue_xmit+0x7eb/0x43e0
[  319.814755][ T1417]  ? __schedule+0x3fff/0x5de0
[  319.814772][ T1417]  ? rcu_is_watching+0x12/0xc0
[  319.814789][ T1417]  ? __pfx___dev_queue_xmit+0x10/0x10
[  319.814803][ T1417]  ? __lock_acquire+0xb8a/0x1c90
[  319.814815][ T1417]  ? __lock_acquire+0xb8a/0x1c90
[  319.814829][ T1417]  ? do_raw_spin_lock+0x12c/0x2b0
[  319.814844][ T1417]  ? find_held_lock+0x2b/0x80
[  319.814860][ T1417]  ? skb_dequeue+0x126/0x180
[  319.814871][ T1417]  ? find_held_lock+0x2b/0x80
[  319.814887][ T1417]  ? rcu_is_watching+0x12/0xc0
[  319.814904][ T1417]  tx+0xcc/0x190
[  319.814919][ T1417]  ? __pfx_tx+0x10/0x10
[  319.814931][ T1417]  kthread+0x1e1/0x3e0
[  319.814942][ T1417]  ? find_held_lock+0x2b/0x80
[  319.814958][ T1417]  ? __pfx_kthread+0x10/0x10
[  319.814969][ T1417]  ? __pfx_default_wake_function+0x10/0x10
[  319.814986][ T1417]  ? lockdep_hardirqs_on+0x7c/0x110
[  319.814997][ T1417]  ? __kthread_parkme+0x19e/0x250
[  319.815009][ T1417]  ? __pfx_kthread+0x10/0x10
[  319.815020][ T1417]  kthread+0x3c5/0x780
[  319.815033][ T1417]  ? __pfx_kthread+0x10/0x10
[  319.815046][ T1417]  ? rcu_is_watching+0x12/0xc0
[  319.815062][ T1417]  ? __pfx_kthread+0x10/0x10
[  319.815075][ T1417]  ret_from_fork+0x5d7/0x6f0
[  319.815088][ T1417]  ? __pfx_kthread+0x10/0x10
[  319.815101][ T1417]  ret_from_fork_asm+0x1a/0x30
[  319.815119][ T1417]  </TASK>
[  319.815123][ T1417] 
[  319.877441][ T1417] Allocated by task 10696:
[  319.878799][ T1417]  kasan_save_stack+0x33/0x60
[  319.880253][ T1417]  kasan_save_track+0x14/0x30
[  319.881755][ T1417]  __kasan_kmalloc+0xaa/0xb0
[  319.883213][ T1417]  alloc_tty_struct+0x96/0x8c0
[  319.884689][ T1417]  tty_init_dev.part.0+0x1e/0x500
[  319.886186][ T1417]  tty_open+0xa50/0xf90
[  319.887464][ T1417]  chrdev_open+0x231/0x6a0
[  319.888862][ T1417]  do_dentry_open+0x744/0x1c10
[  319.890395][ T1417]  vfs_open+0x82/0x3f0
[  319.891678][ T1417]  path_openat+0x1de4/0x2cb0
[  319.893097][ T1417]  do_filp_open+0x20b/0x470
[  319.894505][ T1417]  do_sys_openat2+0x11b/0x1d0
[  319.895813][ T1417]  __ia32_compat_sys_openat+0x16d/0x210
[  319.897430][ T1417]  __do_fast_syscall_32+0x7c/0x3a0
[  319.899008][ T1417]  do_fast_syscall_32+0x32/0x80
[  319.900803][ T1417]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  319.902714][ T1417] 
[  319.903488][ T1417] Freed by task 6006:
[  319.904710][ T1417]  kasan_save_stack+0x33/0x60
[  319.906173][ T1417]  kasan_save_track+0x14/0x30
[  319.907661][ T1417]  kasan_save_free_info+0x3b/0x60
[  319.909242][ T1417]  __kasan_slab_free+0x51/0x70
[  319.910707][ T1417]  kfree+0x2b4/0x4d0
[  319.911883][ T1417]  process_one_work+0x9cc/0x1b70
[  319.913475][ T1417]  worker_thread+0x6c8/0xf10
[  319.914928][ T1417]  kthread+0x3c5/0x780
[  319.916185][ T1417]  ret_from_fork+0x5d7/0x6f0
[  319.917607][ T1417]  ret_from_fork_asm+0x1a/0x30
[  319.919076][ T1417] 
[  319.919843][ T1417] Last potentially related work creation:
[  319.921603][ T1417]  kasan_save_stack+0x33/0x60
[  319.923040][ T1417]  kasan_record_aux_stack+0xa7/0xc0
[  319.924619][ T1417]  insert_work+0x36/0x230
[  319.925972][ T1417]  __queue_work+0x97e/0x10f0
[  319.927392][ T1417]  queue_work_on+0x1a4/0x1f0
[  319.928798][ T1417]  release_tty+0x4de/0x5d0
[  319.930207][ T1417]  tty_release_struct+0xb7/0xe0
[  319.931672][ T1417]  tty_release+0xe2d/0x1430
[  319.933070][ T1417]  __fput+0x402/0xb70
[  319.934330][ T1417]  task_work_run+0x14d/0x240
[  319.935774][ T1417]  do_exit+0xae2/0x2c70
[  319.937075][ T1417]  do_group_exit+0xd3/0x2a0
[  319.938492][ T1417]  get_signal+0x2673/0x26d0
[  319.939907][ T1417]  arch_do_signal_or_restart+0x8f/0x790
[  319.941604][ T1417]  exit_to_user_mode_loop+0x84/0x110
[  319.943232][ T1417]  __do_fast_syscall_32+0x2ac/0x3a0
[  319.944841][ T1417]  do_fast_syscall_32+0x32/0x80
[  319.946288][ T1417]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  319.948345][ T1417] 
[  319.949114][ T1417] The buggy address belongs to the object at ffff8880728be000
[  319.949114][ T1417]  which belongs to the cache kmalloc-cg-2k of size 2048
[  319.953297][ T1417] The buggy address is located 1168 bytes inside of
[  319.953297][ T1417]  freed 2048-byte region [ffff8880728be000, ffff8880728be800)
[  319.957345][ T1417] 
[  319.958114][ T1417] The buggy address belongs to the physical page:
[  319.960023][ T1417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x728b8
[  319.962681][ T1417] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  319.965290][ T1417] memcg:ffff88804bf93a01
[  319.966590][ T1417] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  319.968890][ T1417] page_type: f5(slab)
[  319.970122][ T1417] raw: 04fff00000000040 ffff88801b44c140 dead000000000100 dead000000000122
[  319.972696][ T1417] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff88804bf93a01
[  319.975213][ T1417] head: 04fff00000000040 ffff88801b44c140 dead000000000100 dead000000000122
[  319.977777][ T1417] head: 0000000000000000 0000000000080008 00000000f5000000 ffff88804bf93a01
[  319.980423][ T1417] head: 04fff00000000003 ffffea0001ca2e01 00000000ffffffff 00000000ffffffff
[  319.983098][ T1417] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  319.986109][ T1417] page dumped because: kasan: bad access detected
[  319.988085][ T1417] page_owner tracks the page as allocated
[  319.989857][ T1417] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5947, tgid 5947 (syz-executor), ts 91341981896, free_ts 91283251275
[  319.996193][ T1417]  post_alloc_hook+0x1c0/0x230
[  319.997680][ T1417]  get_page_from_freelist+0x135c/0x3950
[  319.999397][ T1417]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  320.001238][ T1417]  alloc_pages_mpol+0x1fb/0x550
[  320.002763][ T1417]  new_slab+0x23b/0x330
[  320.004058][ T1417]  ___slab_alloc+0xd9c/0x1940
[  320.005529][ T1417]  __slab_alloc.constprop.0+0x56/0xb0
[  320.007414][ T1417]  __kvmalloc_node_noprof+0x3af/0x620
[  320.009094][ T1417]  xt_alloc_table_info+0x3e/0xa0
[  320.010664][ T1417]  compat_do_replace+0x184/0x3c0
[  320.012203][ T1417]  do_ip6t_set_ctl+0x55d/0xa70
[  320.013700][ T1417]  nf_setsockopt+0x8a/0xf0
[  320.015050][ T1417]  ipv6_setsockopt+0x135/0x170
[  320.016413][ T1417]  tcp_setsockopt+0xa4/0x100
[  320.017836][ T1417]  do_sock_setsockopt+0x224/0x470
[  320.019376][ T1417]  __sys_setsockopt+0x120/0x1a0
[  320.020913][ T1417] page last free pid 5953 tgid 5953 stack trace:
[  320.022798][ T1417]  __free_frozen_pages+0x7f8/0x1180
[  320.024360][ T1417]  __put_partials+0x16d/0x1c0
[  320.025818][ T1417]  qlist_free_all+0x4d/0x120
[  320.027223][ T1417]  kasan_quarantine_reduce+0x195/0x1e0
[  320.028900][ T1417]  __kasan_slab_alloc+0x69/0x90
[  320.030435][ T1417]  kmem_cache_alloc_lru_noprof+0x1d0/0x3b0
[  320.032248][ T1417]  shmem_alloc_inode+0x25/0x50
[  320.033752][ T1417]  alloc_inode+0x64/0x240
[  320.035106][ T1417]  new_inode+0x22/0x1c0
[  320.036407][ T1417]  shmem_get_inode+0x19a/0xfb0
[  320.037869][ T1417]  shmem_mknod+0x1a8/0x450
[  320.039258][ T1417]  lookup_open.isra.0+0x11d0/0x1580
[  320.040863][ T1417]  path_openat+0x893/0x2cb0
[  320.042280][ T1417]  do_filp_open+0x20b/0x470
[  320.043725][ T1417]  do_sys_openat2+0x11b/0x1d0
[  320.045149][ T1417]  __x64_sys_openat+0x174/0x210
[  320.046609][ T1417] 
[  320.047346][ T1417] Memory state around the buggy address:
[  320.049006][ T1417]  ffff8880728be380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.051454][ T1417]  ffff8880728be400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.053860][ T1417] >ffff8880728be480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.056233][ T1417]                          ^
[  320.057637][ T1417]  ffff8880728be500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.059985][ T1417]  ffff8880728be580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.062393][ T1417] ==================================================================
[  320.064828][ T1417] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  320.066976][ T1417] CPU: 0 UID: 0 PID: 1417 Comm: aoe_tx0 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[  320.070333][ T1417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  320.073491][ T1417] Call Trace:
[  320.074490][ T1417]  <TASK>
[  320.075405][ T1417]  dump_stack_lvl+0x3d/0x1f0
[  320.076804][ T1417]  panic+0x71c/0x800
[  320.078009][ T1417]  ? __pfx_panic+0x10/0x10
[  320.079368][ T1417]  ? irqentry_exit+0x3b/0x90
[  320.080821][ T1417]  ? lockdep_hardirqs_on+0x7c/0x110
[  320.082397][ T1417]  ? handle_tx+0x5dc/0x630
[  320.083789][ T1417]  ? check_panic_on_warn+0x1f/0xb0
[  320.085387][ T1417]  ? handle_tx+0x5dc/0x630
[  320.086904][ T1417]  check_panic_on_warn+0xab/0xb0
[  320.088472][ T1417]  end_report+0x107/0x170
[  320.089842][ T1417]  kasan_report+0xee/0x110
[  320.091252][ T1417]  ? handle_tx+0x5dc/0x630
[  320.092656][ T1417]  handle_tx+0x5dc/0x630
[  320.094020][ T1417]  dev_hard_start_xmit+0x96/0x740
[  320.095604][ T1417]  __dev_queue_xmit+0x7eb/0x43e0
[  320.097156][ T1417]  ? __schedule+0x3fff/0x5de0
[  320.098661][ T1417]  ? rcu_is_watching+0x12/0xc0
[  320.100201][ T1417]  ? __pfx___dev_queue_xmit+0x10/0x10
[  320.101903][ T1417]  ? __lock_acquire+0xb8a/0x1c90
[  320.103453][ T1417]  ? __lock_acquire+0xb8a/0x1c90
[  320.104978][ T1417]  ? do_raw_spin_lock+0x12c/0x2b0
[  320.106520][ T1417]  ? find_held_lock+0x2b/0x80
[  320.107963][ T1417]  ? skb_dequeue+0x126/0x180
[  320.109381][ T1417]  ? find_held_lock+0x2b/0x80
[  320.110863][ T1417]  ? rcu_is_watching+0x12/0xc0
[  320.112328][ T1417]  tx+0xcc/0x190
[  320.113449][ T1417]  ? __pfx_tx+0x10/0x10
[  320.114716][ T1417]  kthread+0x1e1/0x3e0
[  320.116018][ T1417]  ? find_held_lock+0x2b/0x80
[  320.117481][ T1417]  ? __pfx_kthread+0x10/0x10
[  320.118906][ T1417]  ? __pfx_default_wake_function+0x10/0x10
[  320.120687][ T1417]  ? lockdep_hardirqs_on+0x7c/0x110
[  320.122260][ T1417]  ? __kthread_parkme+0x19e/0x250
[  320.123773][ T1417]  ? __pfx_kthread+0x10/0x10
[  320.125263][ T1417]  kthread+0x3c5/0x780
[  320.126504][ T1417]  ? __pfx_kthread+0x10/0x10
[  320.127915][ T1417]  ? rcu_is_watching+0x12/0xc0
[  320.129368][ T1417]  ? __pfx_kthread+0x10/0x10
[  320.130778][ T1417]  ret_from_fork+0x5d7/0x6f0
[  320.132183][ T1417]  ? __pfx_kthread+0x10/0x10
[  320.133566][ T1417]  ret_from_fork_asm+0x1a/0x30
[  320.135010][ T1417]  </TASK>
[  320.136635][ T1417] Kernel Offset: disabled
[  320.137993][ T1417] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:29:22  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85530245 RDI=ffffffff9ae20cc0 RBP=ffffffff9ae20c80 RSP=ffffc90007a2f458
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000030 R14=ffffffff9ae20c80 R15=ffffffff855301e0
RIP=ffffffff8553026f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977ac000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f13986f5e9c CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000000 RDX=ffff888023cf4880
RSI=ffffffff822a40b0 RDI=ffffffff93ad7040 RBP=0000000000002dc2 RSP=ffffc90004477720
R8 =0000000000040001 R9 =0000000000000000 R10=ffffed100c7f0c00 R11=dffffc0000000000
R12=1ffff9200088eef0 R13=ffffea00018fe1c0 R14=dffffc0000000000 R15=ffff888023cf4880
RIP=ffffffff8b71cc30 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880978ac000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73c5004 CR3=0000000023b13000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000020210058
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=00000000000000d8 RCX=ffffffff8205e532 RDX=ffff888026f6a440
RSI=00000000000000d8 RDI=0000000000000110 RBP=ffff88804d964e40 RSP=ffffc90002ef7800
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=00000000000000d8 R13=0000000000000000 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff81badb80 RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979ac000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7fb6e40 CR3=000000004fdf3000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7452ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000005c97ff RBX=0000000000000003 RCX=ffffffff8b71e0a9 RDX=0000000000000000
RSI=ffffffff8dbee096 RDI=ffffffff8bf4fdc0 RBP=ffffed10037e2000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a663d R10=ffff88802b5331eb R11=0000000000000001
R12=0000000000000003 R13=ffff88801bf10000 R14=ffffffff90867e50 R15=0000000000000000
RIP=ffffffff8b71cc0f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097aac000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f088dff0 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ffffffffffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000