last executing test programs:

1m14.031449891s ago: executing program 0 (id=1718):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd) (fail_nth: 4)

1m13.972052138s ago: executing program 0 (id=1719):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x64, 0x3, 0x300, 0x6e, 0xffffffad, 0x190, 0x190, 0x190, 0x268, 0x268, 0x268, 0x268, 0x268, 0x3, 0x0, {[{{@ip={@remote, @local={0xac, 0x14, 0xd}, 0x0, 0x0, 'caif0\x00', 'ip6tnl0\x00'}, 0x2000000, 0x130, 0x190, 0xffffffc5, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "bdc74c01369df17d17ac76fa5f9b3bfa0c34430d864040bc25b2b73a59aa6ecab6b1d2cc05e3182f64694d7d05fb8b8c8f56627a54f905d564eeeb8334f650ca0f3c44f7fda4d20a55050342ea85ecc8838e7088de33582f36a0a375bb7008adc297a5ece1bb2df53d17bef26bb6f800", 0x7f, 0x2}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x55}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x0, 0x0, 'team0\x00', 'team0\x00'}, 0x0, 0x98, 0xd8, 0x0, {}, [@common=@inet=@set1={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x360)

1m13.971969608s ago: executing program 0 (id=1720):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0x404)

1m13.902063659s ago: executing program 0 (id=1721):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800610001"], 0x48)
r1 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0xfb6e, 0x38c1, 0x4, 0xf0})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000000c000/0x1000)=nil, &(0x7f000001f000/0x1000)=nil, &(0x7f0000015000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f000000c000/0x4000)=nil, &(0x7f000001d000/0x3000)=nil, &(0x7f0000012000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0}, 0x68)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000e00)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x268, 0x311, 0x0, 0x268, 0x3f0, 0x460, 0x460, 0x3f0, 0x460, 0x9, 0x0, {[{{@uncond, 0x160, 0x288, 0x2b0, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x7f800000000000, 0x0, 0x0, 0x80, 0x5, 0x9}}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @local, @private2, @remote, [], [], [], 0x0, 0x7863}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xd8, 0x140, 0xe4030000, {}, [@common=@unspec=@realm={{0x30}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
io_uring_register$IORING_REGISTER_FILES(r1, 0x20, &(0x7f0000000000)=[r1], 0x1)
r3 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$vim2m_VIDIOC_G_FMT(r3, 0xc0d05604, &(0x7f0000000300)={0x1, @vbi={0x1c, 0x5, 0x96b, 0x64737664, [0x5, 0x5], [0x3, 0x4], 0x108}})
r4 = syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_RESUME(r4, 0x4147, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}, {@verity_on}]})
r5 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r5, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000100)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r6 = syz_clone(0x88200, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000000380)={0x2140000, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, &(0x7f0000000340)=[r6], 0x1}, 0x58)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xc9b1, r0}, 0x38)

1m13.800260505s ago: executing program 0 (id=1722):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x9000000, {0x2, 0x0, 0x7}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x8c}}, 0x14b6deac033214c2)

1m13.661848979s ago: executing program 0 (id=1723):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=@base={0x5, 0x10001, 0x7fff, 0x202, 0x1}, 0x50)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x2c0000, &(0x7f0000000040)=ANY=[@ANYRES16, @ANYRESDEC])
openat$cgroup_ro(r2, &(0x7f0000000000)='rdma.current\x00', 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001780), 0x8, r0}, 0x38)

1m13.624308576s ago: executing program 32 (id=1723):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=@base={0x5, 0x10001, 0x7fff, 0x202, 0x1}, 0x50)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x2c0000, &(0x7f0000000040)=ANY=[@ANYRES16, @ANYRESDEC])
openat$cgroup_ro(r2, &(0x7f0000000000)='rdma.current\x00', 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001780), 0x8, r0}, 0x38)

47.172165397s ago: executing program 1 (id=2415):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e0200229e3505d25a806f8c6394f90224fc60041411000a7403004714000037153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

41.27382165s ago: executing program 1 (id=2415):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e0200229e3505d25a806f8c6394f90224fc60041411000a7403004714000037153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

32.522516952s ago: executing program 1 (id=2415):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e0200229e3505d25a806f8c6394f90224fc60041411000a7403004714000037153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

28.634907801s ago: executing program 4 (id=2720):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000140)=""/151, 0x97}, {&(0x7f0000000200)=""/223, 0xdf}, {&(0x7f00000025c0)=""/4105, 0x1009}, {&(0x7f0000000340)=""/157, 0x9d}, {&(0x7f0000003e00)=""/101, 0x65}, {&(0x7f0000001480)=""/62, 0x3e}], 0x6}}, {{0x0, 0x0, 0x0}}], 0x2, 0x34000, 0x0)

27.703894893s ago: executing program 4 (id=2729):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x34000000, 0x0, {0x2}}}, 0x8c}}, 0x14b6deac033214c2)

27.517449824s ago: executing program 4 (id=2731):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011"], 0x7c}}, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a090400000000000000000200fffe0900020073797a32000000000900010073797a30000000004400048024000180090001006d6574610000000014000280080001400000000108000240000000171c"], 0x98}, 0x1, 0x0, 0x0, 0x24040800}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0xb, 0x11, &(0x7f0000000580)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
recvmsg(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000006c0)=""/179, 0xb3}, {&(0x7f0000000600)=""/124, 0x7c}], 0x2}, 0x2001)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x4400, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56741, 0x1, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {0xffff, 0xffff}, {0x3, 0xb}}}, 0x24}}, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb09587", 0x4b}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

24.732114718s ago: executing program 4 (id=2735):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xc)
madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xd)
syz_open_dev$cec(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000140)=[{r3}], 0x1, 0x0, 0x0, 0x0)
close(r1)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$pokeuser(0x6, r4, 0x8, 0x7)
r5 = socket$netlink(0x10, 0x3, 0xe)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r8, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r7, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x4, 0x0, [{0xa72, 0x0, 0x5}, {0x35e, 0x0, 0x9}, {0x995, 0x0, 0x2640}, {0x310, 0x0, 0xdb}]})

24.187212924s ago: executing program 4 (id=2738):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008"], 0x7c}}, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a090400000000000000000200fffe0900020073797a32000000000900010073797a30000000004400048024000180090001006d6574610000000014000280080001400000000108000240000000171c"], 0x98}, 0x1, 0x0, 0x0, 0x24040800}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0xb, 0x11, &(0x7f0000000580)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
recvmsg(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000006c0)=""/179, 0xb3}, {&(0x7f0000000780)=""/212, 0xd4}, {&(0x7f0000000600)=""/124, 0x7c}], 0x3}, 0x2001)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x4400, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56741, 0x1, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {0xffff, 0xffff}, {0x3, 0xb}}}, 0x24}}, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

22.196879771s ago: executing program 4 (id=2749):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
mmap(&(0x7f000097b000/0x2000)=nil, 0x2000, 0xb, 0x8031, 0xffffffffffffffff, 0xf500000000000000)

22.067652207s ago: executing program 33 (id=2749):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
mmap(&(0x7f000097b000/0x2000)=nil, 0x2000, 0xb, 0x8031, 0xffffffffffffffff, 0xf500000000000000)

20.710203703s ago: executing program 1 (id=2415):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e0200229e3505d25a806f8c6394f90224fc60041411000a7403004714000037153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

11.653860678s ago: executing program 1 (id=2415):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e0200229e3505d25a806f8c6394f90224fc60041411000a7403004714000037153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

4.81447231s ago: executing program 1 (id=2415):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e0200229e3505d25a806f8c6394f90224fc60041411000a7403004714000037153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

3.68122555s ago: executing program 2 (id=2992):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011"], 0x7c}}, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a090400000000000000000200fffe0900020073797a32000000000900010073797a30000000004400048024000180090001006d6574610000000014000280080001400000000108000240000000171c"], 0x98}, 0x1, 0x0, 0x0, 0x24040800}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
recvmsg(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000006c0)=""/179, 0xb3}, {&(0x7f0000000600)=""/124, 0x7c}], 0x2, &(0x7f0000000880)=""/61, 0x3d}, 0x2001)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x4400, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56741, 0x1, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {0xffff, 0xffff}, {0x3, 0xb}}}, 0x24}}, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.678652814s ago: executing program 2 (id=2993):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000000c0)={'virt_wifi0\x00', &(0x7f0000000040)=@ethtool_rxfh={0x47, 0x5, 0x9, 0x1, 0x9, "58b654", 0x2}}) (async)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000000c0)={'virt_wifi0\x00', &(0x7f0000000040)=@ethtool_rxfh={0x47, 0x5, 0x9, 0x1, 0x9, "58b654", 0x2}})
r3 = socket(0x18, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x40842, 0x0)
socket(0x28, 0x1, 0x0) (async)
r4 = socket(0x28, 0x1, 0x0)
getsockopt$SO_TIMESTAMPING(r4, 0x1, 0x52, 0x0, &(0x7f00000002c0)) (async)
getsockopt$SO_TIMESTAMPING(r4, 0x1, 0x52, 0x0, &(0x7f00000002c0))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r5, 0x0, 0x0, 0x8001) (async)
fallocate(r5, 0x0, 0x0, 0x8001)
bind$alg(r1, &(0x7f0000000380)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(serpent-generic)\x00'}, 0x58)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000005180)={0x0, 0xf}, &(0x7f00000051c0)=0x8) (async)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000005180)={<r6=>0x0, 0xf}, &(0x7f00000051c0)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000005200)={r6, 0x9}, 0x8)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (async)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e06000d08"], 0x9)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_vs\x00') (async)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_vs\x00')
syz_emit_ethernet(0x7c, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd6076050000002f00fe800000000000000900000000000021ff0200000000000000000000000000010420655800000000000008000000000086dd080088be00000000100000000100000000000000080084f00c22eb00000000200080100200000000000008000100000800655800000000"], 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
setsockopt$packet_tx_ring(r8, 0x107, 0xd, &(0x7f0000000100)=@req={0x0, 0x0, 0x9, 0xffffffff}, 0x10)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r7, 0xc0389424, &(0x7f00000000c0)={0xffffffffffffffff, 0x38, '\x00', 0x1, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
socket$netlink(0x10, 0x3, 0x0) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@bridge_getvlan={0x20, 0x72, 0x301, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x12}]}, 0x20}, 0x1, 0xf00}, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

3.297874483s ago: executing program 2 (id=2998):
syz_open_dev$loop(&(0x7f0000000280), 0x3, 0x82080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0xf401, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)

3.29629759s ago: executing program 2 (id=2999):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a090400000000000000000200fffe0900020073797a32000000000900010073797a30000000004400048024000180090001006d6574610000000014000280080001400000000108000240000000171c"], 0x98}, 0x1, 0x0, 0x0, 0x24040800}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0xb, 0x11, &(0x7f0000000580)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
recvmsg(r0, 0x0, 0x2001)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.243083344s ago: executing program 2 (id=3002):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x20, r1, 0x0, 0x0)
ptrace$cont(0x18, r1, 0x4043, 0x4)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
mknod(&(0x7f0000000180)='./bus\x00', 0xc000, 0x100)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080)='vfat\x00', 0x8080, &(0x7f00000001c0)='discard')
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000000c0)={'geneve0\x00', 0x2000})
r3 = syz_open_procfs(0x0, &(0x7f0000000780)='task\x00')
lseek(r3, 0x8, 0x4)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f00000012c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109024a0001100000000904000003fe03010009cd8d1f00020000000905050200067e001009058b1e", @ANYRESHEX], 0x0)
syz_usb_control_io$printer(r4, 0x0, &(0x7f0000000100)={0x34, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r5, &(0x7f0000000080)="1e374ee552", 0x5)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
syz_genetlink_get_family_id$gtp(&(0x7f0000000000), r2)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x54, 0x2c, 0x42f, 0x70bd26, 0x8000, {0x0, 0x0, 0x0, r7, {0x8, 0x1}, {}, {0xffff, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x24, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

560.580901ms ago: executing program 5 (id=3021):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000180)={0x2, 0x4e21, @rand_addr=0x64010103}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000540)="b1", 0x1}], 0x1}, 0xdc05}, {{&(0x7f0000000880)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10, &(0x7f0000000a80)=[{&(0x7f00000008c0)="11", 0x1}], 0x1}}], 0x2, 0x8004804)
shutdown(r0, 0x1)

482.805516ms ago: executing program 5 (id=3023):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8b, 0x6a, 0xa, 0xff00}, [@call={0xc}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c00000044000701fcffffff00000000017c000038000480312d4e", @ANYBLOB='\v'], 0x4c}, 0x1, 0x0, 0x6000000000000000, 0x488c0}, 0x4000080)

482.64811ms ago: executing program 3 (id=3024):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCAX25CTLCON(0xffffffffffffffff, 0x89e8, &(0x7f0000000100)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @default, 0x63, 0xffffffffffff0001, 0x0, [@default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @null, @default]})
pipe2$9p(&(0x7f0000000040), 0x0)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000000a0a0103"], 0x20}, 0x1, 0x0, 0x1f000000}, 0x0)

481.728523ms ago: executing program 5 (id=3025):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r1 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r5 = dup3(r4, r3, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000480)={[{@nr_blocks={'nr_blocks', 0x3d, [0x38]}}]})
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r8, &(0x7f0000000080)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r9, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r11)
getsockname$packet(r11, &(0x7f0000000180)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@delchain={0x34, 0x2c, 0xf31, 0x0, 0x2000, {0x0, 0x0, 0x0, r12, {}, {0xfff2, 0xffff}, {0xc, 0x1}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000080)={r1, r2})
ioctl$sock_bt_bnep_BNEPCONNADD(r1, 0x400442c8, &(0x7f0000000100)={r0, 0x0, 0x4, "31c877323b07"})

421.855813ms ago: executing program 3 (id=3026):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x5c, r1, 0x917, 0xa7, 0x1000000, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback={0xfffffffffffff000}}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @remote}}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}]}, 0x5c}}, 0x0)

421.677067ms ago: executing program 3 (id=3027):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x894)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="bc8147b2527a8dfe171dab83b9601c50481fbb6f85c9b80df6d50b0ef5edf0e27de545c1147cff2bddb8138065ea504b73adbbfb2258660d4a6ebf6ba3c0e00f1a191fbe521dccd0ab82771d9fbfb9981bf6b1b474f91eb3993bb15e23b4ee452166da3ade6f9abba156ad2977111ba51234d5ac4dc4ebff99648821cc04d7c878e17de7a0a0266a61a805b2a32cb9dbbc702dbead8f2517ec21dbb4cee5c50f3a94fa7997dda6bd52fd89c41f9bc665bce475e4", 0xb4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)

345.173303ms ago: executing program 5 (id=3028):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xf000000)

344.924043ms ago: executing program 3 (id=3029):
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x0)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x7)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000ec0)={'syz0\x00', {0x0, 0x0, 0x0, 0x9}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x8, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x1000, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffd, 0x0, 0xfffffffa, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xe], [0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffffc, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff00, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc045, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x80, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)

344.646201ms ago: executing program 3 (id=3030):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800010000000010000000090200000002000009f6"], 0x30}, 0x1, 0x0, 0x0, 0x10001}, 0x4000000)

261.690533ms ago: executing program 3 (id=3031):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x1, 0x3, 0xfffffffe, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x6, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000020c0), 0x60081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0x9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000280)=0xb3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x10, 0x1a, 0x0, 0x1, [@AF_INET6={0xc, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x2}]}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'bridge_slave_1\x00'}]}, 0x44}}, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x4)

196.713802ms ago: executing program 5 (id=3032):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0e000000040000000400000003"], 0x50)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa88a800008100000086dd6076cd8a002800002001003e0f2186cfd7f0710000000000fe8000000000000000000000000000000004000000000000071800000000040000d604"], 0x0) (async)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x13, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x841, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9, 0x0, 0x0, 0xfffffffe}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7c8}, {}, {}, {0x5, 0x0, 0xd, 0x0}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x5, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix_mp={0x4, 0x500, 0x20363159, 0x0, 0xb, [{}, {0x0, 0xffffffff}, {0x4}, {0x2}, {}, {}, {0xefe}], 0x0, 0x0, 0x0, 0x0, 0x6}})
write$qrtrtun(r3, &(0x7f0000000000)="1ce1f16888c90db3d6b06f44e625af200b530efce6c8fb7eca6346d628ed2434d0e7cc829d2e0258fb7133d7fee97cb84a501daace2fb22829b5426c003ffd001817b00ff629fbf66ee3", 0x4a)

144.894µs ago: executing program 5 (id=3033):
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, 0xfffffffffffffffc)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
ioctl$TCXONC(r0, 0x4b3a, 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
recvmsg$can_j1939(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x2000)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000200)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x1, 0x5e, 0xfffffffffffffffc})
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0xfffffffffffffff9, 0xfffffffffffffffd})
recvmmsg(r4, &(0x7f0000001840)=[{{0x0, 0x0, 0x0}, 0x1ff}], 0x1, 0x40002000, 0x0)
r7 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80000)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000004080)={0x3, &(0x7f0000004040)=[{}, {}, {}]})
sendmmsg$alg(r7, &(0x7f0000003f80)=[{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="575eb8f9c00e3cd7b58d79bbbf1b8b9ca3d853e72bdaa043543cd41233fbca7941db38f62b7e7d6f44856a724c5cbe02587710d338be09b746801ad291490131a6ab078381e211f069205a56deeb9bd5879adbca21fcb8bbd5f3cdfd72a1ecd592170a1930bbae4d4eb7c25469f1a3c471048d8883ae600c598bacacece2765f765b589a66219d9a28cac8c9f802a1cf8c47179a50e5b7883db7b04bcbe89b6b5706b18b224f4180ebcdf11b16653b8f30bf54c9415b700d3e17a88406459d40693f10fa44aaab54562f224958197eacaae9ad7487c131b28e9bc9d8932f0aeee532a571", 0xe4}, {&(0x7f0000000340)="3d3a7cd2536b28bbb308fd6a62519d04e0edbb49da7ffc36fa4780883ec433229bd8bf4bd1c05dadd5e42d521fd76c235e056dd56f02ed54adb1725d3feb4b12067cb0aad953b4a33d30f4bba40bcda4fd2df3133fc9b2eb91a4b3dfa711d103a6f807d239a62aa3d18b48b481047469604a057dc3c8b1119b6a6828f7ae294dfd72aa77e37f8f732646485f71553a2f54b5463a6c5c47f5da433d88dfcc10046e3c408d4e7142b3be1bf0493cbc00f54242b0e19660493e082fe6a85c257f0462e93b4e46cb6815cff29d9d25335a786f7f67cc0de85f110351ffb5d15f6a17cb89f9099c1f9cd1875252a255cb21d88210ebd264df0c58cf74371bf24d99e478555b42108463e66f1324da9a909c7d2b8e1a3ebdf45f35f43db7f83a2ef830c2e1c9e1b8b82aede5fcf022350583838c00104df86f0fdef4db6dda7a21fef7911af9270164a3dfb340322b842747ce044609d28eebfaeb95b8de1ed513de8f1356a770eb28f70dd2627ebdf74bf37e0d41bd9ef313ff0ffb3043427490414b1eeec4c13cdf534eb574bd4f54d24e6ca23a46bdaadf4908b4017f3e8af0d3a973d91fb886c91a4a4e525311c09dd5c84aef57131e977374596a2373cb1fcdf05f629c06c082fc1fc6a30ab1ca58de3ada55b739c0e7b83ea8e6fdb6cee1e2a8c72742bb35fe8b238308df88387fc076715736a6f57e96fc47e2aaec087669bc014cd9b4ca6781dce5168bd26cd70422222f06a60df91fce3d75c5affdead21d69f97f35552330ee65b492803a969e056ed9894ee7fd556a57250dea67dfb0d7d9bb235aa512eebb88de88e1613b52b1862de4d2bb316f91c4e5e6a359cea0850880195d3eb7a7aef39322416f7217bf7cce9f82f0e75ff15552eabd822b6e8f56cd8d8e5e51c0d5f42882631ae1b49f518cc333c32a33010028d1fd3a9fe455e952e41f115f838739a9bd234a5895d0d766ed5f8139b4abee0231fb2292a17cc052c290b9493a44ffa21ea5783f882e3b65df60ce729397892ecc0260f3a5dbac85cc9ab84f5ade84f0466e0b0810365e0d61af177df36667c091bf5449842eb3b2e4851738315517382be6a8086cabfeb12e6f1414a5890cccbfe8f8ecdc670b5d7e4c72760eefc1db13eae35763419dd0c58c1db4353440656963dfa4ad6a8f68e3256d84cfdcbda9c762b688b832e7c58e883ab26abd30c0fa7a2ffb20ca06e16ff4561e17dfa5e9c08134f64ccb1322bfd6519dec9cebaa8b5d6f68a2d9a146af573a1bd545ee46751fc205aefa90671b85fe6e2fb5b06102fd8519d845ba4bb4c5986609e64232535524826de89cf325730b0c4a184017c7923628e7a8267ed7d8877947870d6cbf29471610afbd7ef0b6a3b858367443e49235b98ba71cff261c4022c1480b477d20d4af604715f342777902580ee0032fd05fdfb184107ec6e87832c842b8bad2515d2a11cf1e0ac5031c8aac8abf3aabf60676f9cc0e9bb8eef111346b2c167e8940d626b6bdc3973e332ab5b6d5be91e1ccc5002a68df8bfb8aa9d7b83c1feda2e39f1b1ec2c50ed8a4038016be6795cfd82045b97ec17959efbb8e50d4bc926752341e42fa0c887ded76ec55546a99bd6c0613b5c5925714fa828c52507d2bc5f30e6d10b22b94975590862c6afb30dcff72dc88b6b3c1c097ec2ab89439436438d7ca5f739e1d6ff708f8cecc29d6ad24c4077669b550632ab2ba3eab625837044de86476c501c8c0e76b9cdaf8294254b5a6677d4b0d4f07648e4c5ef6a7ff74e959dd33e033e9477324c171dc44b8bfb9044a9afa1254d6fc8991b79d277929f4af89eafddd48212ddeb644eab6f5e4fea6d221e09a7e4c57cfac2ddde024368ea43531edfc876185a8be9af819de7de5b2d33b8a5d508e8d083aa71b2d9deadcfc5e38c98fa3787e0f3f79cdde42eb67ceced0a64a2611d559974fea4e3ed845cb446bad308e6d94449a1c93a48b532f9b2aa07958faf4fc65ad3168547c14cf47b1858a1f75c82fb6ccb8bae10a6aa079fc789550021b246c43d5315de765b7a4c44d443cfc7202aa5a798fb4726058a2d140e293738d0fe79db88caa0ba370901a98298ca201174ea6e937c0c89fa62689aa261d3be3952c59e24f18eb4703b037ce98d10bbe37193fad61f42c184c2f1428e7a6cc50515a66f4c432693b2da2a03dbf6d1e602115c9a97f2f5da2119dd608c2d665c168b4ec230414fd0cf4ad645012963e37a58d43ef127015ddc135c135570a3caa22ceb3051719ed8ddd2dc7c67e01d752e79be93dd6ec8c7c9c600cdcffb208d641c0c7fa4b1f3b6cfd36ecd995aa67b0bd6018d2fbe054b4d111d9e0239c229fa20071b19a1ce46179e559ed37b88b25a9b33b6cc24a214215fab0911185aa1ea0e7f2eca65dc5aa85bf3bc2876ef5059b3b2baa6b013607aa702385c69d2bb701527e160cf607a67e9b9dddc86081e97a653c0851491611b62555adf03d86248e6a9f2414fdb3d70db7d9b43ebe72cb69c19655132c175e248b66ea905869f8e9f0ae78f1c52c04e3aba2b245569dd449202790ca71572e42a30b568e2398d11b5fc02c02b733ab8a75149b098a964c2c048ee54c4669b3b25c2aaf5d619ea2c5f1ec3a9611e4ff379e68a2684152b0cee33f904ad0d9a79227c8c2d9d3d8d4db795386654f16812c254b0aba47d335b5f705b2b040033a13cf58cd7314f6bf7f6a8df5b21f16e2590743c7dcabfda747609a6aca7899ca134d21e44a8746182ee35a56996034fd3e74327a20b5fe282ddf61bfcae8482c795490e20dad7fca5f338a15f8a9da7cd3efdcd0b6540bbffb9c6e12bb97493642a93b1736c2547e4f2896a45dce5ee65968abe0cc6606b5da5a225a051f6754500a2f6f0540d99738ac97c8b3fa91ce02e9d8ab268ccb6ba243693d2c632585a7b4ec8546b8e4acbbe7d8b33ad514c7be5d3c35e23024af1fc149f8ecca56dad214203ab9456d2b7886e7ddfd388e6c63e92bc2806920d5bc049f4d2ec32a312e4bc64f483592a30a35d704c3b40b064932658730f734f9e9a522d3b6c2f1271f022d0ee01f093be9a11b0ac7ae4cf8e7771f6a63b24c9b4cc3599f65c8fcd8171b3c9ad219551f76fb65b283b80577f7db139fe522d92eb41721314326ddd05e4a50322c288c3fe9f5daacde06554563662d268c745d3d2b770685f64d5eac8eadcf006cd8f4adc06d4d092e9ff8c31b9c9672cfc2e8fd318a9558ee7e1074e00af9bd657685a79dcd47c9b7cacaed138cccb6defa4675d2645703caea023c3f256e9f495244cdbe215a7533330aa4204592b4e5c7a25e11f7ef29fd51e7cbed130a2d726855b21abfe65df59fa26491abc85ef82b10d7ed0edcfb0a1496b3f7cad4bc1be96109c56a7d90135bc70dddd1fd0ca6e509dbc331c5a2751ae24eaa5588f4abc8c94f59aad1248aea6d7c9d339e3698776b3540778768513061ff5412277dcc0154128d38fdf0b14ac7347680bda5dc25c92303b58bb0835c5f979fbf9ded72bef6b5a7089d868059a809f5aa540b79005d4137efa88aede2406815bb33a13a8333dda7b86cb9a40c2fb8b3d175acab69803b0d5ad71881c8690b113c80e1f916da16e08ce12eb9237c4ee813841973649fb387fe8c12b200f74341a46fd9635ec5a5a85d7a4faca466d62b1bf625f4541140692d33160c7d6a4d4d5b5cc9773945f287a79c4cf85c38413498f3d693791d2f0d3d19eb7d5cf4f36ec11bce9fd2c3498385d78ff69be3999cd075fb49e755044d2ea8aaf438e06fc2c95644c58a92c5c39ce500788ae1a0abe78a6a25cf78e811a2a2bdefe0c43f90bd6e577b06a2e3bc285584a0e09dc5e980d5a8e7ecd711172c862bb3db7bf67f3dd006da6ec8d459dbb94e648e63a8ca0547cde5a6b7df5ac9db54497281c70b23b8352a833c46e353f96f393adb28e035269753861f80a00158d281a1e447d3ef6b48c60089f637730d5ad1874061e625dc6603d3448f2d01bd255596f3db993945b041ffa489a861ab6b1807455baa6ecafc4ec19cf01dafe3709c0b50f483fb1c62fde802d1adb63662b5054185e9e4ce2b8b5f36777c1c008bca08d0184b2d56594d1821bbfc5506d0b64749087f3a78fac9e64795aeda88a17af8d822bf0b6fbf4d8db41426a8a4dbdefedd01b4547e3b0b68e9a4bdb3c6e3525f56ceb4b514fcd37a8292a8f700975d914555eb591c66838cdd90f198235f993793958fbe3cf19249f69c7b94bd99867be959c87d4976ece44a8c061e7e2f6846dd0dfd53f9f296aef611892bee653eb6ee1efba95951ac95b97cbe6abb4aa09b3a303b07b2f299a899acb99ef1091d49d55bc89194476d90248dacc22390b6301fdf2184124f24f988eb97cb883e7ffe9fe985ee44bfb09f41dc7851ec994e59705b17de10047f829f44a98968887dccc303c5f9a8c7cc7e24102c84cfb82b1f1152c26ac5c841667517035e4bb9ae4756b82ccf46c9bdeccba8ba8967b8d0ae8b8bacef14db588e8cf0f3282a3445e0ce043eb53064145fcd1d425abeb159484b2b5d101df675515a704c5affbe408aa18a67a88ca876f1a990cfc1e37df45284b3170727bc3946d66115c9281afb7cd0306505b985d8e74e44cb233fb1d267eaab221fc10e017ea90d28ec1ef6ba4ae688f588be1ec20f9707b32ce9dd4602f67fdc6901d5574f7875a514ef5c2a3d6023b011b09ade71b9b0d93fc9a5e59840559898976eb635647e696511871f19d9e9e56852f8f6dcd9e3b5731fd1b000c6ab0c3e236e42ece6252f71c125d4298150903d75638b9e024045025ce92a621497f231416ec856755b8339dfa03f6b80f7779fd0c99c86f5a319c183a150a222eff1728088c96275740a66f580c0160a35fa76eb639df57fa99fd799c74095d552ff5a182e4c16317bd479bc74b69bce350f2c3ca956abc8d68c4de5cac610a3edb7be01dac197aca6e5d6929ac43d5a04ee8f01f0a281dc843b9d6aa212d39f8f3cd5c407128dfc74ec70ff1db0af699f00a15acd76ea2367c0eecf715611189b3e0a84919845a23ffeb3c3476f8b58e1d8f8cf846234df6a0dc9738894bed2f0e1ec0242e3d50d344596d94f21cef208d2e20f835200c26b9ce79579cefc27d73cde5be8a6eced630fa4d85d879f1fc1556590d004fb69a48feabc61c10e59bd5843300f0b254bbcde370c793300bddc298779aefeede4211ea7ca95d05e4aa17c8aeef5c324728d6ea1ff029fef8ba8dd363231280a3eeec6f6ff44d9307222130a7a6be53d392933085f169404989b4ba722e5ad71265e00a331e793c8ed919fd5f47d0fcbc2cc35d80694111cc9d0bcfe87bfc78c4066304c8e63484fc906f4036b5a7e2f71cfad66d2af83e1d7dd456c39d867e0ab3ecfab225966fcdac6af1e97cf1ed15b6fc2c0ac0ffbf89b8043cbb2fb8242d57101e130b79af43f6fe9ffb409ca3995f53336e36e0464ee38f59b71db2a3119d9588448abb70c7a152793f11102fc0eea57bbde4fc3b4851c5ffafd1df73df3a08ff9821e607e1efb2a563be71f7c710fb87f47e69f213209ce08dd0e80c4d524fca7ddf11273555675c0f52fe4636b4d872f2ee9afaa482f0ace82e5d19d0827008d72af03659b97e601a4751e0e306d5f871cd46d5b810260896e060ae87e7f2b8ff18978a89b8bcd8c15ea3b22ccaa97df43715214c06530709e9004056fdb8eb8795636340cbb423d8751223c014acd26cd4f7a5385c47ce0660850fed811a6462e13455833d7385d9b", 0x1000}, {&(0x7f0000000140)="5b7fb78b20d8f43432eaf3ecc7ed7be7a8e8bca88b72209fe5533e45a574922fe9bb48937bf5f5f4f92dfeeaef578aa6bed1939ed8f642a3f42a0ebaa2846826a6064a58a2f95b20ab7ab6826068fc2564cfd9272c3460dc50c427e48c9663997df2545341f1aab960f6f4fada9e1cffe77fd82c07dba5721214f6d04ac0e48ef91bbbd5f7ffc0047c273985444830a6ce08341ca9fce6d6", 0x98}, {&(0x7f0000000000)="66b628d1be0017ccd9ebfa4e2326", 0xe}], 0x4, &(0x7f0000001340)=[@iv={0x88, 0x117, 0x2, 0x70, "88b3c0581ce9dde3c718d9459099792b55a55cb7370824893685c512463b14d71f44ea51617514d09db63cf01f6562b57692dd7d8dbb1846c2dceaf1746eaf5c602bc741cc6aa680ec7599cef74b4c4689270b19065dc317def47e7e5a4248f716f65b23e973b3a1e2c5d2bfe769d6b9"}, @assoc={0x18, 0x117, 0x4, 0x8}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @op={0x18}], 0xe8, 0xc000}, {0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001440)="b16cb108f536e75b984e527f39579526908637282cfc5c938fd9df0ed8380b7ed3850adbe5e92849f5a803a5d7b1f41bb5bc9b0c4094ab08b068ab74f2fd6851a00481af0b3a19a4bb2a9647453e9125c3126c6cb16bf3e1800c84ae66c55f90104ef84c786c1e5046395ef125e2976b3f9f0389ff", 0x75}], 0x1, &(0x7f00000014c0)=ANY=[@ANYBLOB="b80000000000000017010000020000009e000000193e017aa10495291b98df8cfa8508761f77436ccc1a804b24bf18cdc136ffbd9e936bef3dbe7ee159c3eb96e98dbd8cce8b4f5da1d70101eed5223cfe5635c409529b0b8fd66bb36ac10b94457e6bc4c18e3a675ac6c86148f6425e786ddb291a42953a1a73d19ca5b1dfda1727a9021d633fd5267117ca8377cd9772956c5e0d1cb2677893b40bf0b99833ce83a2bf931d01d245a63d2820da4700000000000018000000000000001701000003000000020000000000000008010000000000001701000002000000f300000053124f7a00cfde172734e4ff8d4b968388b98db2ddaf35beb9c353ec149b9903b2aa42fdddd0b6b5d0261c92926caa0e6b4df047cd4902301ac60ca2e748e4b7b4e3513fa205d863124b21d77af00d617098467ba8fb112ac7b72ce383a8371c3577fc94e9201406c67fca51a6c6454ba1e9c37d31fb419ddc27c19bd6f500d56a6d57ea8ce1a4d1573a013e5a15714c26a7393b849e19da3466bbb629acda21c189a430190cf1787c0846a81d9eb0af12f0af7b2a647e9d3816a8c12de46e0697d051526036ad8696264e897387d4ca5e30aa7ba65e8d63516e19e4b91f946a2722102a9071a88a6f14db7cc59a991bb70674001800000000000000170100000300"/496], 0x1f0, 0x4000}, {0x0, 0x0, &(0x7f0000002d80)=[{&(0x7f00000016c0)="dcfb2b0913c0bfcacc48917a538589c102bbed07e98af7316f5601565d5128010eb51e5b4bf313b7124e1f799ccbea02d09ef1841974c9a695bff4a51b7b1f54628a39ee2c258c2e2258bb4ec7af2ce528162c3353bb3ca61ada2f62a1d6801089bc3af8ab9f243ab8c2f0161196e5586b0eb4552f2f9def221de8ac6f029b5590e5b865a362f900f5189098ae643cacdd8bc6aac23a9a6f00bc5705d5f42b267c2556b2bfc9f899ebfe857e661f600b7cc9923bd43b43313fa7ab1bdec1eb820172870e0fd0428f70722d0fdb4700555f1abc", 0xd3}, {&(0x7f00000017c0)="a74d63868e6d6f197d29e60633b2e69643db6a95045959e7895b27561e603b4e47d1fa3c3f3a1f111f275e543b2f7f8a25e6e8937d78044c5162371cd0517b2b8a424199e0030fc0e497deb523669b9d95e7eb0889cfdaff11bc1e0f876401891b349259ae5b4703ad2b539fbaeadce0861a416ef54218593d13a875d9", 0x7d}, {&(0x7f0000001880)="04a455563dbadb1245b06de2a4df1102f1fb60dd2e1b773d6f84c233ff37d57c56da0adfdf83a97e40f3c3b8fffc227931cd0ae82a8a93b8e652097337f808a93b5c13403a67139f719e1d75d24153be4cc537b7e83b887d2c475cf322ea9ce0ddff5f6bc9d6242d65abad658c0f6dd07ce00e676847f1d4c1c0ec6ec9719bf17514e7aa2f6c6af0b84c7c0753f75520978281c94244961bf49eea70ab63ccf387bc5872dcac77f898386d17059a8b9fcde40910e40068038025bf2ea58e90b538ab7d0ee106ec8c211cc167c64cf8dab9ee94b0b2c4bc2f544fbe01c54df70c462057ffe3059574982c7324840d4a8a8c1515540ae551541e6b2c69", 0xfc}, {&(0x7f0000001980)="1d173abda24c98915d2d190fd37eec74aec6d0ece7d0904065d4476c5bea8d690834605261338b6ca03e7e39e18f4a2be933682829587b4f93801192b43d1970ec1fc68dff8e4506b30d49dc4362631e95d75db5ce8f011740859ab54aa925fd8f6566a0661a8911088db50496ecce8ac11a96", 0x73}, {&(0x7f0000001a00)="da6c0a86d0ba61bbbc3e0bbf9ffef613d84a8c2952a6a5d46dd494f16b2d7743ded0a79d95d842b11632f090973ed8ce1738c24270c441236b2cc58d73baddf043ccd70314020053dad5ced00d8cb52cc3c153858198463db55ed345a81daa1dbd4eece181367d3847c9a0271c75231d22dd3a583a56f2b3ace43ae8b0b65b593ded", 0x82}, {&(0x7f0000001ac0)="829185bf5c915b8652548f2af7707b7cc067982bfe9804ffcd3a1b50e4e3c06435e025fa18fff1076accebe05025fcb2fc8fc2852bfff01f69db310e8a7d5c5c8ec14590d3461ec6c2d785a07efcbed4b14c9f19faf70660358342a79e43c7b5beb6f7516022392db4f2896a145cf0f27d5a29ba28ee8bc544ce8191c6818c50e903cec24ae19b2476a2d42b59adfd4989ba5ede3570d8c9872981a79130df33c6dd9edc160ff105ab68df577d4245bb0baa8404d57fb5c74f2614579565099e", 0xc0}, {&(0x7f0000001b80)="bf4b0ac5eddf83b415703182b07a8e10c1aa51afdf74f5fd1d98821472f062b8d8a6d4e72c534d1788ae06395d888a758e686022a8e6b767b43ed1d943ab015580a06bf641239208d03585583cd7882c105e297665973654f82d77963aab65f529e03643820daf4107dc05ff81cbfb2c1dd4d1ee86b71d90a810a474bbb3c2dcb992711f471f4ce1c68223aacf8013cf901b605c331acdbdd6f49d68eb3d5cc012371131c403811bd404cc5dd6893da36cff26f325148583c9d0e8a45c4e67e793c25c4fdd277859ee3204ffc632794efaab7d4ac44ece1d23bfdabf90fec6d3cfca553766c9166e885a9e7abc762841bc72ee6da6d33a69f69702dcfb05b4d082943ae6552d69b0255f231b0e3550b4b68065a1883d615e201ff6023c12364b4fcc6af0aed588ce47aac1d4ba18c4cf8c6d973f15a4972be72f4c9c11a03aa0a87ef9f86081b5cfa07680429d84ce6c82462ddfb11e14d6d5a8389a5a3d2b6201df2f36031ac3fa164cb3f92e81e81a54fc26df612d2b6c8ff4be8636ff0443f6bdfbee63a9d53f6ee268dfcaad676fc1f47a22d6a37989cfe551e32c6105d22b2276e7ae87aaf7b446701a2852d687bfaa3c11ffff1ed1ffb7c53093b7ae37bb6cf12d5df20066d4eecc9aa1eb10ec1393b27cb8b95886e46c8e618e87780a2141ca430c9cd36e9c207eaf70dd9ee0cdc6d1b56ce90bbd0dcb215338726e79a1dfab1b22995da57e5387f559552e6ef97020002a24affb77a7ec7304110412fe981c89172a128db7ce1d408bf6701480bfa53478d7572f5f7889f59b97b7a1e69c5f9deb7d83eea92a7507a8bc243f762734c04787950c6505801fa683b08eb78d0b1abe34d22947062ae815e94ded0d538e0eabf818e192996026e99039c1c028e45333af44b31b962d1c0fc07492ac57dfa4d41b10897e40bbab8acc03e80f2cebbb4568ab4abe553e8ebbb48e16315598db7ee5dca2252bdcaac58d470068f6eebe1eae4026ae05b747fc8fe4cb0c8d5a77e57a83a8767963884e63c8ca7e85b3fa9c049a1f0807165ee1a1570825829dfd5ed959a963398869eccc9db018def795b8ed04dfc2da29f8dd7616da78c7d2d130a81c267566f7e443c13dc23155c0fd27a27d9e2d7ca7b3a67e5ffebe7ce2e0d8e647354c928dad3f52ca3fded5f60bfd8f46df89fdf2456bc3d87413d40a057026e67985ac06700c5c8ca6d3b10e89eeb038bb6c88208e55f637670e1c2e94582092f3493e0967fa4b349cb977443ce433c65f8c546e1a3fae60c62e5868f9f7cadb2ce367333ebc49611c11a54f40268aebb1fffe8358305838852e3c0c9cda5a3f80f2f6ef98cbe7178ff5618c9cf642dff2eed8240b2caea89cfd8fd550ec4a1bd01a6d8ced4600d3da89087bbe20bab9f18bdf582e35b5d289bef9a7899d158e69045aea43c0e774832a9b694c8509d10df0d353b1bbc3545d5a55f0f694d6bf0497870abcaf8badd14769f52fc3300ef115420199d054ad5055e3d278b68028610abcdd353a1e88813f89bfee7cab55e456ca41fe8bdd339705b08b62f4084c54abab512bb8d93c7a53bff02d9fcdcc64cd0da160c53acb8617f3b138ad9eacb06359fc25a0590936ff2ba645be6aad4ac2677e945e6a60b55b5eabbd133c6326d8164909b2f65047628df554767bb88456586edbfbe188d844456696c8bc9750b77f1e29dce0e7ef123a57cbd1ad8386871cdf058119d425e3836f37940e24718b4eff0e9b666f69c5e1e208ff31fe366747899baebb937f3169ad4fda31433732468be3fa399de2b6aab4edf1495f4cbe43e9a6f84efea5d8c377e83161abf639cd7e193f03c3bc5348140ea5d5fc6e094ecf064b9357ba5ea1e1daa946d8846a79cb4ffd991e2cd508de6e7d519f3169211abfd79226ad04dd861ec8d555b81ddf342ecb298d4c76fd464450f9e80f2ed4a32ea1ceb4b541259020d5bcf442cbc4f2e52102fdfcdcd8f1d9db2b3cd92c0a0ca2a3ff58c8b2e10b7e2c06a0f9dc5015bee728aa3f8b516aa94c591bed24cb5cb4cc8b6a641b6d93667a5df53e315dc87b3888885c8952cf5447007803d8d80e73201447f50c41ceb0eb64a1cdc49084da51b6b58d9c28c0546b5b6eb1c6fa693ebcfc2c9ec22ddbdad3da5de19d9a8645e410d8a42581a9d3dac5e24336b59fbb3b32bfcb1ec3468f4731ca5243aedbb58d0fdef306655f6d2b10549acf5ed8abc7e7a0c14b28980059c0a517db953c15071f6ee0c2da60019463386363c2a70104d023dd257d917c840cbba48c5464daa74b1550496d290b2799e3468c7190eff11f86e8a166f4da1a0ffd7f97389153ba4fa0fb1f36555351e3ad0a84cc5dc239cf5352e0ae51a85a048d47950a4047c02c81985172d0872a81eaf6c41d4ea09c1bbfafef16b45eb299adc79876f7148e0905bd230c9a323446c2c24bd2bd8db6030ea04f3a8b7df3f3b0db5cd4feaecd2a4a4721b2868d1b99ae63344325e245b16b10ec48e5d390ce8247c70f031b350c438f2cb78151558b5fb3390c7681266ce81cea8b18718f71169ac354df7c9c2222d106768e183ccbb7526f23b45dce6135c177769df47c4f82e0e8ce6c7411375165a22e31983157f60d5e6430ebd19a9e9f496f2a3a32d89b6baaeea5a13aa1b2d987da6b83c5e4597ae775fa5c28a5f0ee14c0555a6dd3901c130a8acff3b5dcd931b57599b0177e06cd663fdde6110aff9d0011ff9a2a681783501b5a5b58fb295abe1dcef9f935f669b0c917d9e6d98575d890995d803a08d5f84b19c92a6736ad355b05579aa8dc9c3ca598e243be47e3b32d6fef29888d873eb8df90b300ea78411466a830cddde56977a1ae25f2fc282c31b393bb938bb449010d0aeff0f76256f2312dacbba61223c3cfa79f705ffcc01efcae4aca90110187af09afc8716fbae05f720874ef72d1c8ff90e3182e12d4267a7cde987be3f3fe061483efd1ea37ca0850eb0148da520d29713dd613937d0804728e3894a8e5aa15fba93fc421f3430400151bd1214aaae1d4f96dd09dce69b3b490369c28c32a876c0799f753732e806bc26d5f7aecb552b794762802cab5ce5a562e599c0a7b46fc55f2cdd9fe01a662d38eccda2b51202b7e3621a7ec3ba1dbb49dc14ace8a7062ee3722f39ee4b83340c6c67966e83d384f12089ca110751555193f142d8f5fe8833edd7d39077e539c330d59e400f2afe305e098c9e96e6a367762e725b037cd2fbd446ff9b45b347db257a802e99d28ca9fe00e17b5a4cadb73541c093752d8ac5d946b97f35243710d1663ce8f3db2174f18acfa37d45323e3d1c4707f9529da2b39e0996141132a42cdbe09d543b78094db1acf0b5bd7d232c858de6e4236b4cc02cb15cf5e90d24271a11e66d181e4c6294f3964d37516b0df2600c64604f6cb73472be7a67f6be3a5c0dd20f9e9a1c8106df068abd0eea3562ee761c78908f919563462e72551638dbecdf54ce19bf43b3c0338347efd3e38bb80cd8bc1dd58befb126f0186342e8537452bb31653dc4be348f9518bc35ddad10336dcf3152944bd113bc08d935ce7a5530b7671f282dcde8f38a2a8bbb4b75d753f5b4aaa0d609fb697e368a02ce112b03c891ea7b5331cff9212dc6e868850f41bb2c88f004c16691c0d3e73b71091c1a21a9597f341489806e27bccfe94541bae1ff0b302c75ac161e0042000c83b3b122ebb1cd75466124cf5fda6b5f616c016e033a877f7320d013907937844eb1bad15e1a714c9c2e9117ea95a62537228cd70804a5635e43098d7dbea0622b0efff572a1d25de486da5638517e7c699bee3357cd873b24838f9b896d1377ea83b10d2045f1c8c965f39d5765ee50b7268e2f1f6205f162e8007394a9acf5f836561a1842faef58d65c62491bcd0574861cd98baaf4a30bf12c96514f822d8c78755ed70693d2b0e73e09516bcecf8f1219a07cb63c05bdae0359b7536878ee2ae956ada81ccb44cda577397066277af9d219f7856caa8d100b8c553a335ffee38315402db989ded26df316258b2cc3d20208b9dd474717a50175a7eafda5879540d5e03f6949a904330cc167c83e7eeeb72e05e7960464d1a6d8173b0fe5ef8005e3faad289850ee8b1cb157be8944e236e86c13f3b8060b53c54efb670c52202668088cf6303301b04ebfabebcca923084293255570577aaafb98dc7e4a5d06e029bb511b48e825494d18ac89a8f5c167d4687d162e7a166bdc9a7b8cf8629d93964d5bc4aaf4f93537c50fa79f66049ab66984fa3f520740c459075629135695bb63983c0b82127bd9a53b74e50c0284edff669839460715a06e6794aabc6e76e7ba3c09ffc5e1314b398b46f420eaf3a5748323fc7c7bcdcdea7c68b99bdda5038f255a1aef1cb524388b07e0603251425692b1f55ae29e76dc4be3f58204997927e1fb05200b3f2bf16326638cdb9b05808105633502826986c435d96982b75918713ac7d46df2d4aeff9384e5314b226cfab1e9fef2af5f03fcd8b7956f03e031db58083186797b721ee4ac4e0d12156338a96bdc491fc080cfb87f706a55e404509a9be17c4a0ac6043bdfb65e64f35432c08e69c838d9b65020d85ab092c5fed9b9a24d0b3e467240a0c42aff749b9af2bf12edfe86b2f67561d2ae55fa1d584bd2dec62c6d7915d773cfb4f189ed78fad3608f11ae0546c8b35f78cd0fa533f12f619f39947d064cc84bd13a9d8649c02d6cd7d664c5f4e6814f2a87050be87f627cd2d8de06e9a771ed4fb8a720be73c8561c0ba30673cab89458d5912858ea7572ec98ebffe2ab1b73179bb5163f53e7b8b32364e68f59dc148e663238ad9d5c5a20ea89bbe9ecfba0c33bacaede752bc7d7efea580ed24f827878568b50167480cc5ce5c5749f199c99a767cdbd79226fbd32fc11666fb46c319ee2f254cc8252700f45d12848fe376e27985bcb9a650f6d98546135c5ea2b6fbc326fa07cdb216ce4e4fa2174d975ba9198fed9e291bfada0c07d31d95cf2e441578d288122e214ae4d466ed2321b05b6a89d32bdbc2a597127f6558421c0c6a52b453e9433cb85c85ec6a1c061a920d09178224a1f99880b163ee893453ae964c0ead21e6b22661d1e39c5ac75e743c53d6e80e2aeb484139d270e3fd09543d5641ac8ea7f5a6897e55831f8afc496ddc3809ee113bb8a02394a678745c7e18e736f424943bda9e47eae71d65e0cff821ba6cbd199c8c5feb8742852a6978e784f2bc428900ad49d0422e306b2bfc4c9caad2e121bdf735ad3c21168949ba123208fafb88e427aec6efd749cd33147cc9463835a3fb764f278dca55e2267ca1580a0dd0652397d606d0360c95adf5caaeeaf5a5256ca241c43e8e6fa3c7ed4ce71dada31eac346172c429c1685ab000666cac5c1fd0f3b346ede061751b2755baaaceddd499da6a37bedfa9163d82f3b987f880f12ad83bea21516c298cc59b3a68041dbec6ca4b641988f9957703a6e006bdd91315910ecd004af277f243d4dd295aa63c174e0f19cb2fe71ff8596ddb2ed15ac4b0e6c169d2c20e55818819682f771ce52b2f51e7f3f972fd317027f04cd2f7fb62b840eaa7384f3157893f48df4162e4e7ca193f5922baa4fe64035990daf9c8eac16879387edabab1b9555f213979384f8786f4ab66d2cebac3756395fe397713175dfd2fe5750a151a77a053200dfa460a1febe62c9a10ee59366b45f15f8ce3a1967c86bd5b05bd347b3364eb5ded3232719d1c887f096c6164c8c3f43fc91a80", 0x1000}, {&(0x7f0000002b80)="2b24082b739f2f8bb9748146d1e81058727044ebfea1da7663742dcb7360b04b1b3e4ccc394619b38ec53308f9268a8d389f048435df2b28062d39b9a0d75337361dc9c4bb181eb28ed008345f76e233ee6e14274dad5db0553668e1ae608e7e2471042b63ab212f1715967d0d6baed3eec829e78f9231eb5319157dabe1b5d67c2dc6abc8bc369e6d", 0x89}, {&(0x7f0000002c40)="c48923870100aea694dd1631ee6c4d2d2803ebb03c1fc3f83cbb44061e81ee6f74", 0x21}, {&(0x7f0000002c80)="5709d7031f958e69104bb5f0efaa1a9b23da2f4cd2aaab58b9927451b25f47e44c4a56da0d3b320c103aaa87a5f6a62d6b560389d5de2928887b5f392c72d8aab72986020ad12506450d1be567dfadbe3311c9c37f936dc3be7d24f0c94753fad3f8571da83de668c15c70f796f875dbae5496c08c56ace747c898c5a27930e658b1eb4297e7310f58b431d549bd6519fddb66f1d11dfcd9cb25da6e1b139b7cf99e7779c42284cb0faea1fce8a563c29463893c7c07572c8e29d0434ce61f6e283aaf871e1c3219b0093f6fb9f78cff401855ef83c9fa360812dfe0c810fa3dcf12a4c952a9c3f37880ce3b2f918a6e7a79f2f17b710671d72a849c3c", 0xfd}], 0xa, &(0x7f0000002e40)=[@iv={0x30, 0x117, 0x2, 0x18, "1c6518ea1660e332d431de11800bac8a601d87c50685f577"}, @iv={0x1018, 0x117, 0x2, 0x1000, "9e140d200ca074c3f77e4fb4f52d919d077f347ea2df1a561b746ef52174a0e54fc8e80f55688c2f6e0322516620a2a5aa568571da3f5869f25e807e5da26b5c8a139101cb8c39e2286bfc36913c4ec6763970dd0d719549910675bca27b1682dfa175bf42f0f7f89b9e46d3ac395b1effee415e6e20bdca4b1d6c46e66347e6d9ed980648c75699e0f118953f5bd23e9cc6a002caeb19f4ad3e3f90f572e4f9fdd633d94f87dd577ebba0bcf543a4fc313aac7407e8ce38d0c0dee31139964484c49e459d8bceaff2016342cc80b71b48315a98d660e2715b51c481b52db111c478dc8ea1409fd8225ba7400b32fccbc0f38d9d877bc88647022bf7613f3fdfb1004835931af24e73191f9b7322c6f7ad1b41d4ccd55daa616537f8d6b9b7b5240880e22536bc308809e1bc234a788c958be7ab079223d1358d8510c1da6060a2015f5c75f9d5e6d203a9356f4c4c86f7aeeec14e9e37e43be2fe7187439b95aac383c6b81badc755a24120434871bdaf4af8784818ce20212419a60dd8ac33c9b717c86078f1e2d1912a882b4e42f4a50cfe62cac75bc35d9f6e3c8508a226396fbef71f7328ff5c6e9aaf888c6b59d4ac2ac99adbdd893ec583388197bdd5e389ec98b69fd0ff47297510b95bf7fb5d81a005366ea8ca88bd263eb0e793529741d0d2129b82673c6a00657d9ed215d459dc66ca1d47f704b085788457181b3ae92e3c24a698faa0f80b6b661a36ccdff2199e2416e4ed847c2cff7b3b33c1347d2de69e1e7e209edae60633054a41239e8272d4a0a8c3a160336558608c47a82ee700c86daa0de79571b7e5f2b872e0aeadeabc92819bed57f9201bb124eb9a05cefa61c3612e638a97f39e19e1a215de4126a5d272c83cc4986394e32dc085985a4ee1d4473d2443757fc7af7e568a4e28f108b8e2e341510f872a97abcd08370ecaee03aa842f59d5ff78d4ce195fa94dcc69b4bcb906d22b3d2a9f0e4afb4a6c6db991d4792785992f72dcb5bdc325e75ab8736a1c1cb4705b730042d0e9f688e8cc8c0889bba052669a82262f1938439bbe2b8f30a57bfbf6d86297d0eb07322beea875c5b2a56c7abc29544956e75d3525f2de68bb7edc1da4fd5ebb907d37b62af2c5d6eee8bef87f33577bf28f1504468090d972635b9b33e5170eba002c23b27379cb1f49a13f97552b4d3a35cb6e7b90f3f210128cd2f724d26a7229e44105afe1f4b40df36c43e1a9d206dbda9bcfbf6dc3939b836dac55ce05ab95c0675c6102fbd21d81bbad0c6fc34c6c4362e004a67ccba953375927102158eaab9eeade9fb5e7eb867ed4771da27bf6f85d6825e8e5662dcb5d43146979dce37005e8167c115c47f26e869b5cbe95f4c3b48588b2f59e402ba7081e107f74daee47d3a9563bad463c9ba9b6f5e7dde85852af275065282addd86f3ca9609fd730630ee72bec9f402b838243bc6b7c16d1cd07cb31b38b36deee1279fe38d3427f13d4f5f22591308e95789bf9bc3c31826e25d2bd4e9415276ee01285efbcc362289fc8e7cc4472c9d93906faec679666f741fa6b7d7ca4c12697b07065366872ef14148b93ea1b7ef3ed2ef1b15d8cc70858e99c6670e00c6ea776a3de4f34c178ba4edf0c9d79a1b672f797f1a42e0894070524a45b0582d91b395317f1336d0ccf8a128d123c6138291299f0d006d467316b798c0de00ca130f862b7a84af15a20c9544b6ffe21697624b77e581d0915d75adfb8d6f4aa8651b35ce156ef43a489cdc5d63913c0f25786759ace9cccf600b58d988cbcce67325583fd1fecb3475559ac7fbffe2956ac3e55080aeca49917caa131beca7d5522908eb7b6e8838a5edc455938256650cac836c15dba9d38873f120eda018c0296bb6ce2b2c4194ffb2d5c79eee67cc1f106429f27005e20542ef88c484069a13bd1d6e6f39ac2549fb6bf1e23e91f7e4fecfac74d939e98e2f37c4612c63922f04ce9812f9542f1fb1dc08b4f2ed98ba1fff2966e653808f84a27516ff915d59c8a0551f1d152ba0880d043edfc451a2e47878e4dbca2e89dc37d22a09e0f585dfb7c0c19b447d91712602e9a004c5083d9ca699283e5c1198d8ce8e7f36bcdbf442a631419856677da55b1d657af5893c176a84e9a5123a92f4a91808d4a191a67a8cd85793ab6d49f6a7484133aa2de50f8fff317491b6c3e3f12ad8a5b6d6b16b831eb7af28cb093dcfd79b03803f17f4f23ac799d091311d1e39a64cc6f6fdb47aa9c4b0270e1de7abf55169d36b88ba24acb0a17c9774c9384a4ccbeecfe9a67e17658636d077f1a97cc73c3ebe5f73c53fcc467c920d16a4b5501d731f74d24cd0acca7738ed5180e77a15cb2bee90826b3b20367c4b96b54a1779db99d27eeae59d08dd7d0df166cc438d24fdb96766de858c893b574fe4de8af22ddcb9fadbdf6c0acb7fc2956673e1e92fd864eadd998e1bc9fc3b379d00fa66ff4c727b8199e54fb9f0ff9992a6289aadec45636ce911cae8c6b9c7eb1b75831cb92e7d968dbbba620aebbbd5dcde1c5742cb35778d459e16b224e2c775590b56a9b4107a049e57269e5c18aaf10cef4d1912394104ff490cae6904cb3f1233789b74d60a512ef1d27d7d8e70bf75a5623f6e5761547684202266f76067b237dd08b3b89c2377e526d2223cb5383cd236b2a53a371ce1af27b37a8b0d8614ac8e67c74aff33b7f4fc6a5662ba370bc52a2f92d0f8288a7042fb2a0e4f31003a3f26d2bccbaebcc01ff9520335a3a1e388fc0dfc716afb8f1e206c96b5fac2dda0e20b17d6a08abac684a75922236082d72c9c567fa5194588faa796f692e784182496fd0dc6fdbd2b8bd833fc9ffe83111f3b9bd267fd65cf4ea374b0923785e4668caa8289fe4d7b60d3ce06caefc736012197527247da444e32bde5dfcdd3a2370a9bf702c1b33f87e837cc678a1e1394465ab9a242fa68cf772a971a27c9cb316bb86a829d45a07a43c41220aa17cca4b2ef5af3f6312c756216967984274708a9eb3fb8e821f17a290e4fb1ab6c65c20833b7dd98099bfab623679dedf3b8e81e2858eebc0a6a20f14a629899a4dba65cb975b6cd98962d87749c6073c2bc27e41d8abce8a18e60d2c5f3909ad395b7e107697c50295794b29a5d727f90a362a27c13d6e1325f961206138d27019c0055d05792f7075cd3ab4c0e8230e3924bfee9371c7f908e664c387e60b8a2a006c5196848e7242977129d7e1409ca1cf38e26817f60cae2dd301a30f42f5c73adddf38918068778c2b0c89c81bd1d93e00bfd66ce7d034a16d3a921d7b8edac1721d835852e9bbf6abf8538b6de795a860fc7f49ee1fcfb685919c0bfa4c5a600a4c8a18c5d861c6a323edf87b3c6c0eb22596d16ae684c182137e37495eb7a024e217875470ee4165cf08398ccf21619e272485624cea7f8035114747d3b0ccb116f3d5837b8a8d325cc7974dc0240507c671aa4b8a00603bbf8341215d6022a7f4571f13108c3e568433db5d877ec49707d2ad16176fb89d177d29a54a64358acd988f58608e5ca212f9c3829b579534b55041f97e371b33665730a476b13352ce701b19cb28ba8648b697eaae7d972b380b81509072d8b8a48412ff782c61af00f817cfe7eeb4f73f60503d1c03e8ec5a49413c2cd1c201be2ec0d04943a30467ba28013f5fdf1adda4c195bd10243043faf23325a2797aebc152739ef889621d22fe1f4b13b9edd19abf845992c32bb2742afc9c8e6e02838f9bf5ef9c7e27274cbb4f0e2b68ec61717a158382274ae45343a388686dc4e19580db6d0866c749c248b409d8e2f12aa7b3c4e386c78838be1ca9de832fc9747ed238c98b6f33fd75b00e5e515781a5271b8495ceebc05befe6a232272fcf3b7f4d9223e49f47d384ac2eb0d61b1ad4905c08e0d8e5170f5c844fff039e71483c835dd055bd61cb11bd1a82e10f927d2c5f6dd0382f752b793ea631b236e7e681c045230afca7a2d0d183e60abe025e7bab0c09af5689703d672af4e150d5587832c057dc0946f1d378b1b1f90c77c2a652ce0a6d029197d881210925c4a2a2c4af4bbfbd7c75c7c7886476bc14a252cc01ef156e316bca34190bcd79e7bb90e1dcb54b936fa26443f4937428ba7b8c4cab6ccf2d9c3efd93338c84af98a27f7eec09f044f445cd3ca52d5e7f1465186d0368701668624792b06784bf5e738d36a2ff1e449114135083f40ba42652b76cfa0ea4d73d94cacee096921fd46a00dd71793b36f2cdd8e2445690748dfed8740b1cb48582c66b58e7f8182f57512b1bd82fb9ad8afb0ae4e000da8d36fa38df894481d55d83d2755c481ae21dcf15be4dbccef2e023cc4a8d4f326f08ba1ac1df48c4e7a2037a4fe6e8f39fa7d5808720f6703e3924210096c7b9518362cf1bfacd17ed10bf9732ccf7e8cc2d72cff34bc87f3dc0d101b3f14d49c3ac0c583aae5dc856e9b581481819d74f75b82664cb7a1c771d3164e20301fa8270261be11ef9b9347fc9eba57f2164372978a94c1cf4af723104f9259472eb63ca76464013aa1a1475383fbf6fcad0d8f9ff276be1a260fa78868546b2fc7b3eac2f0e4dbafb92e27043883d4d208379a7aae15362e9ab23ff65e1851eeec2fa0c35db7bf3f4fb6380d6211c85ccbefd396e94594f79251a4ccb88b30df0d1fb2081f8dfdfbbb68035c2ba278ebf830957aa780a1853cff1095bf98383bb9a7264c3f63143e38bb9b33b13b2edbf77613f433a6854032c632f7588267d96bf0fba7b66dc8f01cf56564981a65096cb57c2cb9f5279cb23d54edcd0544c4ed9f85faa9e2e601b01afb3eb4b405923ff7faa928e187fd168c4fe8b8552cbff239551d334d271d52972008e6fcb0cf8e24b57c89f4da175d5c27a709d6456311b71aeec1ffb1b2762b204c9dc7a479d98b0056c3af68cd268978a3c00c824e587e47a4bcc285bf610916543ba9e527f7562f93d10ea02068f0184d4877dd0c2483ef533f68dc031174762fcf91411a29e5a9d8cb3c885e339f0a94d13c649e44cd26352dc97c1c08f8d7d935e391b91af306eaeb79adffeff479449133e1c9963aa5b0e177318bd2b0d86d32ad91a16da6edd65a067aa7f197d878b1e58087d34046017b846850889ae299bce6f1f96c51660e6973e0c48ae5952612e61a62a230151fbab2996faa0815821522d9d6730f6c77569eceb2f0ee2d27f36d8908c92083ac5546d6043b90ac879db6b3bbf9eca6ad15a55c8e1146397228e0593c64a65ae26e4991bb962e68211a2695b3ffd48e37ddf6ac49b642283067dcec7906144bc5ea7e8535529514c0b8418e1fb35fc9ca1b097a3776d2ec3c925bea04c01e589141e2fe4bc3a0ecb7079069f35f972b69e8013816fa4494c5b228d87fd0569d0e4cdc7739ff8af28e90c829119bc45d28abdbd3921bb081302da103696d05b5f7cfc729671e0708a1d86605ea0130b543d62795dc3e12a73675948c8dc10e7a4b9e1945ca6e29a54a8a7a425c67b6e72f47008c0aa23d57ab24edb60f092e69859c577f9c2c9e41b0d89bd2029347aabca05c37c66ecaadc52a4d5e837d995b9bea6accf76e8c21de631239807eed14c742da8718da7e880519f5901face5846d1aeea5697386bad18c8de9c5e1d0c314d795d643f8eb1c35266efb834375df282ac3f86c64a170ece46d6f1c70f0cd74a7627b9bc1a28ddd15d5017049086d0d173216dcdea6ebc329532b7829859ae2862c0a5b97eb47f68d5cf38bba7a75ed59a9b3ae322a81229d66a2b"}, @op={0x18}, @iv={0xb0, 0x117, 0x2, 0x99, "db3682ec29b1306819fe37919eb318b349b3204bcea12c8facf9c9987067ff7825736544129b5722a7df083f4bca22ab740b43276c7b6aea6736ae735882667896968ce8686ff1897199dfc04f8b32c95038a069d8ec6a6d0f2000954ff3a475f9095e2d2f4ca65784d39089c33d1e81a874727e062bbeecc3a5b6fa5a26512be9f4704e3b3e3aa1cd0b4ee904bbb3b1fa3cd0834ec1bff0c7"}, @op={0x18, 0x117, 0x3, 0x1}], 0x1128, 0x4}], 0x3, 0x40)
setsockopt$sock_int(r4, 0x1, 0x23, &(0x7f0000000200)=0x5, 0x4)
setrlimit(0x7, &(0x7f00000040c0)={0xfffffffffffffffd, 0x4})
getsockopt$sock_buf(r7, 0x1, 0x1c, &(0x7f0000004100)=""/95, &(0x7f0000004180)=0x5f)
write$binfmt_misc(r4, &(0x7f0000000300), 0x6)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

0s ago: executing program 2 (id=3034):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000180)={0x2, 0x4e21, @rand_addr=0x64010103}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000540)="b1", 0x1}], 0x1}, 0xfc00}, {{&(0x7f0000000880)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10, &(0x7f0000000a80)=[{&(0x7f00000008c0)="11", 0x1}], 0x1}}], 0x2, 0x8004804)
shutdown(r0, 0x1)

kernel console output (not intermixed with test programs):

.552881][T12067]  _copy_from_iter+0x29f/0x16f0
[  139.552899][T12067]  ? __alloc_skb+0x200/0x380
[  139.552914][T12067]  ? __pfx__copy_from_iter+0x10/0x10
[  139.552931][T12067]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  139.552954][T12067]  netlink_sendmsg+0x829/0xdd0
[  139.552967][T12067]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.552983][T12067]  ____sys_sendmsg+0xa95/0xc70
[  139.552994][T12067]  ? copy_msghdr_from_user+0x10a/0x160
[  139.553009][T12067]  ? __pfx_____sys_sendmsg+0x10/0x10
[  139.553027][T12067]  ___sys_sendmsg+0x134/0x1d0
[  139.553043][T12067]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.553057][T12067]  ? __lock_acquire+0x622/0x1c90
[  139.553085][T12067]  __sys_sendmsg+0x16d/0x220
[  139.553100][T12067]  ? __pfx___sys_sendmsg+0x10/0x10
[  139.553125][T12067]  do_syscall_64+0xcd/0x4c0
[  139.553142][T12067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.553153][T12067] RIP: 0033:0x7fac1ed8e929
[  139.553163][T12067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.553173][T12067] RSP: 002b:00007fac1cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.553184][T12067] RAX: ffffffffffffffda RBX: 00007fac1efb5fa0 RCX: 00007fac1ed8e929
[  139.553191][T12067] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000003
[  139.553197][T12067] RBP: 00007fac1cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  139.553203][T12067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.553209][T12067] R13: 0000000000000000 R14: 00007fac1efb5fa0 R15: 00007fffa10a8d98
[  139.553223][T12067]  </TASK>
[  139.619603][    C1] hpet: Lost 3 RTC interrupts
[  139.764903][T12071] /dev/sr0: Can't open blockdev
[  139.912226][T12078] /dev/sr0: Can't open blockdev
[  140.240561][T12099] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  140.361002][T12114] netlink: 'syz.1.2403': attribute type 10 has an invalid length.
[  140.541492][T12124] hub 9-0:1.0: USB hub found
[  140.543211][ T8642] syz_tun (unregistering): left allmulticast mode
[  140.547013][T12124] hub 9-0:1.0: 1 port detected
[  140.754329][T11559] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.878433][T12140] openvswitch: netlink: nsh attr 0 has unexpected len 4 expected 0
[  140.878460][T12141] openvswitch: netlink: nsh attr 0 has unexpected len 4 expected 0
[  140.881557][T12140] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  140.893707][T12141] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  140.897986][T11559] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.962836][T12151] tmpfs: Bad value for 'mpol'
[  140.994564][T11559] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.030188][   T63] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  141.035447][   T63] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  141.039733][   T63] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  141.042723][   T63] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  141.048287][   T63] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  141.061625][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  141.070483][ T5960] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  141.073809][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  141.077920][T11559] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.078751][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  141.084060][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  141.237738][T11559] gretap2: left promiscuous mode
[  141.239555][T11559] bridge0: port 4(gretap2) entered disabled state
[  141.243073][T11559] veth0_to_bridge: left allmulticast mode
[  141.244947][T11559] veth0_to_bridge: left promiscuous mode
[  141.246878][T11559] bridge0: port 3(veth0_to_bridge) entered disabled state
[  141.250512][T11559] bridge_slave_1: left allmulticast mode
[  141.252392][T11559] bridge_slave_1: left promiscuous mode
[  141.254283][T11559] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.260465][T11559] bridge_slave_0: left allmulticast mode
[  141.262943][T11559] bridge_slave_0: left promiscuous mode
[  141.265501][T11559] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.759891][T11559]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  141.765489][T11559]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  141.769983][T11559]  (unregistering): Released all slaves
[  141.776036][T11559] bond0 (unregistering): Released all slaves
[  141.787590][T12156] chnl_net:caif_netlink_parms(): no params data found
[  141.907826][T12156] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.912553][T12156] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.915521][T12156] bridge_slave_0: entered allmulticast mode
[  141.919348][T12156] bridge_slave_0: entered promiscuous mode
[  141.924249][T11559] tipc: Left network mode
[  141.925079][T12156] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.928716][T12156] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.932350][T12156] bridge_slave_1: entered allmulticast mode
[  141.936188][T12156] bridge_slave_1: entered promiscuous mode
[  141.984518][T12156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  141.991196][T12156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.050963][T12156] team0: Port device team_slave_0 added
[  142.062948][T12156] team0: Port device team_slave_1 added
[  142.104790][T12231] delete_channel: no stack
[  142.152077][T12156] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.154369][T12156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.167043][T12156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.178405][T12156] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.181365][T12156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.192245][T12156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.211738][T11559] hsr_slave_0: left promiscuous mode
[  142.214341][T11559] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.217198][T11559] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.223845][T11559] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.226671][T11559] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.256700][T11559] veth1_macvtap: left promiscuous mode
[  142.259116][T11559] veth0_macvtap: left promiscuous mode
[  142.261314][T11559] veth1_vlan: left promiscuous mode
[  142.263812][T11559] veth0_vlan: left promiscuous mode
[  143.269948][   T63] Bluetooth: hci1: command tx timeout
[  143.389379][T12156] hsr_slave_0: entered promiscuous mode
[  143.392637][T12156] hsr_slave_1: entered promiscuous mode
[  143.395624][T12156] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  143.399870][T12156] Cannot create hsr debugfs directory
[  143.402223][T12245] __nla_validate_parse: 12 callbacks suppressed
[  143.402239][T12245] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2443'.
[  143.404181][T12249] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2445'.
[  143.463876][   T40] audit: type=1400 audit(1752357689.590:593): avc:  denied  { setopt } for  pid=12250 comm="syz.4.2446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  143.463916][T12253] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  143.473438][T12253] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  143.476108][T12253] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  143.478662][T12253] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  143.481152][T12253] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  143.486208][T12253] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  143.497399][   T40] audit: type=1400 audit(1752357689.618:594): avc:  denied  { write } for  pid=12250 comm="syz.4.2446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  143.535809][T12259] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2448'.
[  144.034573][T12156] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  144.055741][T12156] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  144.062783][T12156] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  144.069331][T12156] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  144.099068][T12283] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2457'.
[  144.109825][T12285] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2458'.
[  144.151485][T12156] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.177372][T12156] 8021q: adding VLAN 0 to HW filter on device team0
[  144.184768][T11557] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.187970][T11557] bridge0: port 1(bridge_slave_0) entered forwarding state
[  144.202227][T11552] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.205265][T11552] bridge0: port 2(bridge_slave_1) entered forwarding state
[  144.397671][T12156] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.437478][T12156] veth0_vlan: entered promiscuous mode
[  144.442337][T12156] veth1_vlan: entered promiscuous mode
[  144.448694][   T40] audit: type=1400 audit(1752357690.507:595): avc:  denied  { setopt } for  pid=12310 comm="syz.4.2466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  144.466898][T12156] veth0_macvtap: entered promiscuous mode
[  144.472681][T12156] veth1_macvtap: entered promiscuous mode
[  144.487580][T12156] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.501627][T12156] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.509147][T12156] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.512657][T12156] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.516216][T12156] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.528325][T12156] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.559167][T12318] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2468'.
[  144.574313][T12318] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  144.590831][T11554] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.593398][T11554] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.619213][T11554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.619748][T12320] Cannot find del_set index 85 as target
[  144.621624][T11554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.634725][   T40] audit: type=1400 audit(1752357690.685:596): avc:  denied  { mounton } for  pid=12156 comm="syz-executor" path="/syzkaller.R1sxhU/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=44698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  144.647988][   T40] audit: type=1400 audit(1752357690.694:597): avc:  denied  { mount } for  pid=12156 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  144.680933][T12322] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2470'.
[  144.698965][T12324] netlink: 'syz.4.2471': attribute type 2 has an invalid length.
[  144.742101][T12326] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2472'.
[  144.984443][T12338] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2478'.
[  144.986161][T12336] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.2477'.
[  145.085829][T12344] FAULT_INJECTION: forcing a failure.
[  145.085829][T12344] name failslab, interval 1, probability 0, space 0, times 0
[  145.091078][T12344] CPU: 0 UID: 0 PID: 12344 Comm: syz.2.2481 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  145.091105][T12344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  145.091117][T12344] Call Trace:
[  145.091123][T12344]  <TASK>
[  145.091130][T12344]  dump_stack_lvl+0x16c/0x1f0
[  145.091183][T12344]  should_fail_ex+0x512/0x640
[  145.091217][T12344]  should_failslab+0xc2/0x120
[  145.091245][T12344]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  145.091268][T12344]  ? skb_clone+0x190/0x3f0
[  145.091298][T12344]  skb_clone+0x190/0x3f0
[  145.091324][T12344]  netlink_deliver_tap+0xabd/0xd30
[  145.091357][T12344]  netlink_unicast+0x62f/0x850
[  145.091377][T12344]  ? __pfx_netlink_unicast+0x10/0x10
[  145.091399][T12344]  netlink_sendmsg+0x8d1/0xdd0
[  145.091422][T12344]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.091449][T12344]  ____sys_sendmsg+0xa95/0xc70
[  145.091467][T12344]  ? copy_msghdr_from_user+0x10a/0x160
[  145.091488][T12344]  ? __pfx_____sys_sendmsg+0x10/0x10
[  145.091523][T12344]  ___sys_sendmsg+0x134/0x1d0
[  145.091547][T12344]  ? __pfx____sys_sendmsg+0x10/0x10
[  145.091569][T12344]  ? __lock_acquire+0x622/0x1c90
[  145.091620][T12344]  __sys_sendmsg+0x16d/0x220
[  145.091643][T12344]  ? __pfx___sys_sendmsg+0x10/0x10
[  145.091681][T12344]  do_syscall_64+0xcd/0x4c0
[  145.091707][T12344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.091726][T12344] RIP: 0033:0x7f874478e929
[  145.091741][T12344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.091756][T12344] RSP: 002b:00007f87456d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  145.091774][T12344] RAX: ffffffffffffffda RBX: 00007f87449b5fa0 RCX: 00007f874478e929
[  145.091786][T12344] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  145.091795][T12344] RBP: 00007f87456d0090 R08: 0000000000000000 R09: 0000000000000000
[  145.091805][T12344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.091814][T12344] R13: 0000000000000000 R14: 00007f87449b5fa0 R15: 00007fffec3ed528
[  145.091837][T12344]  </TASK>
[  145.359210][   T40] audit: type=1400 audit(1752357691.358:598): avc:  denied  { create } for  pid=12372 comm="syz.3.2492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  145.365953][   T40] audit: type=1400 audit(1752357691.358:599): avc:  denied  { setopt } for  pid=12372 comm="syz.3.2492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  145.593587][T12385] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  145.932217][T12400] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  146.077300][T12403] Cannot find del_set index 85 as target
[  146.332332][T12415] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12415 comm=syz.4.2512
[  146.338578][T12415] netlink: 'syz.4.2512': attribute type 7 has an invalid length.
[  146.392261][T12417] bridge0: port 2(veth0_to_bridge) entered blocking state
[  146.395213][T12417] bridge0: port 2(veth0_to_bridge) entered disabled state
[  146.398144][T12417] veth0_to_bridge: entered allmulticast mode
[  146.413240][T12417] veth0_to_bridge: entered promiscuous mode
[  146.415598][T12417] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  146.419719][T12417] bridge0: port 2(veth0_to_bridge) entered blocking state
[  146.422086][T12417] bridge0: port 2(veth0_to_bridge) entered forwarding state
[  146.428436][T12417] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  146.500245][T12421] kernel profiling enabled (shift: 7)
[  146.589099][T12434] SET target dimension over the limit!
[  146.686798][T11556] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.792225][T12449] Cannot find del_set index 85 as target
[  146.985740][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  147.002088][ T5960] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  147.010596][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  147.017082][T12474] fuse: blksize only supported for fuseblk
[  147.019082][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  147.023431][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  147.265367][T12470] chnl_net:caif_netlink_parms(): no params data found
[  147.349596][T12499] Cannot find del_set index 85 as target
[  147.476342][T12512] FAULT_INJECTION: forcing a failure.
[  147.476342][T12512] name failslab, interval 1, probability 0, space 0, times 0
[  147.480748][T12512] CPU: 0 UID: 0 PID: 12512 Comm: syz.3.2553 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  147.480770][T12512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.480779][T12512] Call Trace:
[  147.480785][T12512]  <TASK>
[  147.480794][T12512]  dump_stack_lvl+0x16c/0x1f0
[  147.480823][T12512]  should_fail_ex+0x512/0x640
[  147.480845][T12512]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  147.480869][T12512]  should_failslab+0xc2/0x120
[  147.480895][T12512]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  147.480918][T12512]  ? __pmd_alloc+0xbf/0x930
[  147.480938][T12512]  __pmd_alloc+0xbf/0x930
[  147.480953][T12512]  ? __pud_alloc+0x526/0x750
[  147.480971][T12512]  __handle_mm_fault+0xaac/0x5490
[  147.480998][T12512]  ? __pfx___handle_mm_fault+0x10/0x10
[  147.481014][T12512]  ? __pfx_mt_find+0x10/0x10
[  147.481039][T12512]  ? find_vma+0xbf/0x140
[  147.481055][T12512]  ? __pfx_find_vma+0x10/0x10
[  147.481073][T12512]  handle_mm_fault+0x589/0xd10
[  147.481087][T12512]  ? __pkru_allows_pkey+0x51/0xb0
[  147.481105][T12512]  do_user_addr_fault+0x7a6/0x1370
[  147.481123][T12512]  ? rcu_is_watching+0x12/0xc0
[  147.481140][T12512]  exc_page_fault+0x5c/0xb0
[  147.481154][T12512]  asm_exc_page_fault+0x26/0x30
[  147.481165][T12512] RIP: 0010:_copy_to_user+0xb6/0xd0
[  147.481183][T12512] Code: 89 ee 48 89 ef e8 4a 77 df fc 4d 85 ff 75 a8 e8 90 7c df fc 89 de 4c 89 e7 e8 46 5e 46 fd 0f 01 cb 48 89 d9 48 89 ef 4c 89 e6 <f3> a4 0f 1f 00 0f 01 ca 48 89 cb eb 80 66 2e 0f 1f 84 00 00 00 00
[  147.481194][T12512] RSP: 0018:ffffc90007ef7d10 EFLAGS: 00050246
[  147.481204][T12512] RAX: 0000000000000001 RBX: 0000000000000030 RCX: 0000000000000030
[  147.481211][T12512] RDX: fffff52000fdefb6 RSI: ffffc90007ef7d80 RDI: 0000200000000040
[  147.481217][T12512] RBP: 0000200000000040 R08: 0000000000000000 R09: fffff52000fdefb5
[  147.481224][T12512] R10: ffffc90007ef7daf R11: 0000000000000001 R12: ffffc90007ef7d80
[  147.481230][T12512] R13: 0000200000000070 R14: 00007ffffffff000 R15: 0000000000000000
[  147.481246][T12512]  ksys_shmctl.constprop.0+0x2a8/0x380
[  147.481265][T12512]  ? __pfx_ksys_shmctl.constprop.0+0x10/0x10
[  147.481285][T12512]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  147.481304][T12512]  ? __fget_files+0x20e/0x3c0
[  147.481329][T12512]  do_syscall_64+0xcd/0x4c0
[  147.481346][T12512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.481357][T12512] RIP: 0033:0x7fac1ed8e929
[  147.481365][T12512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.481375][T12512] RSP: 002b:00007fac1cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001f
[  147.481384][T12512] RAX: ffffffffffffffda RBX: 00007fac1efb5fa0 RCX: 00007fac1ed8e929
[  147.481391][T12512] RDX: 0000200000000040 RSI: 000000000000000e RDI: 0000000000000000
[  147.481397][T12512] RBP: 00007fac1cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  147.481403][T12512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.481410][T12512] R13: 0000000000000001 R14: 00007fac1efb5fa0 R15: 00007fffa10a8d98
[  147.481427][T12512]  </TASK>
[  147.486533][T12470] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.511221][T12510] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[  147.516425][T12470] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.517586][T12510] [U] J"—e:ÀÆ"


[  147.519246][T12470] bridge_slave_0: entered allmulticast mode
[  147.546226][    C0] net_ratelimit: 59 callbacks suppressed
[  147.546236][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.552269][T12470] bridge_slave_0: entered promiscuous mode
[  147.554531][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.559111][T12470] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.559967][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.561574][T12470] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.563559][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.563647][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.563733][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.563847][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.563936][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.566822][T12470] bridge_slave_1: entered allmulticast mode
[  147.567505][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.571129][T12470] bridge_slave_1: entered promiscuous mode
[  147.572428][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.689547][T12470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  147.694098][T12470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  147.733860][T12530] Cannot find del_set index 85 as target
[  147.775023][T12470] team0: Port device team_slave_0 added
[  147.789182][T12470] team0: Port device team_slave_1 added
[  147.894411][T12470] batman_adv: batadv0: Adding interface: batadv_slave_0
[  147.902703][T12470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.914434][T12470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  147.928150][T12470] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.930614][T12470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.939082][T12470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  148.009618][T12544] block nbd3: NBD_DISCONNECT
[  148.035295][T12470] hsr_slave_0: entered promiscuous mode
[  148.046682][T12470] hsr_slave_1: entered promiscuous mode
[  148.048798][T12470] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  148.051356][T12470] Cannot create hsr debugfs directory
[  148.119314][T12550] xfrm1: entered allmulticast mode
[  148.162855][T12550] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  148.478852][T12570] FAULT_INJECTION: forcing a failure.
[  148.478852][T12570] name failslab, interval 1, probability 0, space 0, times 0
[  148.484014][T12570] CPU: 1 UID: 0 PID: 12570 Comm: syz.3.2580 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  148.484039][T12570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.484049][T12570] Call Trace:
[  148.484055][T12570]  <TASK>
[  148.484062][T12570]  dump_stack_lvl+0x16c/0x1f0
[  148.484091][T12570]  should_fail_ex+0x512/0x640
[  148.484113][T12570]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  148.484139][T12570]  should_failslab+0xc2/0x120
[  148.484164][T12570]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  148.484187][T12570]  ? ptlock_alloc+0x1f/0x70
[  148.484209][T12570]  ptlock_alloc+0x1f/0x70
[  148.484227][T12570]  pte_alloc_one+0x82/0x3a0
[  148.484246][T12570]  __pte_alloc+0x6d/0x3c0
[  148.484285][T12570]  ? __pfx___pte_alloc+0x10/0x10
[  148.484324][T12570]  ? _raw_spin_unlock+0x28/0x50
[  148.484344][T12570]  ? __pmd_alloc+0x3fb/0x930
[  148.484363][T12570]  __handle_mm_fault+0x4358/0x5490
[  148.484391][T12570]  ? __pfx___handle_mm_fault+0x10/0x10
[  148.484409][T12570]  ? __pfx_mt_find+0x10/0x10
[  148.484447][T12570]  ? find_vma+0xbf/0x140
[  148.484477][T12570]  ? __pfx_find_vma+0x10/0x10
[  148.484504][T12570]  handle_mm_fault+0x589/0xd10
[  148.484524][T12570]  ? __pkru_allows_pkey+0x51/0xb0
[  148.484551][T12570]  do_user_addr_fault+0x7a6/0x1370
[  148.484580][T12570]  ? rcu_is_watching+0x12/0xc0
[  148.484606][T12570]  exc_page_fault+0x5c/0xb0
[  148.484630][T12570]  asm_exc_page_fault+0x26/0x30
[  148.484647][T12570] RIP: 0010:_copy_to_user+0xb6/0xd0
[  148.484672][T12570] Code: 89 ee 48 89 ef e8 4a 77 df fc 4d 85 ff 75 a8 e8 90 7c df fc 89 de 4c 89 e7 e8 46 5e 46 fd 0f 01 cb 48 89 d9 48 89 ef 4c 89 e6 <f3> a4 0f 1f 00 0f 01 ca 48 89 cb eb 80 66 2e 0f 1f 84 00 00 00 00
[  148.484689][T12570] RSP: 0018:ffffc90006e4fd10 EFLAGS: 00050246
[  148.484704][T12570] RAX: 0000000000000001 RBX: 0000000000000030 RCX: 0000000000000030
[  148.484714][T12570] RDX: fffff52000dc9fb6 RSI: ffffc90006e4fd80 RDI: 0000200000000040
[  148.484725][T12570] RBP: 0000200000000040 R08: 0000000000000000 R09: fffff52000dc9fb5
[  148.484735][T12570] R10: ffffc90006e4fdaf R11: 0000000000000001 R12: ffffc90006e4fd80
[  148.484745][T12570] R13: 0000200000000070 R14: 00007ffffffff000 R15: 0000000000000000
[  148.484775][T12570]  ksys_shmctl.constprop.0+0x2a8/0x380
[  148.484801][T12570]  ? __pfx_ksys_shmctl.constprop.0+0x10/0x10
[  148.484832][T12570]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  148.484862][T12570]  ? __fget_files+0x20e/0x3c0
[  148.484904][T12570]  do_syscall_64+0xcd/0x4c0
[  148.484933][T12570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.484951][T12570] RIP: 0033:0x7fac1ed8e929
[  148.484964][T12570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.484980][T12570] RSP: 002b:00007fac1cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001f
[  148.484997][T12570] RAX: ffffffffffffffda RBX: 00007fac1efb5fa0 RCX: 00007fac1ed8e929
[  148.485008][T12570] RDX: 0000200000000040 RSI: 000000000000000e RDI: 0000000000000000
[  148.485017][T12570] RBP: 00007fac1cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  148.485028][T12570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.485037][T12570] R13: 0000000000000001 R14: 00007fac1efb5fa0 R15: 00007fffa10a8d98
[  148.485062][T12570]  </TASK>
[  148.596065][    C1] hpet: Lost 7 RTC interrupts
[  148.601069][T11556] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.696900][T11556] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.769778][T12580] __nla_validate_parse: 16 callbacks suppressed
[  148.769791][T12580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2584'.
[  148.784146][T11556] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.863090][T12583] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2585'.
[  148.871850][T12583] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2585'.
[  148.945478][T11556] bridge_slave_1: left allmulticast mode
[  148.947268][T11556] bridge_slave_1: left promiscuous mode
[  148.949108][T11556] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.969863][T11556] bridge_slave_0: left allmulticast mode
[  148.974457][T11556] bridge_slave_0: left promiscuous mode
[  148.976283][T11556] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.136085][T12595] Cannot find del_set index 85 as target
[  149.245577][   T63] Bluetooth: hci1: command tx timeout
[  149.361109][   T40] audit: type=1400 audit(2000000002.179:600): avc:  denied  { read } for  pid=12605 comm="syz.3.2592" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  149.369365][   T40] audit: type=1400 audit(2000000002.179:601): avc:  denied  { open } for  pid=12605 comm="syz.3.2592" path="/639/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  149.386636][T12607] block device autoloading is deprecated and will be removed.
[  149.391537][   T40] audit: type=1400 audit(2000000002.207:602): avc:  denied  { ioctl } for  pid=12605 comm="syz.3.2592" path="/639/file0/file0" dev="fuse" ino=64 ioctlcmd=0x930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  149.397452][T12606] tmpfs: Unknown parameter 'ŸÍd'
[  149.402761][T12572] orangefs_mount: mount request failed with -4
[  149.436301][T11556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  149.473461][T11556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  149.484551][T11556] bond0 (unregistering): Released all slaves
[  149.784163][T12620] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2598'.
[  149.895989][T12628] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2602'.
[  150.017113][T11556] hsr_slave_0: left promiscuous mode
[  150.022208][T11556] hsr_slave_1: left promiscuous mode
[  150.024213][T11556] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  150.028579][T11556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  150.036284][T11556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  150.039149][T11556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  150.091040][T11556] veth1_macvtap: left promiscuous mode
[  150.092794][T11556] veth0_macvtap: left promiscuous mode
[  150.094585][T11556] veth1_vlan: left promiscuous mode
[  150.096322][T11556] veth0_vlan: left promiscuous mode
[  151.234919][T11556] team0 (unregistering): Port device team_slave_1 removed
[  151.348776][T11556] team0 (unregistering): Port device team_slave_0 removed
[  151.470964][   T63] Bluetooth: hci1: command tx timeout
[  152.461276][T12639] Cannot find del_set index 85 as target
[  152.466965][T12470] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  152.489985][T12470] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  152.501767][T12470] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  152.532208][T12470] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  152.688138][T12654] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2611'.
[  152.724575][T12470] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.745732][T12470] 8021q: adding VLAN 0 to HW filter on device team0
[  152.757079][T11557] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.759366][T11557] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.768419][T11557] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.770663][T11557] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.802327][T12470] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  152.894298][T12665] netlink: 129704 bytes leftover after parsing attributes in process `syz.3.2615'.
[  152.900204][    C0] net_ratelimit: 101389 callbacks suppressed
[  152.900215][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.900254][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  152.902117][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.905752][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  152.909254][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.912862][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  152.916869][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.921188][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  152.924925][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.928619][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  152.939447][T12470] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.027719][T12470] veth0_vlan: entered promiscuous mode
[  153.050279][T12470] veth1_vlan: entered promiscuous mode
[  153.073262][T12470] veth0_macvtap: entered promiscuous mode
[  153.083823][T12470] veth1_macvtap: entered promiscuous mode
[  153.093756][T12470] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.097732][T12676] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2620'.
[  153.101995][T12470] batman_adv: batadv0: Interface activated: batadv_slave_1
[  153.108275][T12470] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.111308][T12470] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.113931][T12470] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.116934][T12470] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.273780][T11554] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.281496][T11554] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  153.340775][T11557] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.354197][T11557] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  153.634539][T12693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2626'.
[  153.771886][T12685] infiniband syz1: set active
[  153.773911][T12685] infiniband syz1: added syz_tun
[  153.814721][T12685] RDS/IB: syz1: added
[  153.819449][T12685] smc: adding ib device syz1 with port count 1
[  153.821772][T12685] smc:    ib device syz1 port 1 has pnetid 
[  153.983708][T12705] FAULT_INJECTION: forcing a failure.
[  153.983708][T12705] name failslab, interval 1, probability 0, space 0, times 0
[  153.987876][T12705] CPU: 1 UID: 0 PID: 12705 Comm: syz.3.2631 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  153.987891][T12705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.987899][T12705] Call Trace:
[  153.987903][T12705]  <TASK>
[  153.987907][T12705]  dump_stack_lvl+0x16c/0x1f0
[  153.987927][T12705]  should_fail_ex+0x512/0x640
[  153.987942][T12705]  ? fs_reclaim_acquire+0xae/0x150
[  153.987955][T12705]  ? tomoyo_encode2+0x100/0x3e0
[  153.987969][T12705]  should_failslab+0xc2/0x120
[  153.987986][T12705]  __kmalloc_noprof+0xd2/0x510
[  153.988004][T12705]  tomoyo_encode2+0x100/0x3e0
[  153.988021][T12705]  tomoyo_encode+0x29/0x50
[  153.988036][T12705]  tomoyo_realpath_from_path+0x18f/0x6e0
[  153.988053][T12705]  ? tomoyo_profile+0x47/0x60
[  153.988072][T12705]  tomoyo_path_number_perm+0x245/0x580
[  153.988085][T12705]  ? tomoyo_path_number_perm+0x237/0x580
[  153.988099][T12705]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  153.988114][T12705]  ? find_held_lock+0x2b/0x80
[  153.988145][T12705]  ? find_held_lock+0x2b/0x80
[  153.988158][T12705]  ? hook_file_ioctl_common+0x145/0x410
[  153.988172][T12705]  ? __fget_files+0x20e/0x3c0
[  153.988189][T12705]  security_file_ioctl+0x9b/0x240
[  153.988205][T12705]  __x64_sys_ioctl+0xb7/0x210
[  153.988219][T12705]  do_syscall_64+0xcd/0x4c0
[  153.988236][T12705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.988247][T12705] RIP: 0033:0x7fac1ed8e929
[  153.988256][T12705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.988267][T12705] RSP: 002b:00007fac1cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  153.988278][T12705] RAX: ffffffffffffffda RBX: 00007fac1efb5fa0 RCX: 00007fac1ed8e929
[  153.988284][T12705] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004
[  153.988291][T12705] RBP: 00007fac1cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  153.988297][T12705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.988303][T12705] R13: 0000000000000000 R14: 00007fac1efb5fa0 R15: 00007fffa10a8d98
[  153.988317][T12705]  </TASK>
[  153.988327][T12705] ERROR: Out of memory at tomoyo_realpath_from_path.
[  154.484764][   T40] audit: type=1400 audit(2000000006.978:603): avc:  denied  { append } for  pid=12722 comm="syz.3.2637" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  154.561139][   T40] audit: type=1400 audit(2000000007.043:604): avc:  denied  { getopt } for  pid=12724 comm="syz.2.2638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  154.683085][T12727] input: syz0 as /devices/virtual/input/input19
[  154.692682][T12729] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2640'.
[  154.744638][T12731] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.2641'.
[  155.094573][T12750] Cannot find del_set index 85 as target
[  155.148412][T12754] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2652'.
[  155.176173][T12756] netlink: 'syz.2.2651': attribute type 30 has an invalid length.
[  155.180681][T12756] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  155.183554][T12756] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  155.293034][T12761] 8021q: adding VLAN 0 to HW filter on device bond0
[  155.302922][T12761] bond0: (slave rose0): Enslaving as an active interface with an up link
[  155.696317][T11556] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.701602][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  155.705146][ T5960] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  155.707885][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  155.708555][T12781] Cannot find del_set index 85 as target
[  155.724892][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  155.727560][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  155.951532][T12790] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2663'.
[  156.054704][T12778] chnl_net:caif_netlink_parms(): no params data found
[  156.248955][T12778] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.251282][T12778] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.253812][T12778] bridge_slave_0: entered allmulticast mode
[  156.256508][T12778] bridge_slave_0: entered promiscuous mode
[  156.260602][T12778] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.262754][T12778] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.265138][T12778] bridge_slave_1: entered allmulticast mode
[  156.268292][T12778] bridge_slave_1: entered promiscuous mode
[  156.358524][T12778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.374095][T12778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.463423][T12778] team0: Port device team_slave_0 added
[  156.468228][T12778] team0: Port device team_slave_1 added
[  156.548214][T12814] FAULT_INJECTION: forcing a failure.
[  156.548214][T12814] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  156.552221][T12814] CPU: 3 UID: 0 PID: 12814 Comm: syz.4.2673 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  156.552237][T12814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.552244][T12814] Call Trace:
[  156.552248][T12814]  <TASK>
[  156.552252][T12814]  dump_stack_lvl+0x16c/0x1f0
[  156.552272][T12814]  should_fail_ex+0x512/0x640
[  156.552289][T12814]  should_fail_alloc_page+0xe7/0x130
[  156.552307][T12814]  prepare_alloc_pages+0x3c2/0x610
[  156.552319][T12814]  ? rcu_read_unlock+0x17/0x60
[  156.552336][T12814]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  156.552352][T12814]  ? rcu_is_watching+0x12/0xc0
[  156.552367][T12814]  ? put_dec+0x2e/0xc0
[  156.552376][T12814]  ? put_dec_trunc8+0x28b/0x370
[  156.552387][T12814]  ? number+0x9aa/0xc70
[  156.552400][T12814]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  156.552415][T12814]  ? __pfx_number+0x10/0x10
[  156.552431][T12814]  ? __lock_acquire+0xb8a/0x1c90
[  156.552443][T12814]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  156.552457][T12814]  ? policy_nodemask+0xea/0x4e0
[  156.552475][T12814]  alloc_pages_mpol+0x1fb/0x550
[  156.552491][T12814]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  156.552511][T12814]  alloc_pages_noprof+0x131/0x390
[  156.552528][T12814]  kvm_arch_vcpu_create+0x2a7/0xb20
[  156.552543][T12814]  ? lockdep_init_map_type+0x5c/0x280
[  156.552556][T12814]  kvm_vm_ioctl+0xf6f/0x3dd0
[  156.552572][T12814]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  156.552589][T12814]  ? kasan_quarantine_put+0x10a/0x240
[  156.552603][T12814]  ? lockdep_hardirqs_on+0x7c/0x110
[  156.552620][T12814]  ? find_held_lock+0x2b/0x80
[  156.552634][T12814]  ? tomoyo_path_number_perm+0x295/0x580
[  156.552651][T12814]  ? tomoyo_path_number_perm+0x18d/0x580
[  156.552666][T12814]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  156.552679][T12814]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  156.552693][T12814]  ? do_vfs_ioctl+0x523/0x1a60
[  156.552705][T12814]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  156.552721][T12814]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  156.552738][T12814]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  156.552759][T12814]  ? hook_file_ioctl_common+0x145/0x410
[  156.552773][T12814]  ? selinux_file_ioctl+0x180/0x270
[  156.552787][T12814]  ? selinux_file_ioctl+0xb4/0x270
[  156.552803][T12814]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  156.552814][T12814]  __x64_sys_ioctl+0x18e/0x210
[  156.552827][T12814]  do_syscall_64+0xcd/0x4c0
[  156.552843][T12814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.552855][T12814] RIP: 0033:0x7fe7a478e929
[  156.552864][T12814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.552875][T12814] RSP: 002b:00007fe7a550f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  156.552885][T12814] RAX: ffffffffffffffda RBX: 00007fe7a49b5fa0 RCX: 00007fe7a478e929
[  156.552892][T12814] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004
[  156.552899][T12814] RBP: 00007fe7a550f090 R08: 0000000000000000 R09: 0000000000000000
[  156.552905][T12814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.552911][T12814] R13: 0000000000000000 R14: 00007fe7a49b5fa0 R15: 00007ffc76e315f8
[  156.552925][T12814]  </TASK>
[  156.650938][    C3] vkms_vblank_simulate: vblank timer overrun
[  156.658813][T12778] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.660952][T12778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.668796][T12778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.672988][T12778] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.676318][T12778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.684745][T12778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.777115][T12778] hsr_slave_0: entered promiscuous mode
[  156.800049][T12778] hsr_slave_1: entered promiscuous mode
[  156.813236][T12778] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  156.815579][T12778] Cannot create hsr debugfs directory
[  156.830799][T12825] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2678'.
[  156.967353][T12833] Cannot find del_set index 85 as target
[  157.292680][T12847] netlink: 1624 bytes leftover after parsing attributes in process `syz.3.2688'.
[  157.358080][T12837] [U] 
[  157.408047][T12853] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2691'.
[  157.569182][T12859] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2690'.
[  157.623503][T12859] 0ªî{X¹¦: renamed from macvtap0 (while UP)
[  157.638731][T12859] 0ªî{X¹¦: entered allmulticast mode
[  157.640930][T12859] veth0_macvtap: entered allmulticast mode
[  157.805989][T12871] netlink: 1624 bytes leftover after parsing attributes in process `syz.3.2697'.
[  157.864774][T12876] IPv6: NLM_F_CREATE should be specified when creating new route
[  157.892138][ T5960] Bluetooth: hci1: command tx timeout
[  157.930317][T12882] xt_time: invalid argument - start or stop time greater than 23:59:59
[  157.948660][T11556] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.034314][T12888] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2703'.
[  158.036702][T12885] Cannot find del_set index 85 as target
[  158.080613][T11556] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.169163][T12892] netlink: 'syz.4.2707': attribute type 72 has an invalid length.
[  158.216068][T11556] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.236243][T12897] FAULT_INJECTION: forcing a failure.
[  158.236243][T12897] name failslab, interval 1, probability 0, space 0, times 0
[  158.239994][T12897] CPU: 3 UID: 0 PID: 12897 Comm: syz.3.2710 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  158.240010][T12897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.240017][T12897] Call Trace:
[  158.240021][T12897]  <TASK>
[  158.240026][T12897]  dump_stack_lvl+0x16c/0x1f0
[  158.240046][T12897]  should_fail_ex+0x512/0x640
[  158.240060][T12897]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  158.240077][T12897]  should_failslab+0xc2/0x120
[  158.240094][T12897]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  158.240109][T12897]  ? __alloc_skb+0x2b2/0x380
[  158.240127][T12897]  __alloc_skb+0x2b2/0x380
[  158.240144][T12897]  ? __pfx___alloc_skb+0x10/0x10
[  158.240157][T12897]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  158.240173][T12897]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  158.240192][T12897]  netlink_alloc_large_skb+0x69/0x130
[  158.240204][T12897]  netlink_sendmsg+0x6a1/0xdd0
[  158.240217][T12897]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.240233][T12897]  ____sys_sendmsg+0xa95/0xc70
[  158.240244][T12897]  ? copy_msghdr_from_user+0x10a/0x160
[  158.240259][T12897]  ? __pfx_____sys_sendmsg+0x10/0x10
[  158.240277][T12897]  ___sys_sendmsg+0x134/0x1d0
[  158.240293][T12897]  ? __pfx____sys_sendmsg+0x10/0x10
[  158.240307][T12897]  ? __lock_acquire+0x622/0x1c90
[  158.240335][T12897]  __sys_sendmsg+0x16d/0x220
[  158.240350][T12897]  ? __pfx___sys_sendmsg+0x10/0x10
[  158.240374][T12897]  do_syscall_64+0xcd/0x4c0
[  158.240391][T12897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.240402][T12897] RIP: 0033:0x7fac1ed8e929
[  158.240411][T12897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.240422][T12897] RSP: 002b:00007fac1cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  158.240432][T12897] RAX: ffffffffffffffda RBX: 00007fac1efb5fa0 RCX: 00007fac1ed8e929
[  158.240439][T12897] RDX: 0000000000048004 RSI: 0000200000000a80 RDI: 0000000000000004
[  158.240446][T12897] RBP: 00007fac1cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  158.240452][T12897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.240459][T12897] R13: 0000000000000000 R14: 00007fac1efb5fa0 R15: 00007fffa10a8d98
[  158.240472][T12897]  </TASK>
[  158.299001][    C0] net_ratelimit: 118034 callbacks suppressed
[  158.299013][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  158.299042][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  158.299154][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  158.299245][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  158.299336][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  158.299425][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  158.299514][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  158.299605][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  158.299693][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  158.299779][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  158.300645][    C3] vkms_vblank_simulate: vblank timer overrun
[  158.354233][    C3] vkms_vblank_simulate: vblank timer overrun
[  158.527540][T11556] bridge_slave_1: left allmulticast mode
[  158.529440][T11556] bridge_slave_1: left promiscuous mode
[  158.534416][T11556] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.563612][T11556] bridge_slave_0: left allmulticast mode
[  158.565359][T11556] bridge_slave_0: left promiscuous mode
[  158.567265][T12913] netlink: 'syz.2.2717': attribute type 72 has an invalid length.
[  158.572688][T11556] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.160648][T11556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  159.171120][T11556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  159.179485][T11556] bond0 (unregistering): Released all slaves
[  159.275140][T12922] netem: incorrect ge model size
[  159.277493][T12922] netem: change failed
[  159.758871][T12778] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  159.806014][T12778] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  159.863110][T11556] hsr_slave_0: left promiscuous mode
[  159.874348][T11556] hsr_slave_1: left promiscuous mode
[  159.877260][T11556] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  159.879981][T11556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  159.893402][T11556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  159.896139][T11556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  159.923003][T11556] veth1_macvtap: left promiscuous mode
[  159.925161][T11556] veth0_macvtap: left promiscuous mode
[  159.933817][T11556] veth1_vlan: left promiscuous mode
[  159.937415][T11556] veth0_vlan: left promiscuous mode
[  160.116537][ T5960] Bluetooth: hci1: command tx timeout
[  160.373774][T12953] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2730'.
[  161.757951][T11556] team0 (unregistering): Port device team_slave_1 removed
[  161.879211][T11556] team0 (unregistering): Port device team_slave_0 removed
[  162.340113][ T5960] Bluetooth: hci1: command tx timeout
[  162.995166][T12778] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  163.001290][T12944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2726'.
[  163.036739][T12953] syz_tun (unregistering): left allmulticast mode
[  163.039472][T12953] syz_tun (unregistering): left promiscuous mode
[  163.056576][T12953] bridge0: port 3(syz_tun) entered disabled state
[  163.102425][T12960] Cannot find del_set index 85 as target
[  163.106740][T12778] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  163.401823][T12778] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.423147][T12778] 8021q: adding VLAN 0 to HW filter on device team0
[  163.432560][T11559] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.435174][T11559] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.442071][T11554] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.444271][T11554] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.512306][T12778] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.540970][T12778] veth0_vlan: entered promiscuous mode
[  163.546010][T12778] veth1_vlan: entered promiscuous mode
[  163.564362][T12778] veth0_macvtap: entered promiscuous mode
[  163.568648][T12778] veth1_macvtap: entered promiscuous mode
[  163.578352][T12778] batman_adv: batadv0: Interface activated: batadv_slave_0
[  163.586072][T12778] batman_adv: batadv0: Interface activated: batadv_slave_1
[  163.591074][T12778] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.594355][T12778] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.597106][T12778] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.599848][T12778] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.655050][    C2] net_ratelimit: 123891 callbacks suppressed
[  163.655062][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  163.655124][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  163.657627][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  163.662488][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  163.666326][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  163.671225][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  163.674840][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  163.679935][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  163.683392][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  163.688253][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  163.757695][T12985] FAULT_INJECTION: forcing a failure.
[  163.757695][T12985] name failslab, interval 1, probability 0, space 0, times 0
[  163.763083][T12985] CPU: 3 UID: 0 PID: 12985 Comm: syz.2.2737 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  163.763099][T12985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.763106][T12985] Call Trace:
[  163.763109][T12985]  <TASK>
[  163.763114][T12985]  dump_stack_lvl+0x16c/0x1f0
[  163.763134][T12985]  should_fail_ex+0x512/0x640
[  163.763149][T12985]  ? __kmalloc_noprof+0xbf/0x510
[  163.763165][T12985]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  163.763179][T12985]  should_failslab+0xc2/0x120
[  163.763196][T12985]  __kmalloc_noprof+0xd2/0x510
[  163.763213][T12985]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  163.763228][T12985]  ? cred_has_capability.isra.0+0x193/0x2f0
[  163.763246][T12985]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  163.763259][T12985]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  163.763278][T12985]  ? bpf_lsm_capable+0x9/0x10
[  163.763289][T12985]  ? security_capable+0x7e/0x260
[  163.763305][T12985]  genl_rcv_msg+0x55c/0x800
[  163.763319][T12985]  ? __pfx_genl_rcv_msg+0x10/0x10
[  163.763332][T12985]  ? __pfx_ieee802154_llsec_del_key+0x10/0x10
[  163.763350][T12985]  ? __lock_acquire+0x622/0x1c90
[  163.763363][T12985]  netlink_rcv_skb+0x158/0x420
[  163.763379][T12985]  ? __pfx_genl_rcv_msg+0x10/0x10
[  163.763392][T12985]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  163.763409][T12985]  ? netlink_deliver_tap+0x1ae/0xd30
[  163.763439][T12985]  ? is_vmalloc_addr+0x86/0xa0
[  163.763455][T12985]  genl_rcv+0x28/0x40
[  163.763465][T12985]  netlink_unicast+0x58a/0x850
[  163.763478][T12985]  ? __pfx_netlink_unicast+0x10/0x10
[  163.763492][T12985]  netlink_sendmsg+0x8d1/0xdd0
[  163.763506][T12985]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.763522][T12985]  ____sys_sendmsg+0xa95/0xc70
[  163.763534][T12985]  ? copy_msghdr_from_user+0x10a/0x160
[  163.763549][T12985]  ? __pfx_____sys_sendmsg+0x10/0x10
[  163.763567][T12985]  ___sys_sendmsg+0x134/0x1d0
[  163.763583][T12985]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.763597][T12985]  ? __lock_acquire+0x622/0x1c90
[  163.763625][T12985]  __sys_sendmsg+0x16d/0x220
[  163.763640][T12985]  ? __pfx___sys_sendmsg+0x10/0x10
[  163.763668][T12985]  do_syscall_64+0xcd/0x4c0
[  163.763685][T12985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.763697][T12985] RIP: 0033:0x7f874478e929
[  163.763706][T12985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.763716][T12985] RSP: 002b:00007f87456d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.763726][T12985] RAX: ffffffffffffffda RBX: 00007f87449b5fa0 RCX: 00007f874478e929
[  163.763733][T12985] RDX: 0000000000048004 RSI: 0000200000000a80 RDI: 0000000000000004
[  163.763739][T12985] RBP: 00007f87456d0090 R08: 0000000000000000 R09: 0000000000000000
[  163.763745][T12985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.763751][T12985] R13: 0000000000000000 R14: 00007f87449b5fa0 R15: 00007fffec3ed528
[  163.763766][T12985]  </TASK>
[  163.766411][T11555] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.771915][T11555] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.953025][T11555] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.958403][T11555] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.206117][T12993] netlink: 1688 bytes leftover after parsing attributes in process `syz.2.2741'.
[  164.553242][ T5960] Bluetooth: hci1: command tx timeout
[  165.143487][T11555] smc: removing ib device syz1
[  165.186298][ T9585] syz1: Port: 1 Link DOWN
[  165.665446][T13008] vim2m vim2m.0: vidioc_s_fmt queue busy
[  165.721926][T13011] xt_TCPMSS: Only works on TCP SYN packets
[  165.728174][T13009] FAULT_INJECTION: forcing a failure.
[  165.728174][T13009] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  165.741979][T13009] CPU: 3 UID: 0 PID: 13009 Comm: syz.2.2746 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  165.742005][T13009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.742016][T13009] Call Trace:
[  165.742021][T13009]  <TASK>
[  165.742027][T13009]  dump_stack_lvl+0x16c/0x1f0
[  165.742057][T13009]  should_fail_ex+0x512/0x640
[  165.742091][T13009]  should_fail_alloc_page+0xe7/0x130
[  165.742117][T13009]  prepare_alloc_pages+0x3c2/0x610
[  165.742134][T13009]  ? rcu_is_watching+0x12/0xc0
[  165.742155][T13009]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  165.742181][T13009]  ? rcu_is_watching+0x12/0xc0
[  165.742200][T13009]  ? trace_mm_page_alloc+0x11f/0x1a0
[  165.742217][T13009]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  165.742238][T13009]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  165.742258][T13009]  ? is_bpf_text_address+0x8a/0x1a0
[  165.742276][T13009]  ? bpf_ksym_find+0x127/0x1c0
[  165.742299][T13009]  ? is_bpf_text_address+0x94/0x1a0
[  165.742318][T13009]  ? __lock_acquire+0x622/0x1c90
[  165.742332][T13009]  ? __kernel_text_address+0xd/0x40
[  165.742350][T13009]  ? unwind_get_return_address+0x59/0xa0
[  165.742374][T13009]  alloc_pages_bulk_noprof+0x71c/0x1410
[  165.742395][T13009]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.742418][T13009]  ? policy_nodemask+0xea/0x4e0
[  165.742446][T13009]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  165.742468][T13009]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  165.742503][T13009]  kasan_populate_vmalloc+0xf1/0x1f0
[  165.742529][T13009]  alloc_vmap_area+0x959/0x29c0
[  165.742567][T13009]  ? __pfx_alloc_vmap_area+0x10/0x10
[  165.742601][T13009]  __get_vm_area_node+0x1ca/0x330
[  165.742624][T13009]  __vmalloc_node_range_noprof+0x271/0x14b0
[  165.742644][T13009]  ? fpu_alloc_guest_fpstate+0x24/0x450
[  165.742666][T13009]  ? local_lock_release+0x99/0x140
[  165.742694][T13009]  ? fpu_alloc_guest_fpstate+0x24/0x450
[  165.742718][T13009]  ? rcu_read_unlock+0x17/0x60
[  165.742743][T13009]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  165.742765][T13009]  ? __memcg_slab_post_alloc_hook+0x4a0/0x960
[  165.742797][T13009]  ? fpu_alloc_guest_fpstate+0x24/0x450
[  165.742816][T13009]  __vmalloc_node_noprof+0xad/0xf0
[  165.742834][T13009]  ? fpu_alloc_guest_fpstate+0x24/0x450
[  165.742856][T13009]  fpu_alloc_guest_fpstate+0x24/0x450
[  165.742877][T13009]  kvm_arch_vcpu_create+0x54e/0xb20
[  165.742905][T13009]  kvm_vm_ioctl+0xf6f/0x3dd0
[  165.742932][T13009]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  165.742963][T13009]  ? kasan_quarantine_put+0x10a/0x240
[  165.742984][T13009]  ? lockdep_hardirqs_on+0x7c/0x110
[  165.743011][T13009]  ? find_held_lock+0x2b/0x80
[  165.743034][T13009]  ? tomoyo_path_number_perm+0x295/0x580
[  165.743062][T13009]  ? tomoyo_path_number_perm+0x18d/0x580
[  165.743091][T13009]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  165.743111][T13009]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.743131][T13009]  ? do_vfs_ioctl+0x523/0x1a60
[  165.743151][T13009]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  165.743177][T13009]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  165.743203][T13009]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  165.743235][T13009]  ? hook_file_ioctl_common+0x145/0x410
[  165.743259][T13009]  ? selinux_file_ioctl+0x180/0x270
[  165.743281][T13009]  ? selinux_file_ioctl+0xb4/0x270
[  165.743305][T13009]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  165.743321][T13009]  __x64_sys_ioctl+0x18e/0x210
[  165.743342][T13009]  do_syscall_64+0xcd/0x4c0
[  165.743368][T13009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.743385][T13009] RIP: 0033:0x7f874478e929
[  165.743398][T13009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.743434][T13009] RSP: 002b:00007f87456d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.743448][T13009] RAX: ffffffffffffffda RBX: 00007f87449b5fa0 RCX: 00007f874478e929
[  165.743459][T13009] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004
[  165.743467][T13009] RBP: 00007f87456d0090 R08: 0000000000000000 R09: 0000000000000000
[  165.743477][T13009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  165.743486][T13009] R13: 0000000000000000 R14: 00007f87449b5fa0 R15: 00007fffec3ed528
[  165.743509][T13009]  </TASK>
[  165.745051][T13009] syz.2.2746: vmalloc error: size 2496, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  165.934859][T13009] CPU: 3 UID: 0 PID: 13009 Comm: syz.2.2746 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  165.934884][T13009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.934895][T13009] Call Trace:
[  165.934900][T13009]  <TASK>
[  165.934907][T13009]  dump_stack_lvl+0x16c/0x1f0
[  165.934936][T13009]  warn_alloc+0x248/0x3a0
[  165.934961][T13009]  ? __pfx_warn_alloc+0x10/0x10
[  165.934986][T13009]  ? kfree+0x2b4/0x4d0
[  165.935010][T13009]  ? __get_vm_area_node+0x208/0x330
[  165.935034][T13009]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  165.935056][T13009]  ? local_lock_release+0x99/0x140
[  165.935092][T13009]  ? fpu_alloc_guest_fpstate+0x24/0x450
[  165.935117][T13009]  ? rcu_read_unlock+0x17/0x60
[  165.935142][T13009]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  165.935164][T13009]  ? __memcg_slab_post_alloc_hook+0x4a0/0x960
[  165.935197][T13009]  ? fpu_alloc_guest_fpstate+0x24/0x450
[  165.935216][T13009]  __vmalloc_node_noprof+0xad/0xf0
[  165.935234][T13009]  ? fpu_alloc_guest_fpstate+0x24/0x450
[  165.935257][T13009]  fpu_alloc_guest_fpstate+0x24/0x450
[  165.935279][T13009]  kvm_arch_vcpu_create+0x54e/0xb20
[  165.935308][T13009]  kvm_vm_ioctl+0xf6f/0x3dd0
[  165.935335][T13009]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  165.935365][T13009]  ? kasan_quarantine_put+0x10a/0x240
[  165.935386][T13009]  ? lockdep_hardirqs_on+0x7c/0x110
[  165.935410][T13009]  ? find_held_lock+0x2b/0x80
[  165.935433][T13009]  ? tomoyo_path_number_perm+0x295/0x580
[  165.935458][T13009]  ? tomoyo_path_number_perm+0x18d/0x580
[  165.935481][T13009]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  165.935502][T13009]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.935524][T13009]  ? do_vfs_ioctl+0x523/0x1a60
[  165.935545][T13009]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  165.935572][T13009]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  165.935599][T13009]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  165.935632][T13009]  ? hook_file_ioctl_common+0x145/0x410
[  165.935657][T13009]  ? selinux_file_ioctl+0x180/0x270
[  165.935679][T13009]  ? selinux_file_ioctl+0xb4/0x270
[  165.935702][T13009]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  165.935721][T13009]  __x64_sys_ioctl+0x18e/0x210
[  165.935745][T13009]  do_syscall_64+0xcd/0x4c0
[  165.935774][T13009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.935795][T13009] RIP: 0033:0x7f874478e929
[  165.935810][T13009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.935829][T13009] RSP: 002b:00007f87456d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.935848][T13009] RAX: ffffffffffffffda RBX: 00007f87449b5fa0 RCX: 00007f874478e929
[  165.935862][T13009] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004
[  165.935874][T13009] RBP: 00007f87456d0090 R08: 0000000000000000 R09: 0000000000000000
[  165.935885][T13009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  165.935896][T13009] R13: 0000000000000000 R14: 00007f87449b5fa0 R15: 00007fffec3ed528
[  165.935923][T13009]  </TASK>
[  165.935930][T13009] Mem-Info:
[  166.065377][T13009] active_anon:15465 inactive_anon:0 isolated_anon:0
[  166.065377][T13009]  active_file:3890 inactive_file:54045 isolated_file:0
[  166.065377][T13009]  unevictable:1768 dirty:213 writeback:0
[  166.065377][T13009]  slab_reclaimable:12177 slab_unreclaimable:75875
[  166.065377][T13009]  mapped:23217 shmem:2408 pagetables:1311
[  166.065377][T13009]  sec_pagetables:313 bounce:0
[  166.065377][T13009]  kernel_misc_reclaimable:0
[  166.065377][T13009]  free:431362 free_pcp:17006 free_cma:0
[  166.084046][T13009] Node 0 active_anon:61860kB inactive_anon:0kB active_file:15560kB inactive_file:215980kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:92868kB dirty:848kB writeback:0kB shmem:6096kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:14320kB pagetables:5044kB sec_pagetables:1252kB all_unreclaimable? no Balloon:0kB
[  166.093461][T13013] netlink: 'syz.3.2748': attribute type 1 has an invalid length.
[  166.103028][T13009] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:144kB pagetables:200kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  166.103153][T13009] Node 0 DMA free:14940kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:204kB local_pcp:60kB free_cma:0kB
[  166.103205][T13009] lowmem_reserve[]: 0 1234 1234 1234 1234
[  166.103241][T13009] Node 0 DMA32 free:93292kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:61860kB inactive_anon:0kB active_file:15560kB inactive_file:215980kB unevictable:3536kB writepending:848kB present:2080628kB managed:1264184kB mlocked:0kB bounce:0kB free_pcp:47920kB local_pcp:10972kB free_cma:0kB
[  166.103292][T13009] lowmem_reserve[]: 0 0 0 0 0
[  166.103324][T13009] Node 1 Normal free:1605304kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB writepending:4kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:20336kB local_pcp:7716kB free_cma:0kB
[  166.103370][T13009] lowmem_reserve[]: 0 0 0 0 0
[  166.103400][T13009] Node 0 DMA: 21*4kB (UM) 33*8kB (UM) 22*16kB (UM) 13*32kB (UME) 18*64kB (UME) 5*128kB (UME) 5*256kB (UME) 5*512kB (UME) 4*1024kB (ME) 2*2048kB (M) 0*4096kB = 14940kB
[  166.103544][T13009] Node 0 DMA32: 30*4kB (UME) 328*8kB (ME) 171*16kB (UME) 129*32kB (UME) 188*64kB (UME) 105*128kB (UME) 65*256kB (UME) 41*512kB (UM) 14*1024kB (UM) 3*2048kB (UM) 0*4096kB = 93192kB
[  166.103690][T13009] Node 1 Normal: 8*4kB (UME) 11*8kB (UME) 14*16kB (UME) 89*32kB (UME) 43*64kB (UE) 11*128kB (UME) 4*256kB (UME) 5*512kB (UE) 3*1024kB (UE) 3*2048kB (UM) 387*4096kB (M) = 1605304kB
[  166.103841][T13009] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  166.103856][T13009] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  166.103870][T13009] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  166.103884][T13009] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  166.103898][T13009] 60340 total pagecache pages
[  166.103905][T13009] 0 pages in swap cache
[  166.103911][T13009] Free swap  = 124940kB
[  166.103918][T13009] Total swap = 124996kB
[  166.103926][T13009] 1048443 pages RAM
[  166.103932][T13009] 0 pages HighMem/MovableOnly
[  166.103938][T13009] 283068 pages reserved
[  166.103945][T13009] 0 pages cma reserved
[  166.103953][T13009] kvm: failed to allocate vcpu's fpu
[  166.124316][   T63] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  166.214762][   T63] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  166.217850][   T63] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  166.223439][   T63] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  166.226179][   T63] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  166.286426][T13017] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.291285][T13017] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.299964][T11556] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  166.305923][T11556] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.622644][T11556] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  166.626706][T11556] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.666599][T13014] chnl_net:caif_netlink_parms(): no params data found
[  167.093349][T11556] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  167.098280][T11556] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.206638][T11556] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  167.210874][T11556] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.458439][T13014] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.461646][T13014] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.464039][T13014] bridge_slave_0: entered allmulticast mode
[  167.467187][T13014] bridge_slave_0: entered promiscuous mode
[  167.470647][T13014] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.472907][T13014] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.475242][T13014] bridge_slave_1: entered allmulticast mode
[  167.478036][T13014] bridge_slave_1: entered promiscuous mode
[  167.598960][T13014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  167.620445][T13014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  167.737783][T13014] team0: Port device team_slave_0 added
[  167.743154][T11556] veth0_to_bridge: left allmulticast mode
[  167.745534][T11556] veth0_to_bridge: left promiscuous mode
[  167.748039][T11556] bridge0: port 2(veth0_to_bridge) entered disabled state
[  167.753776][T11556] bridge_slave_0: left allmulticast mode
[  167.756145][T11556] bridge_slave_0: left promiscuous mode
[  167.758662][T11556] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.951116][ T5960] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  167.956541][ T5960] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  167.959719][ T5960] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  167.962948][ T5960] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  167.966433][ T5960] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  168.113864][T11556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.118626][T11556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.123975][T11556] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  168.127719][T11556] bond0 (unregistering): Released all slaves
[  168.136006][T11556] bond1 (unregistering): Released all slaves
[  168.143240][T13014] team0: Port device team_slave_1 added
[  168.216740][T13014] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.220394][T13014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.231246][T13014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  168.258019][T13014] batman_adv: batadv0: Adding interface: batadv_slave_1
[  168.260672][T13014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.269461][T13014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  168.392082][T13041] FAULT_INJECTION: forcing a failure.
[  168.392082][T13041] name failslab, interval 1, probability 0, space 0, times 0
[  168.396573][T13041] CPU: 1 UID: 0 PID: 13041 Comm: syz.2.2755 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  168.396589][T13041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.396596][T13041] Call Trace:
[  168.396600][T13041]  <TASK>
[  168.396604][T13041]  dump_stack_lvl+0x16c/0x1f0
[  168.396624][T13041]  should_fail_ex+0x512/0x640
[  168.396641][T13041]  should_failslab+0xc2/0x120
[  168.396658][T13041]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  168.396674][T13041]  ? nf_hook+0x3a9/0x680
[  168.396684][T13041]  ? dst_alloc+0x99/0x1a0
[  168.396697][T13041]  ? __pfx_ip_mc_finish_output+0x10/0x10
[  168.396709][T13041]  dst_alloc+0x99/0x1a0
[  168.396724][T13041]  rt_dst_clone+0x5a/0x860
[  168.396737][T13041]  ip_mc_finish_output+0xb0/0x680
[  168.396750][T13041]  ip_mc_output+0x4e3/0x6a0
[  168.396762][T13041]  ? __pfx_ip_mc_output+0x10/0x10
[  168.396774][T13041]  ip_send_skb+0x329/0x560
[  168.396786][T13041]  udp_send_skb+0x71d/0x15b0
[  168.396809][T13041]  udp_sendmsg+0x18f0/0x29f0
[  168.396821][T13041]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  168.396835][T13041]  ? __pfx_udp_sendmsg+0x10/0x10
[  168.396846][T13041]  ? avc_has_perm+0x11a/0x1c0
[  168.396871][T13041]  ? __import_iovec+0x1dd/0x650
[  168.396887][T13041]  ? __might_fault+0xe3/0x190
[  168.396901][T13041]  ? __might_fault+0x13b/0x190
[  168.396914][T13041]  ? __pfx_udp_sendmsg+0x10/0x10
[  168.396926][T13041]  inet_sendmsg+0x105/0x140
[  168.396940][T13041]  ____sys_sendmsg+0x973/0xc70
[  168.396954][T13041]  ? copy_msghdr_from_user+0x10a/0x160
[  168.396969][T13041]  ? __pfx_____sys_sendmsg+0x10/0x10
[  168.396982][T13041]  ? __pfx__kstrtoull+0x10/0x10
[  168.396997][T13041]  ___sys_sendmsg+0x134/0x1d0
[  168.397013][T13041]  ? __pfx____sys_sendmsg+0x10/0x10
[  168.397034][T13041]  ? find_held_lock+0x2b/0x80
[  168.397058][T13041]  __sys_sendmmsg+0x200/0x420
[  168.397074][T13041]  ? __pfx___sys_sendmmsg+0x10/0x10
[  168.397094][T13041]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  168.397123][T13041]  ? fput+0x70/0xf0
[  168.397137][T13041]  ? ksys_write+0x1ac/0x250
[  168.397157][T13041]  ? __pfx_ksys_write+0x10/0x10
[  168.397184][T13041]  __x64_sys_sendmmsg+0x9c/0x100
[  168.397204][T13041]  ? lockdep_hardirqs_on+0x7c/0x110
[  168.397225][T13041]  do_syscall_64+0xcd/0x4c0
[  168.397257][T13041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.397273][T13041] RIP: 0033:0x7f874478e929
[  168.397287][T13041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.397304][T13041] RSP: 002b:00007f87456d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  168.397320][T13041] RAX: ffffffffffffffda RBX: 00007f87449b5fa0 RCX: 00007f874478e929
[  168.397327][T13041] RDX: 0000000000000300 RSI: 0000200000004d00 RDI: 0000000000000006
[  168.397333][T13041] RBP: 00007f87456d0090 R08: 0000000000000000 R09: 0000000000000000
[  168.397340][T13041] R10: 0000000000000f00 R11: 0000000000000246 R12: 0000000000000001
[  168.397346][T13041] R13: 0000000000000000 R14: 00007f87449b5fa0 R15: 00007fffec3ed528
[  168.397360][T13041]  </TASK>
[  168.401838][ T5960] Bluetooth: hci1: command tx timeout
[  168.563523][T13014] hsr_slave_0: entered promiscuous mode
[  168.566949][T13014] hsr_slave_1: entered promiscuous mode
[  168.569939][T13014] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  168.576983][T13014] Cannot create hsr debugfs directory
[  168.793495][T11556] hsr_slave_0: left promiscuous mode
[  168.796794][T11556] hsr_slave_1: left promiscuous mode
[  168.799584][T11556] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.802702][T11556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  168.807675][T11556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.811163][T11556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  168.841947][T11556] veth1_macvtap: left promiscuous mode
[  168.844266][T11556] veth0_macvtap: left promiscuous mode
[  168.846641][T11556] veth1_vlan: left promiscuous mode
[  168.848843][T11556] veth0_vlan: left promiscuous mode
[  169.617732][T11556] team0 (unregistering): Port device team_slave_1 removed
[  169.690013][T11556] team0 (unregistering): Port device team_slave_0 removed
[  170.196022][T13032] chnl_net:caif_netlink_parms(): no params data found
[  170.208507][ T5960] Bluetooth: hci3: command tx timeout
[  170.233808][T13062] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2764'.
[  170.237617][   T40] audit: type=1400 audit(2000000021.710:605): avc:  denied  { map } for  pid=13063 comm="syz.3.2765" path="pipe:[48850]" dev="pipefs" ino=48850 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  170.246904][   T40] audit: type=1400 audit(2000000021.710:606): avc:  denied  { execute } for  pid=13063 comm="syz.3.2765" path="pipe:[48850]" dev="pipefs" ino=48850 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  170.394037][T13032] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.400865][T13032] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.403150][T13032] bridge_slave_0: entered allmulticast mode
[  170.406782][T13032] bridge_slave_0: entered promiscuous mode
[  170.411122][T13032] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.413830][T13032] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.416514][T13032] bridge_slave_1: entered allmulticast mode
[  170.420118][T13032] bridge_slave_1: entered promiscuous mode
[  170.512922][T13032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.523006][T13032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.553045][T13014] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  170.575233][T13014] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  170.586664][T13032] team0: Port device team_slave_0 added
[  170.589418][T13014] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  170.595192][T13014] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  170.603492][T13032] team0: Port device team_slave_1 added
[  170.671439][T13032] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.674776][T13032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.686114][T13032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.699605][T13032] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.699653][   T40] audit: type=1400 audit(2000000022.140:607): avc:  denied  { validate_trans } for  pid=13085 comm="syz.2.2771" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  170.708230][   T40] audit: type=1400 audit(2000000022.150:608): avc:  denied  { write } for  pid=13085 comm="syz.2.2771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  170.710838][T13032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.723382][ T5960] Bluetooth: hci1: command tx timeout
[  170.726442][T13032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.804992][T13032] hsr_slave_0: entered promiscuous mode
[  170.807832][T13032] hsr_slave_1: entered promiscuous mode
[  170.817207][T13096] vxlan1: entered promiscuous mode
[  170.820142][T13096] vxlan1: entered allmulticast mode
[  170.907297][T11552] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.999583][T13102] tipc: Enabled bearer <eth:ipvlan1>, priority 10
[  171.039769][T11552] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.056751][T13014] 8021q: adding VLAN 0 to HW filter on device bond0
[  171.098957][T13014] 8021q: adding VLAN 0 to HW filter on device team0
[  171.110154][T11550] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.112509][T11550] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.115786][T11550] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.118128][T11550] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.132830][T13117] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2783'.
[  171.139351][T11552] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.164790][   T40] audit: type=1400 audit(2000000022.580:609): avc:  denied  { bind } for  pid=13118 comm="syz.2.2784" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  171.221815][T11552] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.270977][T13129] FAULT_INJECTION: forcing a failure.
[  171.270977][T13129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.276040][T13129] CPU: 2 UID: 0 PID: 13129 Comm: syz.3.2787 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  171.276055][T13129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.276062][T13129] Call Trace:
[  171.276066][T13129]  <TASK>
[  171.276070][T13129]  dump_stack_lvl+0x16c/0x1f0
[  171.276090][T13129]  should_fail_ex+0x512/0x640
[  171.276107][T13129]  _copy_to_user+0x32/0xd0
[  171.276124][T13129]  simple_read_from_buffer+0xcb/0x170
[  171.276140][T13129]  proc_fail_nth_read+0x197/0x270
[  171.276155][T13129]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  171.276170][T13129]  ? rw_verify_area+0xcf/0x680
[  171.276183][T13129]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  171.276197][T13129]  vfs_read+0x1e1/0xc60
[  171.276213][T13129]  ? __pfx___mutex_lock+0x10/0x10
[  171.276229][T13129]  ? __pfx_vfs_read+0x10/0x10
[  171.276246][T13129]  ? __fget_files+0x20e/0x3c0
[  171.276266][T13129]  ksys_read+0x12a/0x250
[  171.276279][T13129]  ? __pfx_ksys_read+0x10/0x10
[  171.276294][T13129]  ? fput+0x70/0xf0
[  171.276312][T13129]  do_syscall_64+0xcd/0x4c0
[  171.276329][T13129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.276341][T13129] RIP: 0033:0x7fac1ed8d33c
[  171.276349][T13129] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  171.276360][T13129] RSP: 002b:00007fac1cbf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  171.276370][T13129] RAX: ffffffffffffffda RBX: 00007fac1efb5fa0 RCX: 00007fac1ed8d33c
[  171.276377][T13129] RDX: 000000000000000f RSI: 00007fac1cbf60a0 RDI: 0000000000000006
[  171.276383][T13129] RBP: 00007fac1cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  171.276389][T13129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  171.276396][T13129] R13: 0000000000000000 R14: 00007fac1efb5fa0 R15: 00007fffa10a8d98
[  171.276409][T13129]  </TASK>
[  171.288906][T13014] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.404475][T11552] bridge_slave_1: left allmulticast mode
[  171.409807][T11552] bridge_slave_1: left promiscuous mode
[  171.411795][T11552] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.415981][T11552] bridge_slave_0: left allmulticast mode
[  171.418159][T11552] bridge_slave_0: left promiscuous mode
[  171.419994][T11552] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.669739][T11552] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  171.674681][T11552] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  171.678554][T11552] bond0 (unregistering): Released all slaves
[  171.763034][T13014] veth0_vlan: entered promiscuous mode
[  171.774700][T13014] veth1_vlan: entered promiscuous mode
[  171.802794][T13014] veth0_macvtap: entered promiscuous mode
[  171.807506][T13014] veth1_macvtap: entered promiscuous mode
[  171.847544][T13014] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.851776][T13014] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.859115][T13014] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.861735][T13014] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.864483][T13014] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.867165][T13014] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.916151][T11554] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.918576][T11554] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.956053][T11550] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.958492][T11550] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.027728][T11552] hsr_slave_0: left promiscuous mode
[  172.029854][T11552] hsr_slave_1: left promiscuous mode
[  172.031916][T11552] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.034357][T11552] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.037996][T11552] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.040309][T11552] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.058804][   T40] audit: type=1400 audit(2000000023.422:610): avc:  denied  { unmount } for  pid=13014 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  172.063269][T11552] veth1_macvtap: left promiscuous mode
[  172.067586][T11552] veth0_macvtap: left promiscuous mode
[  172.069480][T11552] veth1_vlan: left promiscuous mode
[  172.071213][T11552] veth0_vlan: left promiscuous mode
[  172.080605][ T5987] tipc: Node number set to 1979127850
[  172.231512][T13161] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2794'.
[  172.424433][ T5960] Bluetooth: hci3: command tx timeout
[  172.739320][T11552] team0 (unregistering): Port device team_slave_1 removed
[  172.812504][T11552] team0 (unregistering): Port device team_slave_0 removed
[  172.935212][ T5960] Bluetooth: hci1: command tx timeout
[  173.419100][   T40] audit: type=1400 audit(2000000024.694:611): avc:  denied  { ioctl } for  pid=13173 comm="syz.5.2803" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0xae89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  173.466870][T13180] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2805'.
[  173.555019][T13032] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  173.573353][T13032] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  173.594246][T13032] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  173.602840][T13032] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  173.697155][T13032] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.708352][T13032] 8021q: adding VLAN 0 to HW filter on device team0
[  173.715643][T11554] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.718044][T11554] bridge0: port 1(bridge_slave_0) entered forwarding state
[  173.727752][T11554] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.729981][T11554] bridge0: port 2(bridge_slave_1) entered forwarding state
[  173.883849][T13032] 8021q: adding VLAN 0 to HW filter on device batadv0
[  173.910485][T13032] veth0_vlan: entered promiscuous mode
[  173.915337][T13032] veth1_vlan: entered promiscuous mode
[  173.917351][T13217] Cannot find add_set index 0 as target
[  173.937629][T13032] veth0_macvtap: entered promiscuous mode
[  173.946474][T13032] veth1_macvtap: entered promiscuous mode
[  173.980586][T13221] dummy0: entered promiscuous mode
[  174.007971][T13032] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.016814][T13032] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.023954][T13032] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.027676][T13032] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.031666][T13032] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.034356][T13032] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.127831][T11552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.134464][T11552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.169124][T11552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.174028][T11552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.349480][T13243] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2829'.
[  174.472212][   T40] audit: type=1400 audit(2000000025.667:612): avc:  denied  { map } for  pid=13249 comm="syz.2.2832" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  174.499637][   T40] audit: type=1400 audit(2000000025.704:613): avc:  denied  { setattr } for  pid=13249 comm="syz.2.2832" name="hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  174.666584][   T40] audit: type=1400 audit(2000000025.854:614): avc:  denied  { setopt } for  pid=13262 comm="syz.5.2837" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  174.825120][T13273] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2840'.
[  174.917094][T13281] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2845'.
[  174.943324][T13288] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2846'.
[  174.971289][T13292] Cannot find del_set index 85 as target
[  175.034508][T13295] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  175.037557][T13295] batadv_slave_0: entered promiscuous mode
[  175.168826][ T5960] Bluetooth: hci1: command tx timeout
[  175.920197][T13300] input: syz0 as /devices/virtual/input/input20
[  175.951706][T13305] netlink: 1688 bytes leftover after parsing attributes in process `syz.2.2853'.
[  176.012280][T13314] 9pnet_fd: Insufficient options for proto=fd
[  176.016549][T13315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.019529][T13315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.077468][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  176.077479][   T40] audit: type=1400 audit(2000000027.173:617): avc:  denied  { mount } for  pid=13318 comm="syz.2.2859" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  176.086418][   T40] audit: type=1400 audit(2000000027.173:618): avc:  denied  { mounton } for  pid=13318 comm="syz.2.2859" path="/695/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  176.108018][   T40] audit: type=1400 audit(2000000027.201:619): avc:  denied  { unmount } for  pid=13318 comm="syz.2.2859" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  176.315493][   T40] audit: type=1400 audit(2000000027.397:620): avc:  denied  { associate } for  pid=13327 comm="syz.5.2863" name="file1" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  176.323065][   T40] audit: type=1400 audit(2000000027.397:621): avc:  denied  { read write } for  pid=13327 comm="syz.5.2863" name="file1" dev="9p" ino=36438168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  176.335568][   T40] audit: type=1400 audit(2000000027.397:622): avc:  denied  { open } for  pid=13327 comm="syz.5.2863" path="/26/file0/file1" dev="9p" ino=36438168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  176.344088][   T40] audit: type=1400 audit(2000000027.416:623): avc:  denied  { lock } for  pid=13327 comm="syz.5.2863" path="/26/file0/file1" dev="9p" ino=36438168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  176.348812][T11523] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.932825][   T40] audit: type=1800 audit(2000000027.968:624): pid=13338 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.2865" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  176.945593][T13339] netlink: 1688 bytes leftover after parsing attributes in process `syz.2.2864'.
[  177.076290][T13349] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2868'.
[  177.084435][   T63] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  177.087445][   T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  177.090486][   T63] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  177.095528][   T63] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  177.099257][   T63] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  177.149107][T13353] input: syz0 as /devices/virtual/input/input21
[  177.176984][   T40] audit: type=1400 audit(2000000028.202:625): avc:  denied  { override_creds } for  pid=13354 comm="syz.3.2871" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  177.240779][T13366] Cannot find add_set index 0 as target
[  177.261320][T13367] netlink: 1688 bytes leftover after parsing attributes in process `syz.3.2874'.
[  177.277079][T13350] chnl_net:caif_netlink_parms(): no params data found
[  177.332164][T13378] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2878'.
[  177.337394][T13373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2876'.
[  177.389985][   T40] audit: type=1400 audit(2000000028.398:626): avc:  denied  { create } for  pid=13386 comm="syz.2.2880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  177.437521][T13350] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.439793][T13350] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.441928][T13350] bridge_slave_0: entered allmulticast mode
[  177.444437][T13350] bridge_slave_0: entered promiscuous mode
[  177.447736][T13350] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.449911][T13350] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.452075][T13350] bridge_slave_1: entered allmulticast mode
[  177.454595][T13350] bridge_slave_1: entered promiscuous mode
[  177.489364][T13350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.494032][T13350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.546500][T13350] team0: Port device team_slave_0 added
[  177.550372][T13350] team0: Port device team_slave_1 added
[  177.553839][T13397] netlink: 'syz.5.2884': attribute type 72 has an invalid length.
[  177.586692][T13350] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.589315][T13350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.599411][T13350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.603471][T13350] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.605578][T13350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.616156][T13350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.642181][T13403] input: syz0 as /devices/virtual/input/input22
[  177.678260][T13407] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2889'.
[  177.695375][T13350] hsr_slave_0: entered promiscuous mode
[  177.703614][T13350] hsr_slave_1: entered promiscuous mode
[  177.707111][T13350] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  177.709466][T13350] Cannot create hsr debugfs directory
[  177.716654][T13414] binder: BINDER_SET_CONTEXT_MGR already set
[  177.718628][T13414] binder: 13411:13414 ioctl 4018620d 2000000000c0 returned -16
[  177.725928][T13414] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2891'.
[  177.732892][T13413] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2891'.
[  177.778233][T13416] netlink: 'syz.5.2893': attribute type 72 has an invalid length.
[  177.875408][T13422] Cannot find add_set index 0 as target
[  177.969215][T13433] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2900'.
[  178.022527][T13437] netlink: 'syz.3.2902': attribute type 2 has an invalid length.
[  178.026938][T13437] netlink: 'syz.3.2902': attribute type 11 has an invalid length.
[  178.137337][T11523] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.231666][T11523] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.281295][T11523] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.312886][T13456] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  178.449238][T11523] bridge_slave_1: left allmulticast mode
[  178.451128][T11523] bridge_slave_1: left promiscuous mode
[  178.453318][T11523] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.456819][T11523] bridge_slave_0: left allmulticast mode
[  178.458600][T11523] bridge_slave_0: left promiscuous mode
[  178.461156][T11523] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.513330][T13465] xt_hashlimit: size too large, truncated to 1048576
[  178.525496][T13465] syz.5.2914: vmalloc error: size 10485760, failed to allocated page array size 20480, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  178.532539][T13465] CPU: 1 UID: 0 PID: 13465 Comm: syz.5.2914 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  178.532556][T13465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.532574][T13465] Call Trace:
[  178.532578][T13465]  <TASK>
[  178.532583][T13465]  dump_stack_lvl+0x16c/0x1f0
[  178.532602][T13465]  warn_alloc+0x248/0x3a0
[  178.532619][T13465]  ? __pfx_warn_alloc+0x10/0x10
[  178.532639][T13465]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  178.532653][T13465]  ? __vmalloc_node_noprof+0xad/0xf0
[  178.532667][T13465]  __vmalloc_node_range_noprof+0x101b/0x14b0
[  178.532684][T13465]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  178.532699][T13465]  ? rcu_is_watching+0x12/0xc0
[  178.532716][T13465]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  178.532729][T13465]  ? __alloc_pages_noprof+0xb/0x1b0
[  178.532743][T13465]  ? ___kmalloc_large_node+0x84/0x1e0
[  178.532757][T13465]  __kvmalloc_node_noprof+0x30a/0x620
[  178.532771][T13465]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  178.532785][T13465]  ? net_generic+0xea/0x2a0
[  178.532796][T13465]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  178.532812][T13465]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  178.532825][T13465]  hashlimit_mt_check_common+0x8bb/0x1460
[  178.532842][T13465]  hashlimit_mt_check+0x71/0x90
[  178.532854][T13465]  ? __pfx_hashlimit_mt_check+0x10/0x10
[  178.532867][T13465]  xt_check_match+0x286/0xa50
[  178.532879][T13465]  ? mem_cgroup_css_alloc+0x1d12/0x1e80
[  178.532894][T13465]  ? __pfx_xt_check_match+0x10/0x10
[  178.532908][T13465]  ? xt_find_target+0x1f2/0x290
[  178.532922][T13465]  ? xt_find_match+0x1f6/0x290
[  178.532936][T13465]  find_check_entry.constprop.0+0x34e/0xa20
[  178.532954][T13465]  ? __pfx_find_check_entry.constprop.0+0x10/0x10
[  178.532972][T13465]  ? kasan_quarantine_put+0x10a/0x240
[  178.532988][T13465]  ? lockdep_hardirqs_on+0x7c/0x110
[  178.533005][T13465]  ? kfree+0x2b4/0x4d0
[  178.533016][T13465]  ? translate_table+0xc0e/0x17b0
[  178.533030][T13465]  translate_table+0xd0b/0x17b0
[  178.533048][T13465]  ? __pfx_translate_table+0x10/0x10
[  178.533060][T13465]  ? xt_alloc_table_info+0x3e/0xa0
[  178.533075][T13465]  do_ip6t_set_ctl+0x570/0xb00
[  178.533087][T13465]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  178.533102][T13465]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  178.533116][T13465]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  178.533140][T13465]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  178.533153][T13465]  nf_setsockopt+0x8a/0xf0
[  178.533165][T13465]  ipv6_setsockopt+0x135/0x170
[  178.533179][T13465]  rawv6_setsockopt+0xc2/0x510
[  178.533197][T13465]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  178.533215][T13465]  ? selinux_socket_setsockopt+0x6a/0x80
[  178.533232][T13465]  ? sock_common_setsockopt+0x2e/0xf0
[  178.533250][T13465]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  178.533268][T13465]  do_sock_setsockopt+0x221/0x470
[  178.533285][T13465]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  178.533311][T13465]  __sys_setsockopt+0x1a0/0x230
[  178.533328][T13465]  __x64_sys_setsockopt+0xbd/0x160
[  178.533341][T13465]  ? do_syscall_64+0x91/0x4c0
[  178.533356][T13465]  ? lockdep_hardirqs_on+0x7c/0x110
[  178.533371][T13465]  do_syscall_64+0xcd/0x4c0
[  178.533387][T13465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.533399][T13465] RIP: 0033:0x7f893bd8e929
[  178.533408][T13465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.533418][T13465] RSP: 002b:00007f893cb9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  178.533428][T13465] RAX: ffffffffffffffda RBX: 00007f893bfb5fa0 RCX: 00007f893bd8e929
[  178.533435][T13465] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 000000000000004b
[  178.533441][T13465] RBP: 00007f893be10b39 R08: 0000000000000588 R09: 0000000000000000
[  178.533448][T13465] R10: 00002000000014c0 R11: 0000000000000246 R12: 0000000000000000
[  178.533454][T13465] R13: 0000000000000000 R14: 00007f893bfb5fa0 R15: 00007ffc4b336278
[  178.533468][T13465]  </TASK>
[  178.533483][T13465] Mem-Info:
[  178.673064][T13465] active_anon:31982 inactive_anon:0 isolated_anon:0
[  178.673064][T13465]  active_file:3890 inactive_file:54054 isolated_file:0
[  178.673064][T13465]  unevictable:1768 dirty:290 writeback:0
[  178.673064][T13465]  slab_reclaimable:12397 slab_unreclaimable:76503
[  178.673064][T13465]  mapped:26106 shmem:18756 pagetables:1432
[  178.673064][T13465]  sec_pagetables:310 bounce:0
[  178.673064][T13465]  kernel_misc_reclaimable:0
[  178.673064][T13465]  free:421544 free_pcp:4923 free_cma:0
[  178.687077][T13465] Node 0 active_anon:127920kB inactive_anon:0kB active_file:15560kB inactive_file:216016kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:104504kB dirty:1168kB writeback:0kB shmem:71492kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:14512kB pagetables:5460kB sec_pagetables:1240kB all_unreclaimable? yes Balloon:0kB
[  178.698352][T13465] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:144kB pagetables:200kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  178.707928][T13465] Node 0 DMA free:11212kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  178.716626][T13465] lowmem_reserve[]: 0 1234 1234 1234 1234
[  178.718536][T13465] Node 0 DMA32 free:47272kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:127920kB inactive_anon:0kB active_file:15560kB inactive_file:216016kB unevictable:3536kB writepending:1168kB present:2080628kB managed:1264184kB mlocked:0kB bounce:0kB free_pcp:19660kB local_pcp:1356kB free_cma:0kB
[  178.729426][T13465] lowmem_reserve[]: 0 0 0 0 0
[  178.730912][T13465] Node 1 Normal free:1627692kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB writepending:4kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB
[  178.740244][T13465] lowmem_reserve[]: 0 0 0 0 0
[  178.741760][T13465] Node 0 DMA: 1*4kB (U) 3*8kB (U) 3*16kB (U) 4*32kB (UE) 4*64kB (UE) 4*128kB (UE) 4*256kB (UE) 2*512kB (UE) 2*1024kB (UE) 3*2048kB (M) 0*4096kB = 11212kB
[  178.746524][T13465] Node 0 DMA32: 0*4kB 1*8kB (E) 0*16kB 588*32kB (UME) 326*64kB (UE) 57*128kB (U) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 47240kB
[  178.750953][T13465] Node 1 Normal: 7*4kB (UE) 20*8kB (UME) 29*16kB (UME) 201*32kB (UME) 82*64kB (UME) 28*128kB (UME) 4*256kB (UE) 8*512kB (UME) 3*1024kB (UE) 1*2048kB (U) 391*4096kB (UM) = 1627692kB
[  178.756297][T13465] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  178.759108][T13465] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  178.762316][T13465] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  178.765228][T13465] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  178.767978][T13465] 76698 total pagecache pages
[  178.769430][T13465] 0 pages in swap cache
[  178.770701][T13465] Free swap  = 124940kB
[  178.772133][T13465] Total swap = 124996kB
[  178.773452][T13465] 1048443 pages RAM
[  178.774672][T13465] 0 pages HighMem/MovableOnly
[  178.776117][T13465] 283068 pages reserved
[  178.777427][T13465] 0 pages cma reserved
[  178.851727][T11523] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.855517][T11523] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  178.859567][T11523] bond0 (unregistering): Released all slaves
[  178.871459][T13466] mac80211_hwsim hwsim20 wlan0: entered promiscuous mode
[  178.875679][T13466] macvtap1: entered allmulticast mode
[  178.877389][T13466] mac80211_hwsim hwsim20 wlan0: entered allmulticast mode
[  178.882734][T13466] mac80211_hwsim hwsim20 wlan0: left allmulticast mode
[  178.885035][T13466] mac80211_hwsim hwsim20 wlan0: left promiscuous mode
[  179.011919][T13473] Cannot find add_set index 0 as target
[  179.123918][    C3] net_ratelimit: 78601 callbacks suppressed
[  179.123928][    C3] IPv4: Oversized IP packet from 172.20.20.24
[  179.162795][   T10] IPVS: starting estimator thread 0...
[  179.212990][T13489] virtio-fs: tag </dev/sg0> not found
[  179.252802][T13483] IPVS: using max 28 ests per chain, 67200 per kthread
[  179.263699][   T63] Bluetooth: hci3: command tx timeout
[  179.294673][T11523] hsr_slave_0: left promiscuous mode
[  179.299582][T11523] hsr_slave_1: left promiscuous mode
[  179.302543][T11523] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  179.305687][T11523] batman_adv: batadv0: Removing interface: batadv_slave_0
[  179.310620][T11523] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.313793][T11523] batman_adv: batadv0: Removing interface: batadv_slave_1
[  179.345090][T11523] veth1_macvtap: left promiscuous mode
[  179.346922][T11523] veth0_macvtap: left promiscuous mode
[  179.349089][T11523] veth1_vlan: left promiscuous mode
[  179.350837][T11523] veth0_vlan: left promiscuous mode
[  179.981338][T11523] team0 (unregistering): Port device team_slave_1 removed
[  180.051044][T11523] team0 (unregistering): Port device team_slave_0 removed
[  180.620242][T13350] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  180.636009][T13350] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  180.643128][T13509] Cannot find del_set index 85 as target
[  180.645097][T13350] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  180.651021][T13350] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  180.723806][T13350] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.739060][T13350] 8021q: adding VLAN 0 to HW filter on device team0
[  180.752402][T11543] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.754593][T11543] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.757753][T11543] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.760071][T11543] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.982807][T13350] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.028740][T13350] veth0_vlan: entered promiscuous mode
[  181.051641][T13350] veth1_vlan: entered promiscuous mode
[  181.069394][T13350] veth0_macvtap: entered promiscuous mode
[  181.081804][T13350] veth1_macvtap: entered promiscuous mode
[  181.100739][T13350] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.113744][T13350] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.121544][T13548] binder_alloc: 13547: binder_alloc_buf, no vma
[  181.122164][T13350] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.127785][T13350] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.144254][T13350] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.148075][T13350] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.206115][T11523] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.209295][T11523] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.227054][T11543] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.229507][T11543] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.586949][T13574] input: syz0 as /devices/virtual/input/input25
[  181.673597][T13578] PKCS7: Unknown OID: [4] 5.25.43204.122
[  181.675827][T13578] PKCS7: Only support pkcs7_signedData type
[  181.856749][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  181.856761][   T40] audit: type=1400 audit(2000000032.579:628): avc:  denied  { create } for  pid=13592 comm="syz.5.2955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  181.866822][   T40] audit: type=1400 audit(2000000032.579:629): avc:  denied  { read } for  pid=13592 comm="syz.5.2955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  182.031547][   T40] audit: type=1400 audit(2000000032.739:630): avc:  denied  { setopt } for  pid=13600 comm="syz.3.2959" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  182.140974][T13608] __nla_validate_parse: 4 callbacks suppressed
[  182.140985][T13608] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2961'.
[  182.504965][T13638] syzkaller1: entered promiscuous mode
[  182.506967][T13638] syzkaller1: entered allmulticast mode
[  182.580006][T13643] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2977'.
[  182.813422][T13654] syz.2.2981 (13654): /proc/13651/oom_adj is deprecated, please use /proc/13651/oom_score_adj instead.
[  183.008532][   T40] audit: type=1400 audit(2000000033.665:631): avc:  denied  { bind } for  pid=13655 comm="syz.5.2982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  183.036889][   T40] audit: type=1400 audit(2000000033.683:632): avc:  denied  { write } for  pid=13655 comm="syz.5.2982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  183.043752][   T40] audit: type=1400 audit(2000000033.693:633): avc:  denied  { read } for  pid=13662 comm="syz.3.2985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  183.141227][T11540] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.920084][T13671] input: syz0 as /devices/virtual/input/input26
[  183.979016][   T40] audit: type=1400 audit(2000000034.572:634): avc:  denied  { setopt } for  pid=13674 comm="syz.3.2990" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  184.074520][ T5960] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  184.077585][ T5960] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  184.080658][ T5960] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  184.083688][ T5960] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  184.087897][ T5960] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  184.231682][T13681] chnl_net:caif_netlink_parms(): no params data found
[  184.267350][   T54] usb 10-1: new low-speed USB device number 2 using dummy_hcd
[  184.318559][   T40] audit: type=1400 audit(2000000034.881:635): avc:  denied  { getopt } for  pid=13690 comm="syz.2.2993" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  184.320454][T13681] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.326941][T13681] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.329281][T13681] bridge_slave_0: entered allmulticast mode
[  184.332145][T13681] bridge_slave_0: entered promiscuous mode
[  184.335308][T13681] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.337529][T13681] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.339813][T13681] bridge_slave_1: entered allmulticast mode
[  184.342925][T13681] bridge_slave_1: entered promiscuous mode
[  184.375046][   T40] audit: type=1400 audit(2000000034.946:636): avc:  denied  { setopt } for  pid=13690 comm="syz.2.2993" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  184.401181][T13681] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  184.408066][T13681] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  184.444069][T13681] team0: Port device team_slave_0 added
[  184.448532][T13681] team0: Port device team_slave_1 added
[  184.461572][   T54] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  184.464075][   T54] usb 10-1: config 0 has no interface number 0
[  184.466163][   T54] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  184.473521][   T54] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  184.476606][   T54] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  184.482325][   T54] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.492311][   T54] usb 10-1: config 0 descriptor??
[  184.504224][   T54] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  184.522346][T13681] batman_adv: batadv0: Adding interface: batadv_slave_0
[  184.525505][T13681] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.533673][T13681] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  184.538008][T13681] batman_adv: batadv0: Adding interface: batadv_slave_1
[  184.540259][T13681] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.548606][T13681] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  184.656855][T13681] hsr_slave_0: entered promiscuous mode
[  184.659083][T13681] hsr_slave_1: entered promiscuous mode
[  184.662608][T13719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.665379][T13719] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.711887][T13679] iowarrior 10-1:0.1: Error -90 while submitting URB
[  184.719075][   T54] usb 10-1: USB disconnect, device number 2
[  184.719302][T13725] bio_check_eod: 2 callbacks suppressed
[  184.719316][T13725] syz.2.3002: attempt to access beyond end of device
[  184.719316][T13725] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  184.728458][T13725] FAT-fs (nbd2): unable to read boot sector
[  184.743659][T13729] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3003'.
[  184.803566][T11540] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.888496][T13733] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3005'.
[  184.923563][T11540] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.991999][T11540] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.178243][T11540] bridge_slave_1: left allmulticast mode
[  185.180631][T11540] bridge_slave_1: left promiscuous mode
[  185.183336][T11540] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.189639][T11540] bridge_slave_0: left allmulticast mode
[  185.192095][T11540] bridge_slave_0: left promiscuous mode
[  185.194795][T11540] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.492870][T11540] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  185.499368][T11540] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.504575][T11540] bond0 (unregistering): Released all slaves
[  185.536016][T13742] sp0: Synchronizing with TNC
[  185.628298][T13749] input: syz0 as /devices/virtual/input/input27
[  185.870785][T11540] hsr_slave_0: left promiscuous mode
[  185.872829][T11540] hsr_slave_1: left promiscuous mode
[  185.875252][T11540] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.877688][T11540] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.880355][T11540] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.882924][T11540] batman_adv: batadv0: Removing interface: batadv_slave_1
[  185.903354][T11540] veth1_macvtap: left promiscuous mode
[  185.905218][T11540] veth0_macvtap: left promiscuous mode
[  185.907795][T11540] veth1_vlan: left promiscuous mode
[  185.909987][T11540] veth0_vlan: left promiscuous mode
[  186.287296][   T63] Bluetooth: hci3: command tx timeout
[  186.634743][T11540] team0 (unregistering): Port device team_slave_1 removed
[  186.702652][T11540] team0 (unregistering): Port device team_slave_0 removed
[  187.215363][T13760] bridge0: port 3(veth0_to_bridge) entered blocking state
[  187.221097][T13760] bridge0: port 3(veth0_to_bridge) entered disabled state
[  187.223988][T13760] veth0_to_bridge: entered allmulticast mode
[  187.227873][T13760] veth0_to_bridge: entered promiscuous mode
[  187.230380][T13760] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  187.235441][T13760] bridge0: port 3(veth0_to_bridge) entered blocking state
[  187.238336][T13760] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  187.322287][T13681] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  187.329217][T13681] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  187.334798][T13681] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  187.338702][T13681] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  187.383011][   T40] audit: type=1400 audit(2000000037.752:637): avc:  denied  { nlmsg_read } for  pid=13780 comm="syz.3.3022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  187.388192][T13781] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3022'.
[  187.391925][T13681] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.403734][T13681] 8021q: adding VLAN 0 to HW filter on device team0
[  187.409670][T11523] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.411935][T11523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.417355][T11523] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.419686][T11523] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.451044][T13681] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  187.459593][T13681] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  187.490541][T13789] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3025'.
[  187.512838][T13789] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13789 comm=syz.5.3025
[  187.521805][T13795] netlink: 'syz.3.3027': attribute type 6 has an invalid length.
[  187.536642][T13795] netlink: 'syz.3.3027': attribute type 6 has an invalid length.
[  187.601526][T13681] 8021q: adding VLAN 0 to HW filter on device batadv0
[  187.606998][T13804] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3030'.
[  187.638832][T13681] veth0_vlan: entered promiscuous mode
[  187.643562][T13681] veth1_vlan: entered promiscuous mode
[  187.659918][T13681] veth0_macvtap: entered promiscuous mode
[  187.665363][T13681] veth1_macvtap: entered promiscuous mode
[  187.677036][T13681] batman_adv: batadv0: Interface activated: batadv_slave_0
[  187.685388][T13681] batman_adv: batadv0: Interface activated: batadv_slave_1
[  187.696331][T13681] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.701032][T13681] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.704749][T13681] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.708375][T13681] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.814257][ T7400] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.823220][ T7400] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.870626][ T7400] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.873546][ T7400] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.948869][T13796] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN NOPTI
[  187.952601][T13796] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
[  187.955532][T13796] CPU: 2 UID: 0 PID: 13796 Comm: kbnepd 1Èw2; Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  187.960925][T13796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.964195][T13796] RIP: 0010:klist_put+0x4d/0x1b0
[  187.965875][T13796] Code: c1 ea 03 80 3c 02 00 0f 85 5f 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 2e 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 5c 21 0d
[  187.972533][T13796] RSP: 0018:ffffc90003acf950 EFLAGS: 00010202
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  187.974422][T13796] RAX: dffffc0000000000 RBX: ffff888049100460 RCX: ffffffff8261763d
[  187.977000][T13796] RDX: 000000000000000b RSI: ffffffff8b7dd035 RDI: 0000000000000058
[  187.979562][T13796] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  187.981970][T13796] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  187.984374][T13796] R13: 0000000000000001 R14: ffffc90003acfb38 R15: 0000000000000000
[  187.986865][T13796] FS:  0000000000000000(0000) GS:ffff8880d6913000(0000) knlGS:0000000000000000
[  187.990179][T13796] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  187.992417][T13796] CR2: 000000110c289859 CR3: 0000000035f8c000 CR4: 0000000000352ef0
[  187.994871][T13796] Call Trace:
[  187.995932][T13796]  <TASK>
[  187.996867][T13796]  device_del+0x1d8/0x9f0
[  187.998339][T13796]  ? __pfx_device_del+0x10/0x10
[  188.000014][T13796]  ? netdev_unregister_kobject+0x2da/0x540
[  188.001835][T13796]  unregister_netdevice_many_notify+0x1903/0x2700
[  188.003817][T13796]  ? rcu_is_watching+0x12/0xc0
[  188.005305][T13796]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  188.007381][T13796]  ? rtnl_net_dev_lock+0x146/0x360
[  188.009002][T13796]  ? __pfx___mutex_lock+0x10/0x10
[  188.010846][T13796]  unregister_netdevice_queue+0x305/0x3f0
[  188.012639][T13796]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  188.014573][T13796]  ? rtnl_net_dev_lock+0x28/0x360
[  188.016156][T13796]  ? rtnl_net_dev_lock+0x146/0x360
[  188.017756][T13796]  ? rtnl_lock+0x9/0x20
[  188.019092][T13796]  ? rtnl_net_dev_lock+0x146/0x360
[  188.020717][T13796]  unregister_netdev+0x1f/0x60
[  188.022203][T13796]  bnep_session+0x224e/0x2d80
[  188.023665][T13796]  ? __smp_call_single_queue+0x161/0x2f0
[  188.025475][T13796]  ? __pfx_bnep_session+0x10/0x10
[  188.027014][T13796]  ? do_raw_spin_lock+0x12c/0x2b0
[  188.028567][T13796]  ? __pfx_woken_wake_function+0x10/0x10
[  188.030443][T13796]  ? rcu_is_watching+0x12/0xc0
[  188.031973][T13796]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  188.033906][T13796]  ? lockdep_hardirqs_on+0x7c/0x110
[  188.035672][T13796]  ? __kthread_parkme+0x19e/0x250
[  188.037229][T13796]  ? __pfx_bnep_session+0x10/0x10
[  188.038980][T13796]  kthread+0x3c5/0x780
[  188.040291][T13796]  ? __pfx_kthread+0x10/0x10
[  188.041753][T13796]  ? rcu_is_watching+0x12/0xc0
[  188.043243][T13796]  ? __pfx_kthread+0x10/0x10
[  188.044678][T13796]  ret_from_fork+0x5d7/0x6f0
[  188.046142][T13796]  ? __pfx_kthread+0x10/0x10
[  188.047623][T13796]  ret_from_fork_asm+0x1a/0x30
[  188.049126][T13796]  </TASK>
[  188.050123][T13796] Modules linked in:
[  188.051456][    C2] vkms_vblank_simulate: vblank timer overrun
[  188.053546][T13796] ---[ end trace 0000000000000000 ]---
[  188.061695][T13796] RIP: 0010:klist_put+0x4d/0x1b0
[  188.063399][T13796] Code: c1 ea 03 80 3c 02 00 0f 85 5f 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 2e 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 5c 21 0d
[  188.064640][   T40] audit: type=1400 audit(2000000038.388:638): avc:  denied  { read } for  pid=5342 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  188.069966][T13796] RSP: 0018:ffffc90003acf950 EFLAGS: 00010202
[  188.079975][T13796] RAX: dffffc0000000000 RBX: ffff888049100460 RCX: ffffffff8261763d
[  188.082579][T13796] RDX: 000000000000000b RSI: ffffffff8b7dd035 RDI: 0000000000000058
[  188.085269][T13796] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  188.087951][T13796] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  188.090645][T13796] R13: 0000000000000001 R14: ffffc90003acfb38 R15: 0000000000000000
[  188.093089][T13796] FS:  0000000000000000(0000) GS:ffff8880d6913000(0000) knlGS:0000000000000000
[  188.096128][T13796] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  188.098175][T13796] CR2: 000000110c289859 CR3: 000000000e382000 CR4: 0000000000352ef0
[  188.100630][T13796] Kernel panic - not syncing: Fatal exception
[  188.103239][T13796] Kernel Offset: disabled
[  188.104590][T13796] Rebooting in 86400 seconds..

VM DIAGNOSIS:
22:02:15  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc90000007ae0 RCX=ffffc90000158001 RDX=1ffff92000000f95
RSI=ffffffff812c009a RDI=ffffc90000007bac RBP=ffffc90000007b70 RSP=ffffc90000007ae0
R8 =0000000000000001 R9 =0000000000000000 R10=ffffc90000007ae0 R11=000000000000605a
R12=ffffffff81a78dc0 R13=ffffc90000007ba0 R14=0000000000000000 R15=ffff88801deb4880
RIP=ffffffff8161e53e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6713000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055556585d808 CR3=000000003bab4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000400000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffec3ed8b0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8744811b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8744811b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8744811b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8744811b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8744811bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8744811c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000e 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000003ec
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000e 0000000000000000 0000000000000000 00000000000003ec
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff913d972e RBX=ffffffff90b9d4ac RCX=dffffc0000000000 RDX=0000000000000007
RSI=0000000000000000 RDI=ffffffff90b9d4a8 RBP=ffffffff90b9d4a8 RSP=ffffc90003d6eff8
R8 =ffffffff913d9758 R9 =0000000000000000 R10=ffffc90003d6f0f8 R11=00000000000061e5
R12=ffffffff90b9d4b0 R13=ffffffff8161e502 R14=ffffffff90b9d4a8 R15=ffffffff90b9d4a8
RIP=ffffffff816acd4e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6813000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ff547ee7d60 CR3=00000000344a0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff5473856a3 00007ff5473856a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd4e83d120 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555800a2d0 0000555558009cd0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555580082e3 00005555580080e0
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0102100001000000 080604016fec0180 82a0881000041000 2480040100000008
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 06080158bc000800 25f00300080025e0 0300100025d0030f ffffffffffff0425
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c00302100025b003 0210002a90031102 082380032380042a 80032a800425a003
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2008002590030cc0 8884820488002288 0302b8c804840022 8403040400228003
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 46412874656b636f 73203a746e696f70 6b6365686320656c 6261746265203a4c
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855bced5 RDI=ffffffff9b0c72a0 RBP=ffffffff9b0c7260 RSP=ffffc90003acf2c0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552032203a555043
R12=0000000000000000 R13=000000000000003a R14=ffffffff9b0c7260 R15=ffffffff855bce70
RIP=ffffffff855bceff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6913000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c289859 CR3=0000000035f8c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000010000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4b336600 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000024d93 RBX=ffff88806a6420a0 RCX=ffffc9002b03b000 RDX=0000000000080000
RSI=ffffffff81afd479 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc90003e5faa8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=dffffc0000000000 R13=0000000000000003 R14=ffffed100d4c8415 R15=ffff88806a73b580
RIP=ffffffff81afd47b RFL=00000287 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f893cb9d6c0 ffffffff 00c00000
GS =0000 ffff8880d6a13000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c2f6101 CR3=0000000057e43000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893be11c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893bf85488 00007f893bf85480 00007f893bf85478 00007f893bf85450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893caed100 00007f893bf85440 00007f893bf80004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f893bf85498 00007f893bf85490 00007f893bf85488 00007f893bf85480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000