last executing test programs:

46.734754242s ago: executing program 1 (id=16):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x1f, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd8}}, 0x4000040)

39.798582709s ago: executing program 1 (id=16):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x1f, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd8}}, 0x4000040)

32.378888392s ago: executing program 1 (id=16):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x1f, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd8}}, 0x4000040)

21.713159923s ago: executing program 1 (id=16):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x1f, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd8}}, 0x4000040)

11.517933027s ago: executing program 1 (id=16):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x1f, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd8}}, 0x4000040)

5.645844138s ago: executing program 0 (id=710):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0)
rt_sigaction(0x1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f00000002c0))
syz_clone3(&(0x7f00000003c0)={0x100200200, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0xfffffffffffffcaa, 0x0, 0x0}, 0x58)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00'}, 0x10)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
fdatasync(0xffffffffffffffff)
r1 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)
keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5bbf91a1e7f99074, &(0x7f0000000000))
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x10)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)
openat$cgroup_root(0xffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
getpgid(0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0x8})
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r5)
r6 = inotify_init1(0x0)
fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, <r7=>0x0})
r8 = syz_open_procfs(r7, &(0x7f0000000600)='fd/4\x00')
quotactl_fd$Q_QUOTAOFF(r8, 0xffffffff80000302, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$CDROMREADAUDIO(r0, 0x530e, 0x0)

4.001462321s ago: executing program 0 (id=714):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @target={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x4}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xa, 0x1, 'AUDIT\x00'}]}}}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x3}]}], {0x14, 0x10}}, 0xbc}, 0x1, 0x0, 0x0, 0x400d5}, 0x0)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, 0xa, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000700)={0x1, "fa02c8098000", <r2=>0xffffffffffffffff})
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000000)={0x2, "fa02c80a3a1e9d4b9aaf000000008d674fe69b5b7638dd031dd7504fe5809639", <r4=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45b00e4f5b53e0ca34dd02acecdc67c5e3126628168", r2, <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r5, 0xc0303e03, &(0x7f0000000080)={"000c00816800df00", r5, <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r6, 0xc0383e04, &(0x7f0000000180)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$apparmor_current(r7, &(0x7f00000000c0)=@hat={'changehat '}, 0x1d)
r8 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r8, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r8, 0x4)
r9 = accept4(r8, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r9, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000080)=0x8)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r12 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r12, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r13 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r13, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$L2TP_CMD_TUNNEL_GET(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r11, 0x325, 0x0, 0x0, {0x8}}, 0x14}}, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(r9, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x34, r11, 0x0, 0x70bd26, 0x25dfdbfe, {}, [@L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @remote}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x2}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x40804}, 0x200400c0)

3.829907366s ago: executing program 2 (id=716):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000100)={0x2, 'wlan0\x00', {0x10}, 0x9})
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/dev_snmp6\x00')
fchdir(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[@ANYRES64=0x0, @ANYRESHEX], &(0x7f0000000000)='GPL\x00', 0x8, 0xb0, &(0x7f0000000140)=""/176, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x2, 0x2, 0xf, 0x5}, {0x3, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x2f5897beee7aa532, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
sched_setaffinity(r2, 0x8, &(0x7f00000000c0)=0x9)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$bt_hci(r5, 0x11e, 0x1, 0x0, &(0x7f0000000080))
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x3cb, 0x5})
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000000280)={0x3, r8, 0x0, 0x0, 0xa, 0x1ff, 0x1})

3.796145549s ago: executing program 0 (id=718):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KIOCSOUND(r1, 0x4b2f, 0x2)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f0000000300)=0x100000001, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss, @window, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040))
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8}, {0x0, 0xfffc, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x0, 0xb, 0x1, 0x4c}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$sock_TIOCINQ(r2, 0x541b, &(0x7f0000000040))
sendmsg$OSF_MSG_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b40)={0x268, 0x0, 0x5, 0x401, 0x0, 0x0, {}, [{{0x254, 0x1, {{}, 0x0, 0x0, 0x0, 0x0, 0xffff, 'syz0\x00', "b7411bd57b00b03cffb7437cdda2f487fdb1869db0669865b50427c59853678c", "3c8097bd14f735197114ccd7cbc7a177a83da33a65aecc1ba79b66b12eeb5500", [{}, {}, {}, {}, {0x100}, {}, {0x0, 0x0, {0x3}}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, {0x49946a349f2937f2}}, {}, {}, {}, {}, {}, {}, {0xf000}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0xc060}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e20, 0x7f, @mcast2}, @in6={0xa, 0x4e22, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7fff}], 0x48)

3.771742289s ago: executing program 3 (id=719):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c00fff0040605000000000000000000030004000900020073797a3200000000090002000100000000000000050001000700000005000100070000000900020073797a31"], 0x5c}}, 0x0)

3.692027663s ago: executing program 3 (id=720):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x48000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x68431b178f719cb2}, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000080)="7800000018002507b9409b14ffff00000202be04020506056403040c5c0009003f0020010a0000000d0085a168d0bf46d32345653600648d270012000a00000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000402160008000a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 0000409'], 0x2a, 0xfffffffffffffffc)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='s', 0x1, 0xfffffffffffffffe)
keyctl$read(0xb, r4, &(0x7f0000000240)=""/112, 0x349b7f55)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r8, @ANYBLOB="0c00990000000200000000000800a00094090000080026009409000008002700000000000800a1"], 0x48}}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r9, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000005207157ebf96f6b334b524", @ANYRES32=r11, @ANYBLOB="0c00990009000000680000000400bf00"], 0x2c}, 0x1, 0x0, 0x0, 0xc854}, 0x0)

2.82267385s ago: executing program 3 (id=721):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r1)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r1, 0xc0406400, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffed5, 0x0})
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001000)=@newqdisc={0xa0, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xd, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x70, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20], 0x0, [0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x14, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8}]}, {0x4}]}]}}]}, 0xa0}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000000)={'syztnl2\x00', &(0x7f0000000140)={'ip6tnl0\x00', r3, 0x29, 0xf8, 0x4, 0x9, 0x4, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8, 0x20, 0x6, 0xffff}})
preadv(r0, &(0x7f0000002340)=[{&(0x7f0000000080)=""/166, 0xa6}], 0x1, 0x3, 0x0)

2.757543425s ago: executing program 2 (id=722):
syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x121b01)
r0 = syz_open_dev$vcsa(&(0x7f0000000240), 0x2000003, 0x44980)
r1 = getpid()
r2 = socket(0x10, 0x3, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r4, 0x4068aea3, &(0x7f00000001c0))
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000001100)=ANY=[@ANYBLOB="0100000000000000ff00000002", @ANYRES32=r2, @ANYRES8=r5])
ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000040)={0x1})
r6 = syz_pidfd_open(r1, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000050000000400000006"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB="02000008000000141000000100000001000000009c0451c91669ed24aaa36827bad8fa4943b03216405e39e9e0a9ab8422ac071a1f491a906939f398d818da2de6519f2f5c13b2d9ff8e6d6462f86df66e7a64263d40080ffeed8641d94ecfcf6f1ad67eb46b2c9e83d139c16be2a7cbb122b5f43f39298e00", @ANYRES16=r7, @ANYBLOB='\x00'/20, @ANYRES32=r3, @ANYRES32=r0, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x0, 0x4, &(0x7f00000010c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r8}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_GET_NR_MMU_PAGES(0xffffffffffffffff, 0xae45, 0x8)
sendmsg$OSF_MSG_ADD(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b40)={0x268, 0x0, 0x5, 0x401, 0x0, 0x0, {}, [{{0x254, 0x1, {{}, 0x0, 0x0, 0x0, 0x0, 0xffff, 'syz0\x00', "b7411bd57b00b03cffb7437cdda2f487fdb1869db0669865b50427c59853678c", "3c8097bd14f735197114ccd7cbc7a177a83da33a65aecc1ba79b66b12eeb5500", [{}, {}, {}, {}, {0x100}, {}, {0x0, 0x0, {0x3}}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, {0x49946a349f2937f2}}, {}, {}, {}, {}, {}, {}, {0xf000}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0xc060}, 0x0)
syz_usb_connect(0x0, 0xb, &(0x7f00000010c0)=ANY=[], 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r6, 0xc0085508, &(0x7f00000000c0)={{r6}, "c4005a51cf48a456fe399e96793568de827d6e3af15928143f77a2c2bf19506fac2c94a8808e7365569e94b6012f452ddbdb4acaadf3199a4fa57eab4549a87e05bb9a155f3d08704dc753cff79d5128dc113e58ecd5a19e0bc7bef139e74acaed4f126be4cc57e22d44a734c7f2c44b2b2dc3ecfb59318827549e5b2679b3cc4f9e5df2bc30b674fb5f8e181e7dab6cc37989c9911a3d5b32ac444ebf78c76d68c313ed1bcaa4bfcdddc200878c72704b48f4cda8c86a41c703694c1e57aaf73751f45d5ed54010c14c30ea8ca2f620ab57b6ad6bdf3263aeab2de44576b10a1040f0b284fcf2cb5037e025b227baf26e0c5bda231531365c778ef42bc49fd603b98b7b5173f2f1669834e8cd5167092f5d56e6c2623165710ec863179f143dba38551641ea77676773f3a18e97ada500fe448f172e6e714e16079d8233626d4c5c08c9117c5872c5d815ae0d481c25f2cfd2c76c6723e5ee78d5941b7d49e3d123294dd4c04c2691c5d086393047e3fd027daebf2114d1e9da89a36a49f7a411638060e87593ed8e45fb4292ff888e2eb7b776c9428623a34454fb2f11a47b43707e4b161faa8b8dc0d9cb2a0ac253ab41d0172190749ae06af564cabff5a0ba5df004c44138b49d2e17944f6588839fdedcf6ddef583df85490fa3a956e416e02943d56f734c3d3aa8b4898544e8f417c79bb5532b4ab2393c6723488c627a285686a0dac4cd6df370ab806b80f251256cfc058f8c2c2b46dca533048a18315caca12ad5915f077285ffbe1a4b5f46f2af4e45695348200e1f5a57a698aca5cb4f6124fc076af5f40c3461e91b2639a84be51abe62d27cde1642731d31ae1264d20a21011bd221f8d0e4fc9835ccb61405e1ba6fcd48b9d3487909f89a0f40f91abfd3d33876b707d908bd2b076d37f5b2e2d530210e3930cf0418c3a7d8d4ac8cd16b4d2b2d4ebf6134c88813a808d82c86a20b7beb6534bb112b374d5b0a2beacb4e37872a2df879ebd568f0b20ce7d4aeb5ef6c960093b8a3d0e0332d821fdd099269364539d876caf78e60232baf7cc26589453666f17f94ac05fc2b752546a9586f9f18288e5944effa6f912709652113377ee14d949842910b0af467706b42d969908840fe55857f526694cdacb7735f2e0bdc49ca50ca57193aec63535f679e1486185bae007a7cd345bf8d7428e1a2881f6d327ee34ef0bbd67b51d25000fc59ed894c001ca327898dc4a3e7c33e20542772f31e7f125eedec11604b6569f051e643bff91d616284d2ea0f25320c22caba4d681781a13bf341dc22f882540aaab75d5bba9bbfe8aa960705d1d903a7ed8b7a14cc18b2ec9d1640ba3b6cf9c2a6cde4f7b23d1eb42fa57d2b2206c6cd6f84a5b7d682a09064e341c844edd3361f2e457a5057e1c3d97916190d9749adbadb70797f1729cc01c6146a23942e245021fe02748e2235582b36df8236c8b25fa94d1ed7e495f0df447b36f609b17526b2c8c43f1ded38f99344f2553fd911deed701d89fdf92ed6368d74f6f09ce2d26a3916f28eda4fac022f043aff14bab96f3841980533b2f935cfe7e40ad9cc77557d50a32a73aa71ae37a0cece6580887608d028b55fa7a1a1cf214098fe13c1a32ee5890e3d2c9a4d23041f89bac353aa1641df4375080b2181555e9667082a35b041645be39a47298b747eed9d127d8d342b620d0ecd2a48a86bd7dbfa04b3cfad62f5b1055b2259dc64b02d27599fff87c8303b47174e3ee66645d1eaaa05d63bad90ef4fdb97d21b478b37c313571d5776495460b57ba25dc2a5def286c8e81a3fdaa3dfb1dfb9deec86aa3629a03b9722bd95a96972a32552ba5d74f03989c73598b3ba0ef19151631ba4cf90d1bcc35c7cd2fecd6c271564df5ed232581417488454f5878f09523ce1b966162808d13a86872ad04bc777544ae4477459d197c6aaecf52e229a6cc94d151e014b589311f8e5bb7eb57605a80c11a7df2110b70735ae34a21e467f7bd8c3f81c1f9dfcf9464365566786b086637717df597c05b45249b04faa2269ca5a3fca2f1797682f24a34c9f70c27b6dd47fe9f6f006c934481524985afeec903f160c4e2c36c2bbe2081ff33733ca17ca2a2d794fd3af80d5a1adcbfa384e1ba851f4a554433e532f321b332d640513c9df326ddaa4691201f94d1b4b82b82f9bb986e00242fce6588d906cd820640a59707cecf78533496fdc49d90effde5769812ae474ef31adb849542ef23359a640eeeadecf273713a46e96c836823012fc190c8d1dd88d965fbe11074da36375c11fedc648160b55b8b8bc830b72a6f98b1396a72d96f06fab40ddd4729dc162d30e8a34c4041cc22fd62eb501fa685ae7d53376cca12e40f53edd0ae8abbb666c75a6ca8658b4ef8810931158868afb757831d14e81cdadc995fcb98e2da29300480ca03494f81b59985dbe3da8634a3c4a00626d08d6f1f997ccd63a1a103d292d29cdf15b2c4bca2f34ba406a47d9a184ed712356257ec45aa9a8ed8b8daca20f6a2edb1494a2af100000000000000006f1bfeb0edfdb1f10b66753f3fe900b95be3aafbfb5e2976de8b2c6b485243770da0cdc8f4d7384b6f39817f5661429442b20cab08cc28cf814ebf10d7ad4de140241ec169d70781524127a9454e5f1ee9fd5652818683a2f7ff0b11c8fea2ff7398e01df48c8eb62123f2630d561470003d020f4cc8923654fcf65d400ed0792af6bf1876099951e938adc275f47b9ba178b8ae3e9b295fab66c144ad8ad2fd29bced367833b76b2f0ded8dfead5dfccfc9ba2d658688abeb41f53eaf6efa82e5947f8d7a6e1010517032443507f5bd4193170104000000000000cb985f8f11149496bfe54629f3f759c3100e0ab50c95446fd390a87b884930763ac810bdcdaee81b64343b955eba24d34d816bcf3eb5df1b6b44317e033a9015640942da607e3ea61727b97eab7511ff680dc5f4e54fa19e07c0023152272edc066010e661de98f73f913bc04983b325ff62134b41081dce65528af69b5206f9522b3e09f78dea218621e60f5ca9c58212526d96aace431133528b8a5354b213ef4883ef271e488bf629284c277843202bf7a41dbe2616e8338ab14f83bd6da1d1c4a4b50b6372564187a497036f2040f77c099bd0d98d3e4eebd4bf433360c518fc965e966642a22a335f3a9688336bd254dc9fe32632d4c1599c6b72fca290d9cae38548f4ad5d2a165053b7d392276d81ff26e97ebcfa210eddc832240de22bbfc6623929aa2d8bad6c41db54e2125063f9153e98b2316ae5e9d51a3a9efe5a81242f7045dbafa8db63cafad19e32b767dcd5adfd5e5459dce45c71f61a18a3e6a7de43bd61d6015fac48dcecb60795e02b30dc04cc4a408abc2dee10a97fb387a229ba5c07cebc63037c0102c846393b2bf865db38e51ce44b5cede8d530cb6496e5a34b9b0b060b8bd6f98cd53169518a1732d92af494c351f8ce753754f7d944865de345d8520a9232a1c5e516e61f23c39e09bac5d7c70a478e0b7a3208f61f090f69b9ab33da7a8ae16626c3d26f11065fd46851eff2c5968f937e90abe02555cad9e54b4bcaf3ee55aba96406cd457e27c1ad5b9cc640afff1d94d7d5f854fd50a66bf37355c548f840129ae0d81dc23202e4d7921236172d1c4920c1bf5e7bfad21740acd8f5fa278b6de2336276e271045d0ef0a9a566ae988269cb16f7eee941941d3a9f05d754cbb92a27ad9cb374872c3566a9db35920d63f0cfa69ef8dfc41f307f7c1f1ae712e3f6001e57e1de99777212ede107b692182c507b168c77a3824f0cd663f6d2ffe73e3d90587b3444e9a3cb093ddefd2869db927938ecf6cbd16a85d0849b7c829a37b70b24868e7ab1aa2adc012d85a8bf374225281b50882a40e6bed667f0538d8c85768cc9d8537bedfebe64cddf937a150c565e3824a75f5e7a173fed0ed3b3aa8750fde47ce1c219d5fc1977abc24c7a28aa8251e29a17eee3405d4c1f1f5e8b53df9425d6dde4b9de4715097c58062a977637b42974a40f0bf24dcca060871b759e5f42a12da7d89a494468f6c91c47ac17e7bfd61e62872541fd5d3941c0f0ebca3de06ca63cb52b186737fc61ade4eaed0fd5dd1eb4b8e2d2ebb689741fb354c8bbdc9092f68a156952395585113d78254ec826ba49204d76b8dcd854c4cf942c50c38ad5f8db2bf032d5eced178b25e56f9b39961aea03785119cab42fffbbbeaa15f0c21511f441fd72ab25014dbe5a35dfe295486e0d2e5803304deff8736e1d8df7886e4725321bc450c68459f01b5b3014735e81f989945e59b4c5e367976e90124e9cf422cc0f0d624627ab83ccd65ac7ffb91424672ebb3d91d932994c6e215a9d60efb6ed87eb579951668273e9a38f9089179459d2f670a21bd999a97c968891c59402d188dc601ef033fb9af3291b8778f2a38d379913a02d2215f2960f80847afe4d65f1fc7bcd1995e83fc88d87d799af0bf16060780efc8dbd08b041d8c2f646ca18ea18d3d295e172b344b6aea8d2a2620b6379c5c368459fee07bfcc83c83acaf3dc67755bbe8fe58b1a39051ef2327b30c886a0a5183e38c199e32365cb8194deade3262ea5ffa559b789da10f2948e135ce5858e1b016c153b14795a085b5bef350f95487a3f748afa943179d87a1e8828edc33804c2ea49979074fe162a8a36689286c390585d9f83645be3b921c4a6678b8ffd7edfb7a85265d5796ce4f12595b364fcc81b58c267beaa85dd47ad8c55783fe526d6dd0e3cc1f70a7e88d6f826b18aeab8282ff8e2a13ee8f03fab41be97af13c87883f87e6f0bdda04deebc05e35b601a55cc984478a997725d3faab2101cd9596c757c659e6b6c9178f620fbdcb87e399404f4bcd9b57dd1013818e58a785bed0a7fd1f5e5e355816ceba6745a42e10a145c87aedede2e0bed7bc75015a8354ba95a226c87df41d41e4ae368c4e84e8a032c48977602d71eae547f95375746e1f9c86135481bd09a08fee04db26b96cc9327bbde61cec27a56d114cc0e6459170e6cc44d846a2a55046b505e14dbdac32aa759e5d0268fe819a3dc503247b6c24c1607b4742671f5ad63c21812b1904b3c39ec8734fb1ee77a124a29c50154f53c89754f5e4719cc0279c851a63fc33e16f2393e5134568b78126b5680664fcd1fbf9d88f4efdadc120bbb4f21ddd7bf4c445a534631c5f2c4b51d7842743493b4a13bb99f160987284bc7960aaa6d40dbe05e20f42ff48425d1c8166b7fd457d33d808b456b7b11d3d3c1f445a9698ee8a473fb116c5c4824fa224088fa6f031f07f2972e62592d59536dc4cbe3c1cb33e922b0f35f79f1df10ab43e1d3e5dc480bdd8a7039f71ee9c73f976809ec2853ad0c18e4f0ee73fd1361591375d3db6c822e7baae597fc454aae7b426922e9fd9a87fe52a25d5cd03434d7ffb9f319fbeb403c0836f2117cf851bf7660ecb567a6cd918e85190683c1c0a79da1cd92b8527400008f047a436a4859be0e7b9469c6830a81d81f93ea8ba1b614de4386296089c9b34f4b8116ae7afedd43f6a82abf4302e4d8a9fba0b87347df1f5bb676f496bf29bf9ea9e3ea4bd1dd3f3d4feb7609f96424f35035b5a13fd6efd0441dea1c1f17feae7d5a1ef77aa05537fc87cc2021c92d5cbbbd159258a45972e112e123e306ef0daa36e1ff069be815c5d0b74b6b41c6d5b76c04057de0a43c2e40b04fc11b60f0f1e7ff0b88fb600d79e03cc8b73fed0af95601acca"})
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
r11 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r11, 0xc008551c, &(0x7f00000001c0))
sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="000229bd7000fddbdf000008000100f8000000080001000400000008000200ed4b00000c00040000010000000000000c0004000600000000000000140002800c000380080001000600000004000400"], 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x10)
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000280)=0xffffffffffffffff, 0x4)

2.747111107s ago: executing program 0 (id=723):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d00)={{0x14, 0x10, 0x1, 0x0, 0xff00}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0xc, 0x3, "b07346e358c21925"}, @NFTA_MATCH_NAME={0xb, 0x1, 'cgroup\x00'}, @NFTA_MATCH_REV={0x8}]}}}]}]}], {0x14}}, 0xe8}}, 0x0)

2.69250974s ago: executing program 3 (id=724):
r0 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r1})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r2=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x13, r2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)

2.69206439s ago: executing program 0 (id=725):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(r2, r3, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
iopl(0x3)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000100)={0xb6, 0x1, 0x7, 0xfffffffffffffffa})
mq_timedreceive(r5, &(0x7f0000000340)=""/221, 0xdd, 0x0, 0x0)
mq_timedreceive(r5, &(0x7f0000000780)=""/117, 0x75, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
r7 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, 0x0, &(0x7f0000000180), 0x0, 0x0)
ioctl$BINDER_GET_FROZEN_INFO(r7, 0xc00c620f, &(0x7f0000000440)={r4})
sched_setscheduler(0x0, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x2f0, 0xffffffff, 0x198, 0x3a010003, 0xb0, 0xffffffff, 0xffffffff, 0x280, 0x280, 0x280, 0xffffffff, 0x4, 0x0, {[{{@ip={@local, @loopback=0x7f000008, 0x0, 0x0, 'pim6reg\x00', 'veth1_to_bond\x00'}, 0x0, 0x70, 0xb0, 0x0, {0x100000000000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x9}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}}]}, @REJECT={0x28}}, {{@ip={@remote, @dev, 0x0, 0x0, 'wlan1\x00', 'pim6reg1\x00'}, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@ttl={{0x28}}, @common=@ttl={{0x28}}]}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x350)

2.691449383s ago: executing program 3 (id=726):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$autofs(0xffffff9c, &(0x7f00000002c0), 0x690c40, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket$netlink(0x10, 0x3, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010000000000000000000100a9002800453ab60100000000", @ANYRES32=r4, @ANYBLOB="04000280"], 0x20}, 0x1, 0xf000}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r2, 0x0, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)="25994e20120e039e45c63dfbf7331a405e26425ce667797fcd86f3a1734480d53e4b1e0ac7f71fb3e81f96c1f8a41ee47622ec666f632252286873c4cfccb8003539cc27164c35e773c8036b3905c4d6217295f66205c2e56db7e523dfc0ea0145bfef20e5e1039b67fc04e34df26f0f450d17ba855e4776e1f7e7a13726b25f", 0x80}], 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14}, @NFT_MSG_NEWRULE={0x14}], {0x14}}, 0x50}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[], 0x4b0}}, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r5)
socket$inet(0x2, 0x1, 0x0)
r6 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r6, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r6, 0x3)
r7 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r7, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r8 = accept4(r6, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000200))
recvmmsg(r7, &(0x7f0000007940), 0x55, 0x0, 0x0)
sendmmsg(r8, &(0x7f0000001500), 0x588, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000005a00), 0xffffffffffffffff)

2.099926444s ago: executing program 2 (id=727):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0xb, &(0x7f00000010c0)=ANY=[], 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r2, 0xc0085508, &(0x7f00000000c0)={{}, "c4005a51cf48a456fe399e96793568de827d6e3af15928143f77a2c2bf19506fac2c94a8808e7365569e94b6012f452ddbdb4acaadf3199a4fa57eab4549a87e05bb9a155f3d08704dc753cff79d5128dc113e58ecd5a19e0bc7bef139e74acaed4f126be4cc57e22d44a734c7f2c44b2b2dc3ecfb59318827549e5b2679b3cc4f9e5df2bc30b674fb5f8e181e7dab6cc37989c9911a3d5b32ac444ebf78c76d68c313ed1bcaa4bfcdddc200878c72704b48f4cda8c86a41c703694c1e57aaf73751f45d5ed54010c14c30ea8ca2f620ab57b6ad6bdf3263aeab2de44576b10a1040c6cc84fcf2cb5037e025b227baf26e0c5bda231531365c778ef42bc49fd603b98b7b5173f2f1669834e8cd5167092f5d56e6c2623165710ec863179f143dba38551641ea77676773f3a18e97ada500fe448f172e6e714e16079d8233626d4c5c08c9117c5872c5d815ae0d481c25f2cfd2c76c6723e5ee78d5941b7d49e3d123294dd4c04c2691c5d086393047e3fd027daebf2114d1e9da89a36a49f7a411638060e87593ed8e45fb4292ff888e2eb7b776c9428623a34454eb2f11a47b43707e4b161faa8b8dc0d9cb2a0ac253ab41d0172190749ae06af564cabff5a0ba5df004c44138b49d2e17944f6588839fdedcf6ddef583df85490fa3a956e416e02943d56f734c3d3aa8b4898544e8f417c79bb5532b4ab2393c6723488c627a285686a0dac4cd6df370ab806b80f251256cfc058f8c2c2b46dca533048a18315caca12ad5915f077285ffbe1a4b5f46f2af4e45695348200e1f5a57a698acae6b4f6124fc076af5f40c3461e91b2639a84be51abe62d27cde1642731d31ae1264d20a21011bd221f8d0e4fc9835ccb61405e1ba6fcd48b9d3487909f89a0f40f91abfd3d33876b707d908bd2b076d37f5b2e2d530210e3930cf0418c3a7d8d4ac8cd16b4d2b2d4ebf6134c88813a808d82c86a20b7beb6534bb112b374d5b0a2beacb4e37872a2df879ebd568f0b20ce7d4aeb5ef6c960093b8a3d0e0332d821fdd099269364539d876caf78e60232baf7cc26589453666f17f94ac05fc2b752546a9586f9f18288e5944effa6f912709652113377ee14d949842910b0af467706b42d969908840fe55857f526694cdacb7735f2e0bdc49ca50ca57193aec63535f679e1486185bae007a7cd345bf8d7428e1a2881f6d327ee34ef0bbd67b51d25000fc59ed894c001ca327898dc4a3e7c33e20542772f31e7f125eedec11604b6569f051e643bff91d616284d2ea0f25320c22caba4d681781a13bf341dc22f882540aaab75d5bba9bbfe8aa960705d1d903a7ed8b7a14cc18b2ec9d1640ba3b6cf9c2a6cde4f7b23d1eb42fa57d2b2206c6cd6f84a5b7d682a09064e341c844edd3361f2e457a5057e1c3d97916190d9749adbadb70797f1729cc01c6146a23942e245021fe02748e2235582b36df8236c8b25fa94d1ed7e495f0df447b36f609b17526b2c8c43f1ded38f99344f2553fd911deed701d89fdf92ed6368d74f6f09ce2d26a3916f28eda4fac022f043aff14bab96f3841980533b2f935cfe7e40ad9cc77557d50a32a73aa71ae37a0cece6580887608d028b55fa7a1a1cf214098fe13c1a32ee5890e3d2c9a4d23041f89bac353aa1641df4375080b2181555e9667082a35b041645be39a47298b747eed9d127d8d342b620d0ecd2a48a86bd7dbfa04b3cfad62f5b1055b2259dc64b02d27599fff87c8303b47174e3ee66645d1eaaa05d63bad90ef4fdb97d21b478b37c313571d5776495460b57ba25dc2a5def286c8e81a3fdaa3dfb1dfb9deec86aa3629a03b9722bd95a96972a32552ba5d74f03989c73598b3ba0ef19151631ba4cf90d1bcc35c7cd2fecd6c271564df5ed232581417488454f5878f09523ce1b966162808d13a86872ad04bc777544ae4477459d197c6aaecf52e229a6cc94d151e014b589311f8e5bb7eb57605a80c11a7df2110b70735ae34a21e467f7bd8c3f81c1f9dfcf9464365566786b086637717df597c05b45249b04faa2269ca5a3fca2f1797682f24a34c9f70c27b6dd47fe9f6f006c934481524985afeec903f160c4e2c36c2bbe2081ff33733ca17ca2a2d794fd3af80d5a1adcbfa384e1ba851f4a554433e532f321b332d640513c9df326ddaa4691201f94d1b4b82b82f9bb986e00242fce6588d906cd820640a59707cecf78533496fdc49d90effde5769812ae474ef31adb849542ef23359a640eeeadecf273713a46e96c836823012fc190c8d1dd88d965fbe11074da36375c11fedc648160b55b8b8bc830b72a6f98b1396a72d96f06fab40ddd4729dc162d30e8a34c4041cc22fd62eb501fa685ae7d53376cca12e40f53edd0ae8abbb666c75a6ca8658b4ef8810931158868afb757831d14e81cdadc995fcb98e2da29300480ca03494f81b59985dbe3da8634a3c4a00626d08d6f1f997ccd63a1a103d292d29cdf15b2c4bca2f34ba406a47d9a184ed712356257ec45aa9a8ed8b8daca20f6a2edb1494a2af100000000000000006f1bfeb0edfdb1f10b66753f3fe900b95be3aafbfb5e2976de8b2c6b485243770da0cdc8f4d7384b6f39817f5661429442b20cab08cc28cf814ebf10d7ad4de140241ec169d70781524127a9454e5f1ee9fd5652818683a2f7ff0b11c8fea2ff7398e01df48c8eb62123f2630d561470003d020f4cc8923654fcf65d400ed0792af6bf1876099951e938adc275f47b9ba178b8ae3e9b295fab66c144ad8ad2fd29bced367833b76b2f0ded8dfead5dfccfc9ba2d658688abeb41f53eaf6efa82e5947f8d7a6e1010517032443507f5bd419317324000ca02e49db1cb985f8f11149496bfe54629f3f759c3100e0ab50c95446fd390a87b884930763ac810bdcdaee81b64343b955eba24d34d816bcf3eb5df1b6b44317e033a9015640942da607e3ea61727b97eab7511ff680dc5f4e54fa19e07c0023152272edc066010e661de98f73f913bc04983b325ff62134b41081dce65528af69b5206f9522b3e09f78dea218621e60f5ca9c58212526d96aace431133528b8a5354b213ef4883ef271e488bf629284c277843202bf7a41dbe2616e8338ab14f83bd6da1d1c4a4b50b6372564187a497036f2040f77c099bd0d98d3e4eebd4bf433360c518fc965e966642a22a335f3a9688336bd254dc9fe32632d4c1599c6b72fca290d9cae38548f4ad5d2a165053b7d392276d81ff26e97ebcfa210eddc832240de22bbfc6623929aa2d8bad6c41db54e2125063f9153e98b2316ae5e9d51a3a9efe5a81242f7045dbafa8db63cafad19e32b767dcd5adfd5e5459dce45c71f61a18a3e6a7de43bd61d6015fac48dcecb60795e02b30dc04cc4a408abc2dee10a97fb387a229ba5c07cebc63037c0102c846393b2bf865db38e51ce44b5cede8d530cb6496e5a34b9b0b060b8bd6f98cd53169518a1732d92af494c351f8ce753754f7d944865de345d8520a9232a1c5e516e61f23c39e09bac5d7c70a478e0b7a3208f61f090f69b9ab33da7a8ae16626c3d26f11065fd46851eff2c5968f937e90abe02555cad9e54b4bcaf3ee55aba96406cd457e27c1ad5b9cc640afff1d94d7d5f854fd50a66bf37355c548f840129ae0d81dc23202e4d7921236172d1c4920c1bf5e7bfad21740acd8f5fa278b6de2336276e271045d0ef0a9a566ae988269cb16f7eee941941d3a9f05d754cbb92a27ad9cb374872c3566a9db35920d63f0cfa69ef8dfc41f307f7c1f1ae712e3f6001e57e1de99777212ede107b692182c507b168c77a3824f0cd663f6d2ffe73e3d90587b3444e9a3cb093ddefd2869db927938ecf6cbd16a85d0849b7c829a37b70b24868e7ab1aa2adc012d85a8bf374225281b50882a40e6bed667f0538d8c85768cc9d8537bedfebe64cddf937a150c565e3824a75f5e7a173fed0ed3b3aa8750fde47ce1c219d5fc1977abc24c7a28aa8251e29a17eee3405d4c1f1f5e8b53df9425d6dde4b9de4715097c58062a977637b42974a40f0bf24dcca060871b759e5f42a12da7d89a494468f6c91c47ac17e7bfd61e62872541fd5d3941c0f0ebca3de06ca63cb52b186737fc61ade4eaed0fd5dd1eb4b8e2d2ebb689741fb354c8bbdc9092f68a156952395585113d78254ec826ba49204d76b8dcd854c4cf942c50c38ad5f8db2bf032d5eced178b25e56f9b39961aea03785119cab42fffbbbeaa15f0c21511f441fd72ab25014dbe5a35dfe295486e0d2e5803304deff8736e1d8df7886e4725321bc450c68459f01b5b3014735e81f989945e59b4c5e367976e90124e9cf422cc0f0d624627ab83ccd65ac7c1b91424672ebb3d91d932994c6e215a9d60efb6ed87eb579951668273e9a38f9089179459d2f670a21bd999a97c968891c59402d188dc601ef033fb9af3291b8778f2a38d379913a02d2215f2960f80847afe4d65f1fc7bcd1995e83fc88d87d799af0bf16060780efc8dbd08b041d8c2f646ca18ea18d3d295e172b344b6aea8d2a2620b6379c5c368459fee07bfcc83c83acaf3dc67755bbe8fe58b1a39051ef2327b30c886a0a5183e38c199e32365cb8194deade3262ea5ffa559b789da10f2948e135ce5858e1b016c153b14795a085b5bef350f95487a3f748afa943179d87a1e8828edc33804c2ea49979074fe162a8a36689286c390585d9f83645be3b921c4a6678b8ffd7edfb7a85265d5796ce4f12595b364fcc81b58c267beaa85dd47ad8c55783fe526d6dd0e3cc1f70a7e88d6f826b18aeab8282ff8e2a13ee8f03fab41be97af13c87883f87e6f0bdda04deebc05e35b601a55cc984478a997725d3faab2101cd9596c757c659e6b6c9178f620fbdcb87e399404f4bcd9b57dd1013818e58a785bed0a7fd1f5e5e355816ceba6745a42e10a145c87aedede2e0bed7bc75015a8354ba95a226c87df41d41e4ae368c4e84e8a032c48977601d71eae547f95375746e1f9c86135481bd09a08fee04db26b96cc9327bbde61cec27a56d114cc0e6459170e6cc44d846a2a55046b505e14dbdac32aa759e5d0268fe819a3dc503247b6c24c1607b4742671f5ad63c21812b1904b3c39ec8734fb1ee77a124a29c50154f53c89754f5e4719cc0279c851a63fc33e16f2393e5134568b78126b5680664fcd1fbf9d88f4efdadc120bbb4f21ddd7bf4c445a534631c5f2c4b51d7842743493b4a13bb99f160987284bc7960aaa6d40dbe05e20f42ff48425d1c8166b7fd457d33d808b456b7b11d3d3c1f445a9698ee8a473fb116c5c4824fa224088fa6f031f07f2972e62592d59536dc4cbe3c1cb33e922b0f35f79f1df10ab43e1d3e5dc480bdd8a7039f71ee9c73f976809ec2853ad0c18e4f0ee73fd1361591375d3db6c822e7baae597fc454aae7b426922e9fd9a87fe52a25d5cd03434d7ffb9f319fbeb403c0836f2117cf851bf7660ecb567a6cd918e85190683c1c0a79da1cd92b8527400008f047a436a4859be0e7b9469c6830a81d81f93ea8ba1b614de4386296089c9b34f4b8116ae7afedd43f6a82abf4302e4d8a9fba0b87347df1f5bb676f496bf29bf9ea9e3ea4bd1dd3f3d4feb7609f96424f35035b5a13fd6efd0441dea1c1f17feae7d5a1ef77aa05537fc87cc2021c92d5cbbbd159258a45972e112e123e306ef0daa36e1ff069be815c5d0b74b6b41c6d5b76c04057de0a43c2e40b04fc11b60f0f1e7ff0b88fb600d79e03cc8b73fed0af95601acca"})
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0xc4382, 0x0)
r4 = dup(r3)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
close(r6)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx2\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x52, &(0x7f00000007c0)={@local, @random="89ab9b4c72ca", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0300", 0x1c, 0x2c, 0x1, @remote, @local, {[@routing={0x0, 0x0, 0x0, 0x8}], {{0x0, 0x400, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r9 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r10 = fcntl$dupfd(r9, 0x0, r9)
write$binfmt_script(r10, &(0x7f0000001b00), 0xfffffd9d)
ppoll(&(0x7f0000000540)=[{r9, 0x5086}], 0x1, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
sendfile(r8, r4, 0x0, 0x8a000)
write$sndseq(r4, &(0x7f0000000080)=[{0x9f, 0x2, 0x5, 0x7, @time={0xb194, 0xfffffffb}, {0x51, 0x1}, {0x0, 0x5}, @ext={0x2a, &(0x7f0000000040)="6b7691128e85033e255f4bf7ac1e7e96f69121bd1af9f97117db46a34750b6a59af64175e50761ebb293"}}, {0x0, 0x2, 0x80, 0x5, @time={0xcff, 0xfffffffe}, {0x81, 0x92}, {0x1, 0x9}, @queue={0x6, {0x1, 0x2}}}, {0x0, 0x5, 0xe, 0x6, @tick=0xf, {0xb, 0x81}, {0x0, 0x28}, @addr={0x10, 0x10}}], 0x54)
ioctl$SNDCTL_DSP_RESET(r4, 0x5000, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@newsa={0x150, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in6=@dev}, {@in=@remote, 0x0, 0x32}, @in=@local, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x17, {0x0, 0x3, 0x0, @in=@remote}}]}, 0x150}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

2.099707264s ago: executing program 1 (id=16):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x1f, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd8}}, 0x4000040)

129.977066ms ago: executing program 0 (id=728):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x104, r1, 0x200, 0x70bd25, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8}, {0x6}, {0x8, 0x15, 0x8000000}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x6}, {0x8, 0x15, 0x81}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x5}, {0x8, 0x15, 0xf5d}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x7e4d}, {0x6}, {0x8, 0x15, 0x7ff}}]}, 0x104}, 0x1, 0x0, 0x0, 0x50}, 0x20000044)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000240), &(0x7f0000000280)=r0}, 0x1c)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x16, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xffffff29}, [@alu={0x4, 0x1, 0x9, 0x7, 0x8, 0xc, 0xfffffffffffffff0}, @ldst={0x0, 0x0, 0x6, 0x7, 0x5, 0x50}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffff9}}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}]}, &(0x7f0000000400)='GPL\x00', 0x7, 0xa5, &(0x7f0000000440)=""/165, 0x41000, 0x15, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0x0, 0x5, 0x9d37}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000580)=[0x1], &(0x7f00000005c0)=[{0x5, 0x3, 0xb, 0x4}, {0x1, 0x5, 0x8, 0x8}, {0x1, 0x4, 0x0, 0xc}, {0x3, 0x4, 0xe, 0x7}, {0x2, 0x5, 0x0, 0x8}], 0x10, 0x401, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f0000000300), &(0x7f0000000700)=r3}, 0x1c)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r3, 0xe0, &(0x7f0000000940)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000780)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0], 0x0, 0x7c, &(0x7f0000000840)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0xf0, 0x8, 0x8, &(0x7f0000000900)}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000a80)={r4}, 0x4)
r5 = io_uring_setup(0x6577, &(0x7f0000000ac0)={0x0, 0x7c5c, 0x800, 0x3, 0x1b5})
io_uring_register$IORING_REGISTER_FILES2(r5, 0xd, &(0x7f0000000cc0)={0x1, 0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000b40)=""/213, 0xd5}], &(0x7f0000000c80)=[0x0, 0x7, 0x6, 0x9, 0x27, 0x9]}, 0x20)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
recvmmsg(r6, &(0x7f0000005a80)=[{{&(0x7f0000000d00)=@phonet, 0x80, &(0x7f0000000e40)=[{&(0x7f0000000d80)=""/3, 0x3}, {&(0x7f0000000dc0)=""/67, 0x43}], 0x2, &(0x7f0000000e80)=""/71, 0x47}, 0x10001}, {{&(0x7f0000000f00)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000001140)=[{&(0x7f0000000f80)=""/208, 0xd0}, {&(0x7f0000001080)=""/156, 0x9c}], 0x2, &(0x7f0000001180)=""/128, 0x80}, 0xfffffffe}, {{&(0x7f0000001200)=@l2tp6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000002280)=[{&(0x7f0000001280)=""/4096, 0x1000}], 0x1, &(0x7f00000022c0)=""/23, 0x17}, 0x3}, {{&(0x7f0000002300)=@isdn, 0x80, &(0x7f00000045c0)=[{&(0x7f0000002380)=""/4096, 0x1000}, {&(0x7f0000003380)=""/4096, 0x1000}, {&(0x7f0000004380)=""/37, 0x25}, {&(0x7f00000043c0)=""/146, 0x92}, {&(0x7f0000004480)=""/178, 0xb2}, {&(0x7f0000004540)=""/76, 0x4c}], 0x6, &(0x7f0000004600)=""/59, 0x3b}, 0x4}, {{0x0, 0x0, &(0x7f0000005780)=[{&(0x7f0000004640)=""/64, 0x40}, {&(0x7f0000004680)=""/83, 0x53}, {&(0x7f0000004700)=""/98, 0x62}, {&(0x7f0000004780)=""/4096, 0x1000}], 0x4, &(0x7f00000057c0)=""/47, 0x2f}, 0x8}, {{&(0x7f0000005800)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000059c0)=[{&(0x7f0000005880)=""/14, 0xe}, {&(0x7f00000058c0)=""/232, 0xe8}], 0x2, &(0x7f0000005a00)=""/74, 0x4a}, 0x7fffffff}], 0x6, 0x10102, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
fsetxattr$trusted_overlay_origin(r7, &(0x7f0000005b40), &(0x7f0000005b80), 0x2, 0x2)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000005bc0)={{0x7f, 0x45, 0x4c, 0x46, 0xbe, 0x5a, 0x9, 0x60, 0x7, 0x3, 0x6, 0x3ff, 0x1f9, 0x40, 0x1ed, 0x2, 0x7ff, 0x38, 0x2, 0x9, 0x401, 0x9}, [{0x1, 0x2, 0x100, 0xfffffffffffffffc, 0x6, 0x31, 0x800, 0x8}, {0x3, 0xac, 0x3, 0x9, 0x41ee, 0x8, 0x1, 0x4}], "1cfb1a17a38913fd689f925f7db8ec", ['\x00', '\x00']}, 0x2bf)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000005e80)={0xe5, 0x5, {<r8=>0xffffffffffffffff}, {0xffffffffffffffff}, 0xf, 0x4})
sched_setscheduler(r8, 0x4, &(0x7f0000005ec0)=0x3ff)
r9 = openat$cuse(0xffffff9c, &(0x7f0000005f00), 0x2, 0x0)
read$FUSE(r9, &(0x7f0000005f40)={0x2020}, 0x2020)
io_uring_enter(r5, 0x32bd, 0x7546, 0x0, &(0x7f0000007f80)={[0x7, 0x6]}, 0x8)
vmsplice(r3, &(0x7f0000009480)=[{&(0x7f0000007fc0)="3e3e48c34d346582c750005f8e973f76a84af9ca0bd8006b4067f96a71d1ee74a75eead69a2527c31c20bc69cd0cb8866658b9406028e4fe476c47af6d641ef74ef3e3095a8d94bde93fb6ebeffa565e2abe1f2d1c9f01b38ba4f29fa9b06962d24f3744818d8253e96167c5e06d3150ff4eb1baf921bd1493bbff3e16453353984d6199de406238bf48cbd5c9a418a728416041e6ec6a4e0b357d3b5d85e9ae3d8598053c52e56b5643f3e4467eb96b67597d096a164dd60998a4ce0221546603de227e55bd2e34d2b589c74d99a3ddeff37b37e964b74a3d7283515719", 0xde}, {&(0x7f00000080c0)="9bb13f5ee223419b58de569544b0131cdf598c2b153a5120c16da4dd77c42ff620fbbc2e92c77a2f73fd4b8dfeac2f7835829621a34965c6f59046a28a2bc8484204c3168cde3bb5f1cfb28bd78a83b00ccc39b54f4d1627233afaaaacb6558a97ecd9", 0x63}, {&(0x7f0000008140)="9ddbb206fb4cc1c4436474591e3541b435d65d9865c4999562d3172ff4557e9be3287dce6f4643df42763a896a428ae25afad05ec2acc9a528cdbf778a691153cd318fd616e29f5830bb37e0c116972cb8399d08388a1b251bd6c848a8f1be511dce187135f25632ec24e643ead202e793cb36e6faf5561a7fca20cf3ce5e1784b99cf7f62eb6a9e7babbf42645100d52cf039b045986a4b9ae837b9e673b941e99282b76222b1d8c41a6c6df7a93849988e91864653f1c557f07fc357314b7bd5ad57ccc0504905a041ea45a95c42b9f8287804b9b8875ad3dc085d5d52f44a8be6cdd41af8", 0xe6}, {&(0x7f0000008240)="7e31d94e4d28888540792b74b6dfaa0e7a27ca0f938a7e9afbb319fa1def43182c40b69258cfc7828aebc566364d9f0282ad38a7539bc47b85d6bc26fc04103eaccde23acd55eadb4b22e73f4034b786a16111248f6a4eff7ab63a2bcf654f0b818600d8b34e109a39793e447a0097a6249f403a4eab5416f8f089f732e17a4fdaf5f66547f271ddc1c0b81be65bb8043b5b2ac4775555d0f532fcc66826a719cd7bdbc85ea3f60c07990e95a71ebd36c90d5921a4b3399575bc0f7aeab11173dc4878a0d2de084c1e0fbd14e80b60164ab271a94a8ea3a0dc8275ccc50d5d2cb16e892d6d7f21846e5225cee1a4af097f64689a678a768caeb13f52535c6549c6584046c1093f87fd6a1e2c33db4d4a352f713730706a24de1fd0c1b867f2c6eed4b3f624cedc9f5b6958f772e21e393927fde5242049f7f587365264e27c17370443594a9c018a71161c5fb127cc5880b190f8c7ab919fcd1ad57316cbb867936d9ac773dc807522b5b0e5d885bad9a36d609b7299eceb4d3f758b053f44fc1b7ebe757c03e02a7390554d91c8434e6609ea4be3e2d69a5b9030ff5ec59e2f3fc4c56d4f59af4fa153f5a8900d4f74d9450645dab170279bddb0f035004f796ea9ce6fb8d16c73337df499960fcde73c24f06a5e24fcd6658f45af6b1af784fc8d9c44ab31216fd6c27c6a23df8c274d80aa6f0fe6cabb54edb5113980205bc8c2c8b99b3cb767c65ef7d8bd9ef74d80803eb4ff02f3d109b4cd40de0c9f67b6a2271a707908f8b6646623b27dbfe346b12ce441a0a38af62829a840788360247ed05a27de18726ffa41efd9beb559209561954d9427e7574530143498c14a8959ffdd215031d219f88e8b52c0da338e5e7c2d51f2777b283cb0ced41c9ee61a59ffb86b391c76d712a5abd9a441c6a953251110407f660130b75251a106f01c4944b7a1cebe22bc42cf7034154c3f9050e855d79d582a05dc7fc50ddf19d0fada1eba94ea4caaa0da212af0cca77418aee41d1b0ce76463bc75277a105fa8dd328a385dd001be971eab2b0b241f33e027521499010217a1d289e491caf85aa22848091305f3d15462825d30f6b7e96821e36d6dd4d22c23d5d9e18acf12d496f9201092084f11e1c6c9b64c3e23ea1a284c72a91419e47a2b312b300faa7051d0df9a64632512dc1cf70b4cf08102c48c1837e59e6bc623af4d944c3e087cb260db239f8d1c2552767264f082e2f67afb91304e8b750ff1e9b947f24587c8074255a1fb2d91d2e4803322b0f355d70e183f24d8b53112fe0e640a8d55bc79caecac70ad11cbf07d1d8f687a1ef986a2ac410c63336d8b3c91b6e63bec7ddfac2a175c3158127bdfb6c1584bc8b9bc3d5a75905480d69aea1566266a35c9c2f2d6246020fc375bf5b90a06efbe5fc6b1c87d6e1b346a5c4ec71e09f0a9535ef8a694a16d4850a46a977b19f1e03fd29fa96e23bb842d8fae0452b75d806f259236919c3eda4705aa186f6ff157b74ef886647f358fdeb5a1267635d143c31f77b76cf8a4cb83f0a7f696540bbd36f7f0fc3fee802e1e7900922e308c6d4b4ac58d46b3749d0531251b870a33438c89fcf014db26935e25da20b6507190ea9899a11601aa56832c73570c6cc5b128ce7a332797419fb787fb0e28749a33547955df726702f127a10c3ffd3ec942afdc0e2c82fa04d5f92236ad32c4003b6883e0a28a625d94058684cb1d09a716200c3e2858694ea8d43ab88f849674e9afd4163d13e1ca70f7adac90c13fcbabfb721517e734a0a063388bac0b5ca8f6ae7b0ff6801f3cd956279f1e38521e3ce8e4afe1fb6c3ec6735681ea5c88f90ab139acbd63020d082ece69d02f438405f588d47654ada9253eabc21f3fe97f51ff958083bfc150364d75d44c518159f077a447cacb06f9a6e225c230db271f0317d920390552f4740073dc82ef5e274356b46ca8fab48847c92907fefd11d9451822831d01a7e376a53feca4d6038f947a04c0e613bf15c33bfe57a5833d7b6f22799e59cd8bfa66b294a4f21a75641b3619066e1758056db84b5059d3497dd1bf613de950228721fb4c98a8122346e232e37f72d2d9edd3a3f7703e12104e2fde274e93ca5496df7bb9bbecb1358ac9c1bdec5561ec96fb82f5bb109a4e958724c65fc28895466c91e0561b14867aa17c50285002e352aa6592b95604743f9c1c940fc63d2dc55142520d4342a751b2c7ef94224eb783e4a219e3d0f699784dc7e75ef8d774aae0813465cd262ea7df17b15dfef1daf5bb939b3cf255422bad4f6f4bdc6b394f4a4b4dbc3e49cc085ed6b6828e5cc1d72103ae772e3a4ddf9769e9ebfe44388ed04d7441766def69919410a9e79d3636c12b466663daa84752b4f2bc2ddfb78a98b4e2f4eefa8efbb2661275de484eb919e0b227d222a6e2b066fba64d218cf50b9fde66d864078d095abb5152c576b5e646d56c4ff883b3307bcc8495737c3071ff174e7daad7c277fd595b752a0bf44e6777c7e3604b68de43179d5fbc63debd9c8e34b94e6391446433f2e1bc8c6a408ec78e88df14c1e3255df2b3b360785831e95ed75fac8a5fa85abd682f8bd6998bfae291dab6910087dd2ca80318277a914ea9a40fc14474c0ddff462d78150d190ce07129ce24565a26a7dd1d2db34be333b97545747f1391fe514748aa00c2a1cc3719c742d7ba988274e6916ac905ef6d7ea672bf52d41f3e603fabee5ecd7c0f948160ed406926159468a9ed6d84370093b8e53398bef6fbbc8834d95e6dbd7713cf161992128b864c7b313cc2b98cbc35163149ea3865d2a3a102aad3bf34a6dd63ea3e4ca52cded953faa8ec5a26337a435287182e353cb3985489406b6f57bdd1bb2647e4f09cb328002572a7e30b69e259c5679ef84a85b4b7c2d19608ede80802cb3550a5a21d430444ad658d276fa1ac25f7f4c6a4cfc48ca0331b4fa12871e7aedb6887f6ee88bcc66b525346e793c6648053be74328d959914a96f4d5f44f3a449693a1fa087db73e4a6ee6f28f4f7a470a1a68276aac170d719de9d89bee984109ba8a1c48e750efb4214af107ac118f59ea92ca4c29d154e6b1ed33d7540eb0d1abc7e3637b456cedf01e1ddbab007cd571a831385439fa8011f73f3e9fa10e1e72e42d728c18324aabb7ab55c9c1f7868c90e15a83c085ec56803eb706410e0542150d1e8da907a2033761d4b5253cfe1b6d5c5778a316a18a18c9654eb99dacc20f16a9250df21f44e6345b760b6d9adf7667afb77ba3e52590ade8b883b75ce9a9e98a740adcd70746fc54d0f90d5900cf7f4e2b9b92af43bf97767255f5673c14b394341bc1132339d1ed349a926d9c1e26b1893b114d2c91b2a48df2f43c46a5bd3eff17357b138a406aea884e8ad9c2d015c1445b4726d7cf80709b98896ff98352a0a39c808033d74e96a73e4b9f66609f41a4ba8873df740ea3052197d7cd5d5a8dac58fdfbac8784c37855fcdf8bcc463afca63e8ece2530689d45e277dc26031b2f6eb8c34d9e8395e792473e57f8920d3c145c677f2937c9f74d910eb3df4a712050d4d33e7aa5d2fb7e5009281907dd7385ef62fc8f77d3892bdf5f64a3e6f65f8b5a11934447b888458d1c8dd799e6caf4ddf6b61335cd1f2c8643343e1ab383a74ca0e8f210fd57374daa13e409a51136c021751d2af8b5c36016ee54aef8aa5145028b53dcaef3d8d8bb074e48ecc8127808af06fd9fa908e1675740b6b3d0658f8de33fd830d47ce3b0ff00f8bb1c20a609e21ad097addd48e50b97005a1c2ab419add1ea42d01ad4f3bcf5dc2ca3e5517a92bae5c9846dc6bafe5eec6ba859efbce248b074fb1a5d7f1ae626a42ee6fff2c1a0c6bf180ee9aec9843a0d79370525714d64aabfa7604aaf46d22a18910c929bd97d2bd6f15cc14aa0efe2ece045a75876d54949513823d90ff92bc60712c21705cea493cd2a17ec8b945d3a61860d80d82a78505e9d8790acf810e0ef9d5150c1e3e8c696c8613a0063b219059085a20bed07b495b917349eb1db39600ddcef9ff8520b6c7962b72271a2bcb33a079349d25035b3eedd6345dd520f4beb5dcbe0a2964c90aae7d1a07346eee7576e4cfa7d08fd33d857def7082267c58b202bcbf86bf821568daa79750387f337fcf646ebd994f6ee085449c2abecbb7e63b1245430483746f9a75129e7edc7088b5c7fef705be1f9e4d1afd8277cf586816f86c6a3793751032c49e53de99a0a8a433c8b4f0da2e8bc7edf558e58b06decf501ce0043390769de01e785b6a9213079da70245a2280c331d9f284ad6564151b5719ea7ad138f581338da574b402cf499bd936fa80aca5e422c680f378e05422b130c7ce32d679ada3b8278f99a2eaefe457cb8b0dc52059cc0d9fc6756d0fbee9c5e44545a46cf68f0fe23c1e433c478572e3d05b65918bbeffe5289c2636870b1d5b7c050343714a3c2ced695d7ea213a92adbc9ad38bf7b873e4bbcee0d8182c79c2583871c85e9aa8bc9a46674123cc94f9335db6a61a41e964a5824bd0a113fa1ad050dcc6d03326d0d21bdf9c78dc3481910f24e37f03df1fa65dfb7925a1f88794d5941359863b88cfc7379b137c7ab206cf850042505016e8fa3ec9513c4292c4687e4538f2961a91cda1bbedf54ae1b282cb45faa2e9b6b0813b3eb5f93f48220dd7f121e359aee9d22466dcbdc04f4d85043ebb7d7ac9c74b6d460105ae145e43f663a1e203fc8089e61a1976bf06f3e7d85b08fcdd0b88c3c3eb46d003ecce7cf0fc149befa801c2cb57684331f458d697d6cefaac5f95ed05a32163a06b0fa73422d101c2a46be99a70eb1837dba198ca3f0796b2d0c7ababe4095fc6fc1942ae739132d9033dc4280196e8a7c21de9abbab47c4e3fbc77156040a9ec4bc0c98829cd356db59745fb7f6ec7175558bd271123a5541b8e88f89da6a240fe8b3f8d3febb472ce951c42ca21f530ccc519528383dbadb8e181c9f45a9a3bfdc86ea92c989388cf4a67c9a2380fd59200a5edc3e162b161d17708b30030f9cd56211d40589921c6273836033dacfffd67c05bf2efa45a290751e81dd347f553c55db8c9dd0f5b14696fefa00fb5f58943ea0ae458fac88f025e583636f97af2966985b87a8057479e9bca60934815a514dab00e9b3ce5c5fe431481c806eadf07e72eaa0ea852f89fc1e29f61b5d34975da05774e3910fa32702cc584f7951a090933a47b890eab6af559a92a851876d86b484a336a2f41590ebf169df52dfb1c64b813abb39f0f23ef3c8db86fe6f1011ae14418cb88f677fbae6c31437fd8a68df53cb5e5742ab1667219d8384ffd985fcb84f75e982e9c75f55af79ab8880436e2b11e2c9847fe48c2edc0ef936e5a7f15c46e81f72d5295386bb63329a6e2dd6bbef60832847db113818f34b18bdd7b059c4437b9c72322b15ca5363493d3fcd3b4792b2d2af03eecfc9a4dfafb224a5dfb192d25430ea73841dc5148baf1c13043d7ef15595ca319452b80db2c7562af7f5b633607c9dada7f5ad29138b3ecccd2f1f5ebce9823a9f13f895637650b26e928897219430d08e3a410c9318c6c3da75a52359083188b453c44fd8802e1653ba05995966e2de19f792e72e6f3c9685de62212300325652859cfe985d2b43a870e571234fd29935ef158dbf698363cb245db70f3e0126c9985681f207070cdfcd267b63bd55c4a7c799f34694046d25cb6d162d6f2c5778b439e5cd672aff1962d6c6c55bf14a90396ac3a5438e3a8e3f9", 0x1000}, {&(0x7f0000009240)="734d15a632ce8882630aef8f634a24c00c754fb923d0333dcb6abaf051b7064ee465edd351d502f9ad257f579026e30eacba334796d54ac36acc77f58ea1fd6faad74a7150b2e3485fde8512a58951e7d165561a76254e324d93a307197c2a5d4000dd172c5ad0f8f80fdfbb764c1ef22080407d3834dc1c951dd403f9849edb8832ad17999a990d1c975196a123e1", 0x8f}, {&(0x7f0000009300)="4fc23fb63694f2879adfbbf7a03332398e74e88fd386c1a3d70499cce8117317a62e2e44aff06d015f49306150b2f6dfc8f513c4a250d19eae8bec55d5a2640dd8f1911a83282aa4144886e11320312f05750291160dd5899106c7e612bce4b2dc1481709a793a2bc39d4acd7b9045fca261737d9e3c6e1927c1af81d2ae8b21b946eab1a62f105847a475d875d5277f8e27f273cdcc9c96efb24fe9e5a2c4d9c0e46d095e06308fd69d84286ee2576fa8f3362a44a5437f90e57785cf4f04e34301a47a58c626cb9c7b1ad70dce98e4e6e64f28b02cae5230e73f", 0xdb}, {&(0x7f0000009400)="7ff25c824e60eda3f4ccc358e6a4770f310c7ddbcb3330fe67f318ee301ec7ac82c1738a69e1548ace4cda2885b67d3edb08217b421be2acf6a107f643f2ff6a0d0cb9e94779c787738d76c8fa", 0x4d}], 0x7, 0x3)
r10 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r10, &(0x7f00000094c0)={0x18, 0x2, {0x0, @local}}, 0x1e)
r11 = openat$cgroup_root(0xffffff9c, &(0x7f0000009500)='./cgroup.net/syz0\x00', 0x200002, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r11, 0x50009402, 0x0)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000009540)=""/55)
r12 = openat$incfs(0xffffffffffffff9c, &(0x7f0000009580)='.pending_reads\x00', 0x1, 0x120)
getsockopt$ax25_int(r12, 0x101, 0x6, &(0x7f00000095c0), &(0x7f0000009600)=0x4)
ioctl$DRM_IOCTL_AGP_ACQUIRE(r12, 0x6430)
close_range(r5, 0xffffffffffffffff, 0x2)

129.458757ms ago: executing program 2 (id=729):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) (async)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x101a0}, &(0x7f00000003c0)=<r4=>0x0, &(0x7f0000000400)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000380)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x29, 0x0, 0x9394, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}}) (async, rerun: 32)
io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0) (async, rerun: 32)
mkdirat(0xffffffffffffffff, &(0x7f0000000240)='./file0/file1\x00', 0x80) (async)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[]) (async)
read$FUSE(0xffffffffffffffff, 0x0, 0x0) (async)
timerfd_create(0x1, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000000280)={{}, {0x77359400}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) (async)
ioctl$USBDEVFS_ALLOC_STREAMS(0xffffffffffffffff, 0xc0105500, &(0x7f0000000140)=ANY=[@ANYRESOCT]) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 64)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000100)=<r7=>0x0) (rerun: 64)
ioprio_set$pid(0x2, r7, 0x4007)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) (async, rerun: 32)
pread64(r6, &(0x7f0000000040)=""/172, 0xac, 0x0) (async, rerun: 32)
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x101, 0x8, 0x2, [], [0xeedb], [0x0, 0x4000000], [0x1]}) (async, rerun: 32)
r8 = socket$pppl2tp(0x18, 0x1, 0x1) (rerun: 32)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0xf, &(0x7f00000002c0)=ANY=[@ANYRES64], 0x0, 0x69f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r8, 0x111, 0x1, 0x6, 0x4) (async)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffa000/0x3000)=nil)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x8, 0x0, 0x0}}, 0x10)

129.033569ms ago: executing program 3 (id=730):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000100)={0x2, 'wlan0\x00', {0x10}, 0x9})
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/dev_snmp6\x00')
fchdir(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x2f5897beee7aa532, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
sched_setaffinity(r2, 0x8, &(0x7f00000000c0)=0x9)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$bt_hci(r5, 0x11e, 0x1, 0x0, &(0x7f0000000080))
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x3cb, 0x5})
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000000280)={0x3, r8, 0x0, 0x0, 0xa, 0x1ff, 0x1})

562.531µs ago: executing program 2 (id=731):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000068000301000000ef0000000000000a00000000000600030000000000080001000000000024000200020000000000000000000000000000000100000000000000fc"], 0x4c}}, 0x0)

0s ago: executing program 2 (id=732):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0)=[0x1], 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480)="627807434619734911420e123cb6f44fb54d82f86f3720b1d5ecd9651a9fcb2a1c358b9cd99a9da0b00953486764e0c7d13faa0d43ad3164e14aa9d4eafc2ae39ce2be18d63433b7dfc78608200e69639ab1530087488555d6d92591d54b3a4b2d398d9c826367e94ff87e48b5c84c384e4da2242cd7402f8ed7ca62f2bc83f74a833985f857aea120980634d28d", 0x8e, 0x0, 0x0, &(0x7f00000015c0)="89ef1284c86555bfe69b541fc18b8f329814f57bd00b1b3a660bb38d58430a051059c1c370b570890937d18b73fe9e420f4cbc3542c63678")
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008aec1, &(0x7f00000000c0)=ANY=[])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000010000000a6c000000060a0904000000000000000002000000400004803c0001800e000100696d6d656469617465000000280002801c000280180002800900020073797a320000000008000180fffffffc08000140000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x94}, 0x1, 0x0, 0x0, 0x1}, 0x0)
openat$ptp0(0xffffff9c, &(0x7f0000000480), 0x105981, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = dup2(r5, r3)
close_range(r6, 0xffffffffffffffff, 0x0)

0s ago: executing program 2 (id=733):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xb43, 0x870, 0x1, 0x1, 0xd59f80, 0x19f2, 0x400, 0x19ef, 0x2800, 0x3, 0x2800, 0x2800, 0x43e, 0xd1, 0xc, 0x1, {0x8, 0xffffffff}, 0xd0, 0x9}})

kernel console output (not intermixed with test programs):

MU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.255985][ T7657] Call Trace:
[  125.257197][ T7657]  <TASK>
[  125.258494][ T7657]  dump_stack_lvl+0x16c/0x1f0
[  125.260168][ T7657]  warn_alloc+0x24d/0x3a0
[  125.261700][ T7657]  ? __pfx_warn_alloc+0x10/0x10
[  125.263419][ T7657]  ? __pfx___lock_acquire+0x10/0x10
[  125.265255][ T7657]  ? get_ctrl+0x394/0x4f0
[  125.266811][ T7657]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  125.268816][ T7657]  __vmalloc_node_range_noprof+0x11a7/0x15a0
[  125.270930][ T7657]  ? __mutex_trylock_common+0xea/0x250
[  125.272859][ T7657]  ? __pfx___mutex_trylock_common+0x10/0x10
[  125.274932][ T7657]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  125.277137][ T7657]  ? rcu_is_watching+0x12/0xc0
[  125.278844][ T7657]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  125.281054][ T7657]  ? rcu_is_watching+0x12/0xc0
[  125.282752][ T7657]  ? rcu_is_watching+0x12/0xc0
[  125.284438][ T7657]  ? trace_kmalloc+0x2d/0xe0
[  125.286082][ T7657]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[  125.288097][ T7657]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  125.290262][ T7657]  __kvmalloc_node_noprof+0x14f/0x1a0
[  125.292138][ T7657]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  125.294266][ T7657]  __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  125.296138][ T7657]  vivid_update_format_cap+0x127b/0x2530
[  125.297666][ T7657]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  125.299287][ T7657]  ? v4l2_match_dv_timings+0x1df/0x1010
[  125.300758][ T7657]  vivid_vid_cap_s_dv_timings+0xc0f/0xfb0
[  125.302586][ T7657]  vidioc_s_dv_timings+0xa5/0xc0
[  125.304319][ T7657]  ? v4l_stub_s_dv_timings+0x1b/0x60
[  125.306179][ T7657]  __video_do_ioctl+0xaf0/0xf00
[  125.307898][ T7657]  ? __pfx___video_do_ioctl+0x10/0x10
[  125.309799][ T7657]  video_usercopy+0x426/0x1500
[  125.311483][ T7657]  ? __pfx___video_do_ioctl+0x10/0x10
[  125.313374][ T7657]  ? __pfx_video_usercopy+0x10/0x10
[  125.315219][ T7657]  v4l2_ioctl+0x1ba/0x250
[  125.316740][ T7657]  v4l2_compat_ioctl32+0x214/0x2c0
[  125.318550][ T7657]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  125.320509][ T7657]  __do_compat_sys_ioctl+0x259/0x2b0
[  125.322381][ T7657]  __do_fast_syscall_32+0x73/0x120
[  125.324157][ T7657]  do_fast_syscall_32+0x32/0x80
[  125.325883][ T7657]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  125.328091][ T7657] RIP: 0023:0xf7f78579
[  125.329535][ T7657] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  125.336134][ T7657] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  125.339025][ T7657] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0845657
[  125.341743][ T7657] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  125.344478][ T7657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  125.346997][ T7657] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  125.349113][ T7657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  125.351267][ T7657]  </TASK>
[  125.353737][ T7657] Mem-Info:
[  125.354645][ T7657] active_anon:4771 inactive_anon:172 isolated_anon:0
[  125.354645][ T7657]  active_file:14202 inactive_file:33250 isolated_file:0
[  125.354645][ T7657]  unevictable:802 dirty:124 writeback:0
[  125.354645][ T7657]  slab_reclaimable:4666 slab_unreclaimable:52400
[  125.354645][ T7657]  mapped:17893 shmem:1926 pagetables:716
[  125.354645][ T7657]  sec_pagetables:312 bounce:0
[  125.354645][ T7657]  kernel_misc_reclaimable:0
[  125.354645][ T7657]  free:82986 free_pcp:3283 free_cma:0
[  125.367767][ T7657] Node 0 active_anon:1964kB inactive_anon:680kB active_file:424kB inactive_file:3480kB unevictable:1568kB isolated(anon):0kB isolated(file):0kB mapped:2952kB dirty:12kB writeback:0kB shmem:1824kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9624kB pagetables:1516kB sec_pagetables:1192kB all_unreclaimable? yes
[  125.378689][ T7657] Node 1 active_anon:12964kB inactive_anon:8kB active_file:56384kB inactive_file:129520kB unevictable:1640kB isolated(anon):0kB isolated(file):0kB mapped:68620kB dirty:484kB writeback:0kB shmem:1832kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1772kB pagetables:1272kB sec_pagetables:56kB all_unreclaimable? no
[  125.388723][ T7657] Node 0 DMA free:2980kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:256kB inactive_anon:0kB active_file:264kB inactive_file:116kB unevictable:0kB writepending:8kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:372kB local_pcp:132kB free_cma:0kB
[  125.396706][ T7657] lowmem_reserve[]: 0 273 0 0 0
[  125.398495][ T7657] Node 0 DMA32 free:21396kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:1756kB inactive_anon:680kB active_file:160kB inactive_file:3364kB unevictable:1568kB writepending:4kB present:1032196kB managed:306288kB mlocked:32kB bounce:0kB free_pcp:1056kB local_pcp:252kB free_cma:0kB
[  125.408740][ T7657] lowmem_reserve[]: 0 0 0 0 0
[  125.410451][ T7657] Node 1 DMA32 free:306368kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:12964kB inactive_anon:8kB active_file:56384kB inactive_file:129520kB unevictable:1640kB writepending:484kB present:1048432kB managed:948252kB mlocked:104kB bounce:0kB free_pcp:15336kB local_pcp:1008kB free_cma:0kB
[  125.420785][ T7657] lowmem_reserve[]: 0 0 0 0 0
[  125.422492][ T7657] Node 0 DMA: 39*4kB (U) 83*8kB (U) 99*16kB (U) 18*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2980kB
[  125.427255][ T7657] Node 0 DMA32: 288*4kB (UMEH) 165*8kB (UMEH) 27*16kB (UMEH) 51*32kB (UMEH) 64*64kB (UMEH) 21*128kB (UME) 9*256kB (UE) 5*512kB (UM) 1*1024kB (M) 2*2048kB (M) 0*4096kB = 21304kB
[  125.433455][ T7657] Node 1 DMA32: 350*4kB (UME) 263*8kB (UME) 433*16kB (UME) 397*32kB (UME) 219*64kB (UME) 109*128kB (UME) 47*256kB (UME) 25*512kB (UM) 7*1024kB (ME) 3*2048kB (UM) 53*4096kB (UM) = 306336kB
[  125.440070][ T7657] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  125.443358][ T7657] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  125.446692][ T7657] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  125.450014][ T7657] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  125.453217][ T7657] 48671 total pagecache pages
[  125.454874][ T7657] 305 pages in swap cache
[  125.456596][ T7657] Free swap  = 116072kB
[  125.458103][ T7657] Total swap = 124996kB
[  125.459583][ T7657] 524155 pages RAM
[  125.460916][ T7657] 0 pages HighMem/MovableOnly
[  125.462569][ T7657] 206680 pages reserved
[  125.464036][ T7657] 0 pages cma reserved
[  125.541914][ T7664] FAULT_INJECTION: forcing a failure.
[  125.541914][ T7664] name failslab, interval 1, probability 0, space 0, times 0
[  125.546134][ T7664] CPU: 3 UID: 0 PID: 7664 Comm: syz.3.515 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  125.548974][ T7664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.551993][ T7664] Call Trace:
[  125.553172][ T7664]  <TASK>
[  125.554230][ T7664]  dump_stack_lvl+0x16c/0x1f0
[  125.555902][ T7664]  should_fail_ex+0x497/0x5b0
[  125.557585][ T7664]  ? fs_reclaim_acquire+0xae/0x150
[  125.559142][ T7664]  should_failslab+0xc2/0x120
[  125.560454][ T7664]  __kmalloc_noprof+0xcb/0x410
[  125.561840][ T7664]  io_alloc_async_data+0x9d/0x150
[  125.563217][ T7664]  io_prep_rw+0x30d/0xb70
[  125.564448][ T7664]  io_submit_sqes+0x8aa/0x2530
[  125.566113][ T7664]  __do_sys_io_uring_enter+0xc0f/0x1170
[  125.567666][ T7664]  ? __fget_files+0x244/0x3f0
[  125.568939][ T7664]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  125.570578][ T7664]  ? fput+0x30/0x390
[  125.571649][ T7664]  ? ksys_write+0x1ad/0x260
[  125.572922][ T7664]  ? __pfx_ksys_write+0x10/0x10
[  125.574249][ T7664]  __do_fast_syscall_32+0x73/0x120
[  125.576067][ T7664]  do_fast_syscall_32+0x32/0x80
[  125.577855][ T7664]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  125.580137][ T7664] RIP: 0023:0xf7f78579
[  125.581636][ T7664] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  125.586930][ T7664] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  125.589176][ T7664] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000184c
[  125.591342][ T7664] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  125.593489][ T7664] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  125.596296][ T7664] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  125.599153][ T7664] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  125.601411][ T7664]  </TASK>
[  125.672724][ T7667] netlink: 'syz.0.516': attribute type 4 has an invalid length.
[  125.681544][ T7667] netlink: 'syz.0.516': attribute type 4 has an invalid length.
[  125.691120][ T7669] netlink: 36 bytes leftover after parsing attributes in process `syz.3.517'.
[  126.483746][ T7690] FAULT_INJECTION: forcing a failure.
[  126.483746][ T7690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.487262][ T7688] syz.2.524 (7688): drop_caches: 2
[  126.491607][ T7690] CPU: 3 UID: 0 PID: 7690 Comm: syz.0.525 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  126.494601][ T7690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.497418][ T7690] Call Trace:
[  126.498286][ T7690]  <TASK>
[  126.499037][ T7690]  dump_stack_lvl+0x16c/0x1f0
[  126.500239][ T7690]  should_fail_ex+0x497/0x5b0
[  126.501482][ T7690]  _copy_from_user+0x30/0xf0
[  126.502695][ T7690]  get_compat_msghdr+0xa8/0x170
[  126.503972][ T7690]  ? __pfx_get_compat_msghdr+0x10/0x10
[  126.505369][ T7690]  ? find_held_lock+0x2d/0x110
[  126.506567][ T7690]  ___sys_recvmsg+0x193/0x1a0
[  126.507797][ T7690]  ? __pfx____sys_recvmsg+0x10/0x10
[  126.509146][ T7690]  ? lock_acquire+0x2f/0xb0
[  126.510223][ T7690]  ? __fget_files+0x40/0x3f0
[  126.511339][ T7690]  ? __pfx___might_resched+0x10/0x10
[  126.512642][ T7690]  ? fdget+0x176/0x210
[  126.513611][ T7690]  do_recvmmsg+0x51a/0x750
[  126.514773][ T7690]  ? __pfx_do_recvmmsg+0x10/0x10
[  126.516057][ T7690]  ? __pfx_lock_release+0x10/0x10
[  126.517399][ T7690]  ? vfs_write+0x14d/0x1140
[  126.518527][ T7690]  ? __fget_files+0x244/0x3f0
[  126.519677][ T7690]  __sys_recvmmsg+0x21e/0x280
[  126.520851][ T7690]  ? __pfx___sys_recvmmsg+0x10/0x10
[  126.522134][ T7690]  ? __pfx_ksys_write+0x10/0x10
[  126.523299][ T7690]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  126.524924][ T7690]  ? lockdep_hardirqs_on+0x7c/0x110
[  126.526290][ T7690]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  126.527999][ T7690]  __do_fast_syscall_32+0x73/0x120
[  126.529359][ T7690]  do_fast_syscall_32+0x32/0x80
[  126.530645][ T7690]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  126.532296][ T7690] RIP: 0023:0xf744e579
[  126.533383][ T7690] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  126.538156][ T7690] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  126.540201][ T7690] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200055c0
[  126.542194][ T7690] RDX: 000000000400023c RSI: 0000000000000000 RDI: 0000000000000000
[  126.544072][ T7690] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  126.546015][ T7690] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  126.547916][ T7690] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  126.550121][ T7690]  </TASK>
[  126.577568][ T7693] capability: warning: `syz.0.526' uses 32-bit capabilities (legacy support in use)
[  126.682387][ T7697] netlink: 32 bytes leftover after parsing attributes in process `syz.3.528'.
[  126.904779][ T7708] veth0_vlan: left promiscuous mode
[  126.907416][ T7708] veth0_vlan: entered promiscuous mode
[  127.161446][ T7715] netlink: 8 bytes leftover after parsing attributes in process `syz.2.533'.
[  127.163792][ T7715] FAULT_INJECTION: forcing a failure.
[  127.163792][ T7715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.167494][ T7715] CPU: 2 UID: 0 PID: 7715 Comm: syz.2.533 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  127.170277][ T7715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  127.173308][ T7715] Call Trace:
[  127.174200][ T7715]  <TASK>
[  127.174974][ T7715]  dump_stack_lvl+0x16c/0x1f0
[  127.176307][ T7715]  should_fail_ex+0x497/0x5b0
[  127.177563][ T7715]  _copy_from_user+0x30/0xf0
[  127.178771][ T7715]  kstrtouint_from_user+0xd7/0x1c0
[  127.180101][ T7715]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  127.181593][ T7715]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  127.183058][ T7715]  proc_fail_nth_write+0x84/0x250
[  127.184370][ T7715]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  127.185835][ T7715]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  127.187285][ T7715]  vfs_write+0x28e/0x1140
[  127.188426][ T7715]  ? __fget_files+0x23a/0x3f0
[  127.189671][ T7715]  ? fdget_pos+0x24c/0x360
[  127.190832][ T7715]  ? __pfx_lock_release+0x10/0x10
[  127.192142][ T7715]  ? trace_lock_acquire+0x14a/0x1d0
[  127.193499][ T7715]  ? __pfx_vfs_write+0x10/0x10
[  127.194741][ T7715]  ? __pfx___mutex_lock+0x10/0x10
[  127.196059][ T7715]  ? __fget_files+0x244/0x3f0
[  127.197302][ T7715]  ksys_write+0x12f/0x260
[  127.198429][ T7715]  ? __pfx_ksys_write+0x10/0x10
[  127.199693][ T7715]  __do_fast_syscall_32+0x73/0x120
[  127.201034][ T7715]  do_fast_syscall_32+0x32/0x80
[  127.202325][ T7715]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  127.203969][ T7715] RIP: 0023:0xf7f93579
[  127.205042][ T7715] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  127.210009][ T7715] RSP: 002b:00000000f57165a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  127.212283][ T7715] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5716620
[  127.214492][ T7715] RDX: 0000000000000001 RSI: 00000000f741bff4 RDI: 0000000000000000
[  127.216568][ T7715] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  127.218652][ T7715] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  127.220658][ T7715] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  127.222756][ T7715]  </TASK>
[  127.473465][ T7739] input: syz0 as /devices/virtual/input/input13
[  127.490235][ T7742] tunl0: entered allmulticast mode
[  127.492396][ T7743] netlink: 8 bytes leftover after parsing attributes in process `syz.2.537'.
[  127.574002][ T7746] input: syz1 as /devices/virtual/input/input14
[  127.627518][ T7752] syz.2.541 (7752): drop_caches: 2
[  127.756365][  T829] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  127.918928][  T829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.921916][  T829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.924785][  T829] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  127.927414][  T829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.932082][  T829] usb 5-1: config 0 descriptor??
[  127.964905][   T83] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.345923][  T829] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor
[  128.352067][  T829] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0926:3333.0003/input/input15
[  128.433309][  T829] keytouch 0003:0926:3333.0003: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  128.547781][ T7745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.551882][ T7745] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.555428][ T7745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.559122][ T7745] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.562154][ T7745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.565385][ T7745] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.569829][ T7745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.572169][ T7745] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.576758][  T829] usb 5-1: USB disconnect, device number 7
[  129.390677][ T5355] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  129.396728][ T5355] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  129.399544][ T5355] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  129.402237][ T5355] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  129.404417][ T5355] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  129.407161][ T5355] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  129.474596][ T7774] netlink: 'syz.0.547': attribute type 1 has an invalid length.
[  129.484512][ T7774] 8021q: adding VLAN 0 to HW filter on device bond3
[  129.502973][ T7774] 8021q: adding VLAN 0 to HW filter on device bond3
[  129.505679][ T7774] bond3: (slave vti0): The slave device specified does not support setting the MAC address
[  129.509915][ T7774] bond3: (slave vti0): Error -95 calling set_mac_address
[  129.549110][ T7764] chnl_net:caif_netlink_parms(): no params data found
[  129.627095][ T7781] can0: slcan on ptm0.
[  129.627208][ T7785] netlink: 8 bytes leftover after parsing attributes in process `syz.0.549'.
[  129.678491][ T7764] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.681842][ T7764] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.684606][ T7764] bridge_slave_0: entered allmulticast mode
[  129.689785][ T7764] bridge_slave_0: entered promiscuous mode
[  129.701539][ T7764] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.704698][ T7764] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.704712][  T829] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  129.707865][ T7764] bridge_slave_1: entered allmulticast mode
[  129.713684][ T7764] bridge_slave_1: entered promiscuous mode
[  129.748605][ T7764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  129.754276][ T7764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  129.802532][ T7788] FAULT_INJECTION: forcing a failure.
[  129.802532][ T7788] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.807750][ T7788] CPU: 2 UID: 0 PID: 7788 Comm: syz.0.550 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  129.810439][ T7788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.813545][ T7788] Call Trace:
[  129.814398][ T7788]  <TASK>
[  129.815150][ T7788]  dump_stack_lvl+0x16c/0x1f0
[  129.816478][ T7788]  should_fail_ex+0x497/0x5b0
[  129.817822][ T7788]  _copy_to_user+0x30/0xc0
[  129.819084][ T7788]  simple_read_from_buffer+0xd0/0x160
[  129.820648][ T7788]  proc_fail_nth_read+0x198/0x270
[  129.822139][ T7788]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  129.823632][ T7788]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  129.825102][ T7788]  vfs_read+0x1ce/0xbd0
[  129.826224][ T7788]  ? __fget_files+0x23a/0x3f0
[  129.827474][ T7788]  ? fdget_pos+0x24c/0x360
[  129.828959][ T7788]  ? __pfx_lock_release+0x10/0x10
[  129.830343][ T7788]  ? trace_lock_acquire+0x14a/0x1d0
[  129.831692][ T7788]  ? __pfx_vfs_read+0x10/0x10
[  129.832912][ T7788]  ? __pfx___mutex_lock+0x10/0x10
[  129.834281][ T7788]  ? __fget_files+0x244/0x3f0
[  129.835521][ T7788]  ksys_read+0x12f/0x260
[  129.836625][ T7788]  ? __pfx_ksys_read+0x10/0x10
[  129.837923][ T7788]  __do_fast_syscall_32+0x73/0x120
[  129.839287][ T7788]  do_fast_syscall_32+0x32/0x80
[  129.840549][ T7788]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.842354][ T7788] RIP: 0023:0xf744e579
[  129.843506][ T7788] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  129.848376][ T7788] RSP: 002b:00000000f57365a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  129.850901][ T7788] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5736620
[  129.852923][ T7788] RDX: 000000000000000f RSI: 00000000f743bff4 RDI: 0000000000000000
[  129.854922][ T7788] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  129.857035][ T7788] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  129.859677][ T7788] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  129.861761][ T7788]  </TASK>
[  129.888449][   T83] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.904160][ T7764] team0: Port device team_slave_0 added
[  129.912029][ T7764] team0: Port device team_slave_1 added
[  129.962197][ T7764] batman_adv: batadv0: Adding interface: batadv_slave_0
[  129.964564][ T7764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.973570][ T7764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.977638][ T7764] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.979635][ T7764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.986242][ T7764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.008829][   T83] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.080424][ T7793] syz.0.552 (7793): drop_caches: 2
[  130.101141][   T83] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.111469][ T7764] hsr_slave_0: entered promiscuous mode
[  130.114348][ T7764] hsr_slave_1: entered promiscuous mode
[  130.120581][ T7764] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  130.122958][ T7764] Cannot create hsr debugfs directory
[  130.217916][   T83] bridge_slave_1: left allmulticast mode
[  130.219638][   T83] bridge_slave_1: left promiscuous mode
[  130.221676][   T83] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.224967][   T83] bridge_slave_0: left allmulticast mode
[  130.226917][   T83] bridge_slave_0: left promiscuous mode
[  130.228528][   T83] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.425013][ T7805] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  130.550145][   T83] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  130.555056][   T83] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  130.559489][   T83] bond0 (unregistering): Released all slaves
[  130.696671][ T7777] can0 (unregistered): slcan off ptm0.
[  130.758628][ T7810] syzkaller1: entered promiscuous mode
[  130.760111][ T7810] syzkaller1: entered allmulticast mode
[  130.901636][   T83] hsr_slave_0: left promiscuous mode
[  130.904906][   T83] hsr_slave_1: left promiscuous mode
[  130.915933][   T83] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  130.918280][   T83] batman_adv: batadv0: Removing interface: batadv_slave_0
[  130.921907][   T83] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  130.923899][   T83] batman_adv: batadv0: Removing interface: batadv_slave_1
[  130.982138][   T83] veth1_macvtap: left promiscuous mode
[  130.983980][   T83] veth0_macvtap: left promiscuous mode
[  130.985428][   T83] veth1_vlan: left promiscuous mode
[  130.987149][   T83] veth0_vlan: left promiscuous mode
[  131.035496][ T7824] random: crng reseeded on system resumption
[  131.226700][  T982] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  131.369338][  T982] usb 7-1: device descriptor read/64, error -71
[  131.459818][ T5355] Bluetooth: hci1: command tx timeout
[  131.608436][  T982] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  131.621013][ T1378] ieee802154 phy0 wpan0: encryption failed: -22
[  131.622871][ T1378] ieee802154 phy1 wpan1: encryption failed: -22
[  131.729222][   T83] team0 (unregistering): Port device team_slave_1 removed
[  131.745824][  T982] usb 7-1: device descriptor read/64, error -71
[  131.801597][   T83] team0 (unregistering): Port device team_slave_0 removed
[  131.860054][  T982] usb usb7-port1: attempt power cycle
[  132.215819][  T982] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  132.247164][  T982] usb 7-1: device descriptor read/8, error -71
[  132.294596][ T7826] netlink: 8 bytes leftover after parsing attributes in process `syz.3.558'.
[  132.347903][ T7840] 9pnet_fd: Insufficient options for proto=fd
[  132.421518][ T7764] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  132.429995][ T7764] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  132.446198][ T7764] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  132.495768][  T982] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  132.516169][  T982] usb 7-1: device descriptor read/8, error -71
[  132.537859][ T7764] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  132.639182][ T7764] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.651527][  T982] usb usb7-port1: unable to enumerate USB device
[  132.652669][ T7764] 8021q: adding VLAN 0 to HW filter on device team0
[  132.660284][ T1135] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.662735][ T1135] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.714177][ T7764] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  132.738753][ T7764] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  132.744135][ T1097] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.746108][ T1097] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.851550][ T7867] virtio-fs: tag <(null)> not found
[  133.014990][ T7764] 8021q: adding VLAN 0 to HW filter on device batadv0
[  133.040816][ T7764] veth0_vlan: entered promiscuous mode
[  133.050051][ T7764] veth1_vlan: entered promiscuous mode
[  133.070950][ T7764] veth0_macvtap: entered promiscuous mode
[  133.075309][ T7764] veth1_macvtap: entered promiscuous mode
[  133.082574][ T7764] batman_adv: batadv0: Interface activated: batadv_slave_0
[  133.088064][ T7764] batman_adv: batadv0: Interface activated: batadv_slave_1
[  133.092194][ T7764] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  133.094623][ T7764] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  133.097266][ T7764] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  133.099634][ T7764] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  133.125026][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.131552][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.139902][   T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.142841][   T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.382818][ T7874] syzkaller1: entered promiscuous mode
[  133.384390][ T7874] syzkaller1: entered allmulticast mode
[  133.517475][ T7876] netlink: 12 bytes leftover after parsing attributes in process `syz.0.565'.
[  133.558665][ T7878] random: crng reseeded on system resumption
[  133.575144][ T7880] syz.3.566 (7880): drop_caches: 2
[  134.401920][ T7899] FAULT_INJECTION: forcing a failure.
[  134.401920][ T7899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.405385][ T7899] CPU: 0 UID: 0 PID: 7899 Comm: syz.0.572 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  134.408168][ T7899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.410985][ T7899] Call Trace:
[  134.411875][ T7899]  <TASK>
[  134.412667][ T7899]  dump_stack_lvl+0x16c/0x1f0
[  134.413960][ T7899]  should_fail_ex+0x497/0x5b0
[  134.415227][ T7899]  _copy_from_user+0x30/0xf0
[  134.416467][ T7899]  video_usercopy+0xc62/0x1500
[  134.417758][ T7899]  ? __pfx___video_do_ioctl+0x10/0x10
[  134.419186][ T7899]  ? __pfx_video_usercopy+0x10/0x10
[  134.420561][ T7899]  v4l2_ioctl+0x1ba/0x250
[  134.421714][ T7899]  v4l2_compat_ioctl32+0x214/0x2c0
[  134.423062][ T7899]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  134.424629][ T7899]  __do_compat_sys_ioctl+0x259/0x2b0
[  134.426046][ T7899]  __do_fast_syscall_32+0x73/0x120
[  134.427414][ T7899]  do_fast_syscall_32+0x32/0x80
[  134.428714][ T7899]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.430391][ T7899] RIP: 0023:0xf744e579
[  134.431466][ T7899] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.434893][ T7901] FAULT_INJECTION: forcing a failure.
[  134.434893][ T7901] name failslab, interval 1, probability 0, space 0, times 0
[  134.436574][ T7899] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  134.436588][ T7899] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657
[  134.436594][ T7899] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  134.436600][ T7899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  134.436606][ T7899] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  134.436612][ T7899] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.436624][ T7899]  </TASK>
[  134.453229][ T7901] CPU: 3 UID: 0 PID: 7901 Comm: syz.3.573 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  134.456607][ T7901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.459422][ T7901] Call Trace:
[  134.460304][ T7901]  <TASK>
[  134.461084][ T7901]  dump_stack_lvl+0x16c/0x1f0
[  134.462342][ T7901]  should_fail_ex+0x497/0x5b0
[  134.463877][ T7901]  ? fs_reclaim_acquire+0xae/0x150
[  134.465573][ T7901]  should_failslab+0xc2/0x120
[  134.466820][ T7901]  kmem_cache_alloc_lru_noprof+0x72/0x2f0
[  134.468413][ T7901]  ? __d_alloc+0x35/0x8c0
[  134.469583][ T7901]  __d_alloc+0x35/0x8c0
[  134.470682][ T7901]  d_alloc+0x4a/0x1e0
[  134.471741][ T7901]  d_alloc_parallel+0xe9/0x12b0
[  134.473032][ T7901]  ? __pfx_d_alloc_parallel+0x10/0x10
[  134.474492][ T7901]  ? lockdep_init_map_type+0x16d/0x7d0
[  134.475927][ T7901]  ? mark_lock+0xb5/0xc60
[  134.477089][ T7901]  ? lockdep_init_map_type+0x16d/0x7d0
[  134.478534][ T7901]  __lookup_slow+0x194/0x460
[  134.479859][ T7901]  ? __pfx___lookup_slow+0x10/0x10
[  134.481235][ T7901]  ? __pfx_lock_release+0x10/0x10
[  134.482702][ T7901]  ? d_lookup+0xe9/0x180
[  134.484046][ T7901]  lookup_one_len+0x181/0x1b0
[  134.485675][ T7901]  ? __pfx_lookup_one_len+0x10/0x10
[  134.487451][ T7901]  ? mntput+0x10/0x90
[  134.488817][ T7901]  start_creating.part.0+0x12f/0x3a0
[  134.490546][ T7901]  __debugfs_create_file+0xa5/0x660
[  134.492068][ T7901]  kvm_dev_ioctl+0x14b9/0x1ab0
[  134.493620][ T7901]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  134.494963][ T7901]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  134.496311][ T7901]  __do_compat_sys_ioctl+0x259/0x2b0
[  134.498017][ T7901]  __do_fast_syscall_32+0x73/0x120
[  134.499768][ T7901]  do_fast_syscall_32+0x32/0x80
[  134.501398][ T7901]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.503246][ T7901] RIP: 0023:0xf7f78579
[  134.504290][ T7901] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.510324][ T7901] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  134.512813][ T7901] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000ae01
[  134.514885][ T7901] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  134.516933][ T7901] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  134.519027][ T7901] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  134.521073][ T7901] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.523137][ T7901]  </TASK>
[  135.077368][ T7922] =======================================================
[  135.077368][ T7922] WARNING: The mand mount option has been deprecated and
[  135.077368][ T7922]          and is ignored by this kernel. Remove the mand
[  135.077368][ T7922]          option from the mount to silence this warning.
[  135.077368][ T7922] =======================================================
[  135.093489][ T7922] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  135.098093][ T7922] overlayfs: maximum fs stacking depth exceeded
[  135.139370][ T7927] FAULT_INJECTION: forcing a failure.
[  135.139370][ T7927] name failslab, interval 1, probability 0, space 0, times 0
[  135.143325][ T7927] CPU: 1 UID: 0 PID: 7927 Comm: syz.3.581 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  135.146398][ T7927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.149954][ T7927] Call Trace:
[  135.151141][ T7927]  <TASK>
[  135.152186][ T7927]  dump_stack_lvl+0x16c/0x1f0
[  135.153820][ T7927]  should_fail_ex+0x497/0x5b0
[  135.155515][ T7927]  ? fs_reclaim_acquire+0xae/0x150
[  135.157412][ T7927]  should_failslab+0xc2/0x120
[  135.159042][ T7927]  __kmalloc_noprof+0xcb/0x410
[  135.160575][ T7927]  ? rhashtable_init_noprof+0x57f/0x7d0
[  135.162533][ T7927]  nft_trans_alloc_gfp+0x26/0x2e0
[  135.164309][ T7927]  nf_tables_newtable+0x13b3/0x1b40
[  135.166192][ T7927]  ? net_generic+0xea/0x2a0
[  135.167860][ T7927]  ? __pfx_nf_tables_newtable+0x10/0x10
[  135.169858][ T7927]  ? trace_lock_acquire+0x14a/0x1d0
[  135.171700][ T7927]  ? __nla_parse+0x40/0x60
[  135.173339][ T7927]  nfnetlink_rcv_batch+0x1a28/0x24e0
[  135.175201][ T7927]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  135.176845][ T7927]  ? __pfx_stack_trace_save+0x10/0x10
[  135.178630][ T7927]  ? __pfx_mark_lock+0x10/0x10
[  135.179913][ T7927]  ? __lock_acquire+0xbdd/0x3ce0
[  135.181425][ T7927]  ? __nla_parse+0x40/0x60
[  135.182817][ T7927]  nfnetlink_rcv+0x3c3/0x430
[  135.184206][ T7927]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  135.185715][ T7927]  netlink_unicast+0x53c/0x7f0
[  135.186993][ T7927]  ? __pfx_netlink_unicast+0x10/0x10
[  135.188453][ T7927]  ? __phys_addr_symbol+0x30/0x80
[  135.189799][ T7927]  ? __check_object_size+0x488/0x710
[  135.190781][ T7932] overlay: ./file0 is not a directory
[  135.191360][ T7927]  netlink_sendmsg+0x8b8/0xd70
[  135.194827][ T7927]  ? __pfx_netlink_sendmsg+0x10/0x10
[  135.196271][ T7927]  ? lock_acquire+0x2f/0xb0
[  135.197496][ T7927]  ____sys_sendmsg+0x9ae/0xb40
[  135.199043][ T7927]  ? __pfx_____sys_sendmsg+0x10/0x10
[  135.200910][ T7927]  ? get_compat_msghdr+0x11b/0x170
[  135.202360][ T7927]  ? __pfx___lock_acquire+0x10/0x10
[  135.203723][ T7927]  ___sys_sendmsg+0x135/0x1e0
[  135.205033][ T7927]  ? __pfx____sys_sendmsg+0x10/0x10
[  135.206724][ T7927]  ? lock_acquire+0x2f/0xb0
[  135.208395][ T7927]  ? __fget_files+0x40/0x3f0
[  135.210130][ T7927]  ? fdget+0x176/0x210
[  135.211612][ T7927]  __sys_sendmsg+0x117/0x1f0
[  135.213281][ T7927]  ? __pfx___sys_sendmsg+0x10/0x10
[  135.215102][ T7927]  ? __fget_files+0x244/0x3f0
[  135.216816][ T7927]  __do_fast_syscall_32+0x73/0x120
[  135.218728][ T7927]  do_fast_syscall_32+0x32/0x80
[  135.220520][ T7927]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.222760][ T7927] RIP: 0023:0xf7f78579
[  135.224255][ T7927] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.230871][ T7927] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  135.233668][ T7927] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000e80
[  135.236405][ T7927] RDX: 0000000024004080 RSI: 0000000000000000 RDI: 0000000000000000
[  135.239275][ T7927] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.242090][ T7927] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  135.244718][ T7927] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.247355][ T7927]  </TASK>
[  135.270850][   T39] audit: type=1326 audit(1729681524.820:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.277080][   T39] audit: type=1326 audit(1729681524.820:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.282275][   T39] audit: type=1326 audit(1729681524.830:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=271 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.287535][   T39] audit: type=1326 audit(1729681524.830:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.293696][   T39] audit: type=1326 audit(1729681524.830:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.313623][   T39] audit: type=1326 audit(1729681524.840:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.323042][   T42] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.369267][   T39] audit: type=1326 audit(1729681524.920:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.374994][   T39] audit: type=1326 audit(1729681524.920:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.384487][   T39] audit: type=1326 audit(1729681524.930:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.393941][   T39] audit: type=1326 audit(1729681524.940:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000
[  135.422607][ T7937] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  136.756454][ T7948] tipc: Started in network mode
[  136.758358][ T7948] tipc: Node identity 080211000001, cluster identity 4711
[  136.760837][ T7948] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  136.775708][ T5359] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  136.780352][ T5359] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  136.789556][ T5359] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  136.795437][ T5359] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  136.798378][ T5359] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  136.800377][ T5359] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  136.881594][ T7949] chnl_net:caif_netlink_parms(): no params data found
[  136.943900][ T7949] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.946220][ T7949] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.948094][ T7949] bridge_slave_0: entered allmulticast mode
[  136.950433][ T7949] bridge_slave_0: entered promiscuous mode
[  136.953043][ T7949] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.954961][ T7949] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.956858][ T7949] bridge_slave_1: entered allmulticast mode
[  136.959049][ T7949] bridge_slave_1: entered promiscuous mode
[  136.972368][ T6278] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  136.983934][ T7949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.988921][ T7949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.020166][ T7949] team0: Port device team_slave_0 added
[  137.023187][ T7949] team0: Port device team_slave_1 added
[  137.069633][   T42] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.076105][ T7949] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.078378][ T7949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.089206][ T7949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.095061][ T7949] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.097642][ T7949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.112211][ T7949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.123511][ T6278] usb 8-1: Using ep0 maxpacket: 8
[  137.127919][ T6278] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  137.131151][ T6278] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  137.136841][ T6278] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  137.139339][ T6278] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  137.141816][ T6278] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  137.145802][ T6278] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  137.152633][ T6278] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.173500][   T42] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.178091][ T7964] syzkaller1: entered promiscuous mode
[  137.179692][ T7964] syzkaller1: entered allmulticast mode
[  137.184094][ T7949] hsr_slave_0: entered promiscuous mode
[  137.186756][ T7949] hsr_slave_1: entered promiscuous mode
[  137.188528][ T7949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.190456][ T7949] Cannot create hsr debugfs directory
[  137.235787][   T42] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.356011][ T6278] usb 8-1: usb_control_msg returned -32
[  137.358154][ T6278] usbtmc 8-1:16.0: can't read capabilities
[  137.373389][   T42] bridge_slave_1: left allmulticast mode
[  137.375021][   T42] bridge_slave_1: left promiscuous mode
[  137.378500][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.381822][   T42] bridge_slave_0: left allmulticast mode
[  137.383346][   T42] bridge_slave_0: left promiscuous mode
[  137.384891][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.461862][ T7967] tmpfs: Bad value for 'mpol'
[  137.656283][   T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  137.660509][   T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  137.663915][   T42] bond0 (unregistering): Released all slaves
[  137.719426][ T7971] usbtmc 8-1:16.0: control status returned 0
[  137.846444][ T5413] tipc: Node number set to 134418688
[  137.976603][   T42] hsr_slave_0: left promiscuous mode
[  137.979474][   T42] hsr_slave_1: left promiscuous mode
[  137.981447][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  137.984082][   T42] batman_adv: batadv0: Removing interface: batadv_slave_0
[  137.987379][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  137.989656][   T42] batman_adv: batadv0: Removing interface: batadv_slave_1
[  138.033571][   T42] veth1_macvtap: left promiscuous mode
[  138.035491][   T42] veth0_macvtap: left promiscuous mode
[  138.037426][   T42] veth1_vlan: left promiscuous mode
[  138.039207][   T42] veth0_vlan: left promiscuous mode
[  138.788297][ T5355] Bluetooth: hci1: command tx timeout
[  138.865001][   T42] team0 (unregistering): Port device team_slave_1 removed
[  138.937309][   T42] team0 (unregistering): Port device team_slave_0 removed
[  139.029824][ T8000] netlink: 36 bytes leftover after parsing attributes in process `syz.2.596'.
[  139.322936][ T5413] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  139.470862][ T5413] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  139.473308][ T5413] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  139.475984][ T5413] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  139.478418][ T5413] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  139.481706][ T5413] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  139.486421][ T5413] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  139.491493][ T5413] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  139.494072][ T5413] usb 7-1: Product: syz
[  139.495159][ T5413] usb 7-1: Manufacturer: syz
[  139.500927][ T5413] cdc_wdm 7-1:1.0: skipping garbage
[  139.502449][ T5413] cdc_wdm 7-1:1.0: skipping garbage
[  139.505084][ T5413] cdc_wdm 7-1:1.0: cdc-wdm1: USB WDM device
[  139.506635][ T5413] cdc_wdm 7-1:1.0: Unknown control protocol
[  139.537861][ T7949] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  139.542045][ T7949] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  139.545393][ T7949] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  139.548429][ T7949] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  139.600685][ T7949] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.608482][ T7949] 8021q: adding VLAN 0 to HW filter on device team0
[  139.613755][ T1097] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.616264][ T1097] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.628907][ T1097] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.630823][ T1097] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.652745][  T982] usb 8-1: USB disconnect, device number 7
[  139.687143][ T8005] netlink: 4 bytes leftover after parsing attributes in process `syz.3.598'.
[  139.705735][ T1301] usb 7-1: USB disconnect, device number 15
[  139.754811][ T7949] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.772884][ T7949] veth0_vlan: entered promiscuous mode
[  139.777217][ T7949] veth1_vlan: entered promiscuous mode
[  139.789692][ T7949] veth0_macvtap: entered promiscuous mode
[  139.793045][ T7949] veth1_macvtap: entered promiscuous mode
[  139.799691][ T7949] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.808213][ T7949] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.813587][ T7949] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.816843][ T7949] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.819970][ T7949] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.823655][ T7949] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.864334][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.866731][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.885486][   T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.887563][   T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.569391][ T8013] netlink: 8 bytes leftover after parsing attributes in process `syz.2.600'.
[  140.685444][ T8011] Invalid logical block size (65525)
[  140.820457][ T8024] netlink: 12 bytes leftover after parsing attributes in process `syz.3.602'.
[  140.822907][ T8024] netlink: 'syz.3.602': attribute type 12 has an invalid length.
[  140.830495][ T8024] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  140.832945][ T8024] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  140.835249][ T8024] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  140.838142][ T8024] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  140.838474][ T8018] /dev/sr0: Can't open blockdev
[  140.842947][ T8024] vxlan0: entered promiscuous mode
[  140.965218][ T8021] /dev/sr0: Can't open blockdev
[  141.790232][ T8042] netlink: 8 bytes leftover after parsing attributes in process `syz.3.609'.
[  141.798554][ T8042] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  141.800883][ T8042] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  141.802890][ T8042] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  141.805235][ T8042] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  142.231664][   T83] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.731646][ T8051] netlink: 'syz.3.612': attribute type 1 has an invalid length.
[  143.761150][ T8051] bond3: entered allmulticast mode
[  143.764226][ T8051] 8021q: adding VLAN 0 to HW filter on device bond3
[  143.767796][ T8051] bond2: (slave bond3): making interface the new active one
[  143.770569][ T8051] bond2: (slave bond3): Enslaving as an active interface with an up link
[  143.799296][ T5359] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  143.804746][ T5359] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  143.810725][ T5359] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  143.820681][ T5359] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  143.821655][   T83] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.828898][ T5359] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  143.833637][ T5359] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  143.858669][ T8059] syz.3.614 (8059): drop_caches: 2
[  143.922964][   T83] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.959178][ T8054] chnl_net:caif_netlink_parms(): no params data found
[  144.009380][   T83] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.044960][ T8054] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.047163][ T8054] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.049101][ T8054] bridge_slave_0: entered allmulticast mode
[  144.051340][ T8054] bridge_slave_0: entered promiscuous mode
[  144.054500][ T8054] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.056687][ T8054] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.058583][ T8054] bridge_slave_1: entered allmulticast mode
[  144.061111][ T8054] bridge_slave_1: entered promiscuous mode
[  144.081468][ T8054] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.086053][ T8054] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.122445][ T8054] team0: Port device team_slave_0 added
[  144.126745][ T8054] team0: Port device team_slave_1 added
[  144.165868][ T8054] batman_adv: batadv0: Adding interface: batadv_slave_0
[  144.170940][ T8054] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.180179][ T8054] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  144.196759][ T8054] batman_adv: batadv0: Adding interface: batadv_slave_1
[  144.199240][ T8054] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.207420][ T8054] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  144.214980][   T83] bridge_slave_1: left allmulticast mode
[  144.216859][   T83] bridge_slave_1: left promiscuous mode
[  144.218317][   T83] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.221253][   T83] bridge_slave_0: left allmulticast mode
[  144.222736][   T83] bridge_slave_0: left promiscuous mode
[  144.224250][   T83] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.523913][   T83] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  144.528137][ T8078] FAULT_INJECTION: forcing a failure.
[  144.528137][ T8078] name failslab, interval 1, probability 0, space 0, times 0
[  144.534026][   T83] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  144.534578][ T8078] CPU: 2 UID: 0 PID: 8078 Comm: syz.3.617 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  144.539924][ T8078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.543556][ T8078] Call Trace:
[  144.544750][ T8078]  <TASK>
[  144.545822][ T8078]  dump_stack_lvl+0x16c/0x1f0
[  144.547514][ T8078]  should_fail_ex+0x497/0x5b0
[  144.549146][ T8078]  ? fs_reclaim_acquire+0xae/0x150
[  144.550930][ T8078]  should_failslab+0xc2/0x120
[  144.552578][ T8078]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  144.554425][ T8078]  ? __kernfs_new_node+0xd3/0x890
[  144.556135][ T8078]  __kernfs_new_node+0xd3/0x890
[  144.557774][ T8078]  ? __pfx___kernfs_new_node+0x10/0x10
[  144.559535][ T8078]  ? __pfx_lock_release+0x10/0x10
[  144.561260][ T8078]  ? kernfs_add_one+0x39d/0x520
[  144.562989][ T8078]  ? up_write+0x1b2/0x520
[  144.564555][ T8078]  kernfs_new_node+0x186/0x240
[  144.566324][ T8078]  __kernfs_create_file+0x53/0x350
[  144.568171][ T8078]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  144.570029][ T8078]  internal_create_group+0x565/0xe50
[  144.571921][ T8078]  ? __pfx_internal_create_group+0x10/0x10
[  144.573946][ T8078]  sysfs_slab_add+0x1a3/0x1e0
[  144.575565][ T8078]  do_kmem_cache_create+0x606/0x700
[  144.577386][ T8078]  ? kstrdup+0x5c/0x80
[  144.578839][ T8078]  __kmem_cache_create_args+0x242/0x3c0
[  144.580540][ T8078]  p9_client_create+0xe43/0x11a0
[  144.581873][ T8078]  ? __pfx_p9_client_create+0x10/0x10
[  144.583238][ T8078]  ? __raw_spin_lock_init+0x3a/0x110
[  144.584573][ T8078]  v9fs_session_init+0x1f8/0x1a80
[  144.586026][ T8078]  ? __pfx_v9fs_session_init+0x10/0x10
[  144.587437][ T8078]  ? kasan_save_track+0x14/0x30
[  144.588678][ T8078]  v9fs_mount+0xc6/0xa50
[  144.589763][ T8078]  ? __pfx_v9fs_mount+0x10/0x10
[  144.591010][ T8078]  ? __pfx_v9fs_mount+0x10/0x10
[  144.592324][ T8078]  legacy_get_tree+0x109/0x220
[  144.593535][ T8078]  vfs_get_tree+0x8f/0x380
[  144.594657][ T8078]  path_mount+0x6e1/0x1f10
[  144.596178][ T8078]  ? kmem_cache_free+0x152/0x4b0
[  144.597883][ T8078]  ? __pfx_path_mount+0x10/0x10
[  144.599122][ T8078]  ? putname+0x12e/0x170
[  144.600199][ T8078]  __ia32_sys_mount+0x292/0x310
[  144.601414][ T8078]  ? __pfx___ia32_sys_mount+0x10/0x10
[  144.602733][ T8078]  __do_fast_syscall_32+0x73/0x120
[  144.604039][ T8078]  do_fast_syscall_32+0x32/0x80
[  144.605435][ T8078]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.607385][ T8078] RIP: 0023:0xf7f78579
[  144.608417][ T8078] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.613179][ T8078] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  144.615310][ T8078] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000000
[  144.617287][ T8078] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000020000280
[  144.619275][ T8078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.621291][ T8078] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  144.623254][ T8078] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.625283][ T8078]  </TASK>
[  144.628062][ T8078] __kmem_cache_create_args(9p-fcall-cache-7) failed with error -12
[  144.630222][ T8078] CPU: 2 UID: 0 PID: 8078 Comm: syz.3.617 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  144.631687][   T83] bond0 (unregistering): Released all slaves
[  144.633019][ T8078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.633028][ T8078] Call Trace:
[  144.638591][ T8078]  <TASK>
[  144.639349][ T8078]  dump_stack_lvl+0x16c/0x1f0
[  144.640565][ T8078]  __kmem_cache_create_args+0x130/0x3c0
[  144.642013][ T8078]  p9_client_create+0xe43/0x11a0
[  144.643363][ T8078]  ? __pfx_p9_client_create+0x10/0x10
[  144.644771][ T8078]  ? __raw_spin_lock_init+0x3a/0x110
[  144.646404][ T8078]  v9fs_session_init+0x1f8/0x1a80
[  144.647828][ T8078]  ? __pfx_v9fs_session_init+0x10/0x10
[  144.649364][ T8078]  ? kasan_save_track+0x14/0x30
[  144.650739][ T8078]  v9fs_mount+0xc6/0xa50
[  144.651924][ T8078]  ? __pfx_v9fs_mount+0x10/0x10
[  144.653336][ T8078]  ? __pfx_v9fs_mount+0x10/0x10
[  144.654733][ T8078]  legacy_get_tree+0x109/0x220
[  144.656091][ T8078]  vfs_get_tree+0x8f/0x380
[  144.657405][ T8078]  path_mount+0x6e1/0x1f10
[  144.658685][ T8078]  ? kmem_cache_free+0x152/0x4b0
[  144.660080][ T8078]  ? __pfx_path_mount+0x10/0x10
[  144.661427][ T8078]  ? putname+0x12e/0x170
[  144.662616][ T8078]  __ia32_sys_mount+0x292/0x310
[  144.664074][ T8078]  ? __pfx___ia32_sys_mount+0x10/0x10
[  144.665701][ T8078]  __do_fast_syscall_32+0x73/0x120
[  144.667247][ T8078]  do_fast_syscall_32+0x32/0x80
[  144.668720][ T8078]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.670626][ T8078] RIP: 0023:0xf7f78579
[  144.671854][ T8078] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.677612][ T8078] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  144.680089][ T8078] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000000
[  144.682445][ T8078] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000020000280
[  144.684783][ T8078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.687161][ T8078] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  144.689523][ T8078] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.691869][ T8078]  </TASK>
[  144.759166][ T8080] netlink: 8 bytes leftover after parsing attributes in process `syz.2.618'.
[  144.795656][ T8054] hsr_slave_0: entered promiscuous mode
[  144.800125][ T8054] hsr_slave_1: entered promiscuous mode
[  144.802666][ T8054] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  144.805260][ T8054] Cannot create hsr debugfs directory
[  144.902170][ T8095] FAULT_INJECTION: forcing a failure.
[  144.902170][ T8095] name failslab, interval 1, probability 0, space 0, times 0
[  144.907512][ T8095] CPU: 2 UID: 0 PID: 8095 Comm: syz.2.621 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  144.910397][ T8095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.913201][ T8095] Call Trace:
[  144.914307][ T8095]  <TASK>
[  144.915371][ T8095]  dump_stack_lvl+0x16c/0x1f0
[  144.916804][ T8095]  should_fail_ex+0x497/0x5b0
[  144.918092][ T8095]  ? fs_reclaim_acquire+0xae/0x150
[  144.919442][ T8095]  should_failslab+0xc2/0x120
[  144.920681][ T8095]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  144.922098][ T8095]  ? __kernfs_new_node+0xd3/0x890
[  144.923429][ T8095]  __kernfs_new_node+0xd3/0x890
[  144.925166][ T8095]  ? __pfx___kernfs_new_node+0x10/0x10
[  144.926970][ T8095]  ? __pfx_lock_release+0x10/0x10
[  144.928270][ T8095]  ? kernfs_add_one+0x39d/0x520
[  144.929567][ T8095]  ? up_write+0x1b2/0x520
[  144.930684][ T8095]  kernfs_new_node+0x186/0x240
[  144.931913][ T8095]  __kernfs_create_file+0x53/0x350
[  144.933239][ T8095]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  144.935044][ T8095]  internal_create_group+0x565/0xe50
[  144.936484][ T8095]  ? __pfx_internal_create_group+0x10/0x10
[  144.938273][ T8095]  sysfs_slab_add+0x1a3/0x1e0
[  144.940009][ T8095]  do_kmem_cache_create+0x606/0x700
[  144.941928][ T8095]  ? kstrdup+0x5c/0x80
[  144.943434][ T8095]  __kmem_cache_create_args+0x242/0x3c0
[  144.945377][ T8095]  p9_client_create+0xe43/0x11a0
[  144.946946][ T8095]  ? __pfx_p9_client_create+0x10/0x10
[  144.948653][ T8095]  ? __raw_spin_lock_init+0x3a/0x110
[  144.950420][ T8095]  v9fs_session_init+0x1f8/0x1a80
[  144.952207][ T8095]  ? __pfx_v9fs_session_init+0x10/0x10
[  144.954122][ T8095]  ? kasan_save_track+0x14/0x30
[  144.955756][ T8095]  v9fs_mount+0xc6/0xa50
[  144.957327][ T8095]  ? __pfx_v9fs_mount+0x10/0x10
[  144.959044][ T8095]  ? __pfx_v9fs_mount+0x10/0x10
[  144.960780][ T8095]  legacy_get_tree+0x109/0x220
[  144.962492][ T8095]  vfs_get_tree+0x8f/0x380
[  144.964074][ T8095]  path_mount+0x6e1/0x1f10
[  144.965675][ T8095]  ? kmem_cache_free+0x152/0x4b0
[  144.967444][ T8095]  ? __pfx_path_mount+0x10/0x10
[  144.969188][ T8095]  ? putname+0x12e/0x170
[  144.970715][ T8095]  __ia32_sys_mount+0x292/0x310
[  144.972453][ T8095]  ? __pfx___ia32_sys_mount+0x10/0x10
[  144.974215][ T8095]  __do_fast_syscall_32+0x73/0x120
[  144.975644][ T8095]  do_fast_syscall_32+0x32/0x80
[  144.977322][ T8095]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.978969][ T8095] RIP: 0023:0xf7f93579
[  144.980042][ T8095] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.984975][ T8095] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  144.987133][ T8095] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000000
[  144.989158][ T8095] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 00000000200005c0
[  144.991206][ T8095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.993254][ T8095] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  144.995302][ T8095] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.997407][ T8095]  </TASK>
[  144.999853][ T8095] __kmem_cache_create_args(9p-fcall-cache-8) failed with error -12
[  145.001996][ T8095] CPU: 2 UID: 0 PID: 8095 Comm: syz.2.621 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  145.004723][ T8095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  145.007514][ T8095] Call Trace:
[  145.008398][ T8095]  <TASK>
[  145.009155][ T8095]  dump_stack_lvl+0x16c/0x1f0
[  145.010368][ T8095]  __kmem_cache_create_args+0x130/0x3c0
[  145.011825][ T8095]  p9_client_create+0xe43/0x11a0
[  145.013133][ T8095]  ? __pfx_p9_client_create+0x10/0x10
[  145.014550][ T8095]  ? __raw_spin_lock_init+0x3a/0x110
[  145.015941][ T8095]  v9fs_session_init+0x1f8/0x1a80
[  145.017298][ T8095]  ? __pfx_v9fs_session_init+0x10/0x10
[  145.018742][ T8095]  ? kasan_save_track+0x14/0x30
[  145.020029][ T8095]  v9fs_mount+0xc6/0xa50
[  145.021145][ T8095]  ? __pfx_v9fs_mount+0x10/0x10
[  145.022424][ T8095]  ? __pfx_v9fs_mount+0x10/0x10
[  145.023670][ T8095]  legacy_get_tree+0x109/0x220
[  145.024930][ T8095]  vfs_get_tree+0x8f/0x380
[  145.026106][ T8095]  path_mount+0x6e1/0x1f10
[  145.027277][ T8095]  ? kmem_cache_free+0x152/0x4b0
[  145.028577][ T8095]  ? __pfx_path_mount+0x10/0x10
[  145.029855][ T8095]  ? putname+0x12e/0x170
[  145.030967][ T8095]  __ia32_sys_mount+0x292/0x310
[  145.032244][ T8095]  ? __pfx___ia32_sys_mount+0x10/0x10
[  145.033646][ T8095]  __do_fast_syscall_32+0x73/0x120
[  145.034989][ T8095]  do_fast_syscall_32+0x32/0x80
[  145.036273][ T8095]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  145.037948][ T8095] RIP: 0023:0xf7f93579
[  145.039023][ T8095] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  145.043924][ T8095] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  145.046091][ T8095] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000000
[  145.048147][ T8095] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 00000000200005c0
[  145.050187][ T8095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  145.052194][ T8095] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  145.054211][ T8095] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  145.056235][ T8095]  </TASK>
[  145.057413][   T83] hsr_slave_0: left promiscuous mode
[  145.059336][   T83] hsr_slave_1: left promiscuous mode
[  145.061992][   T83] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  145.063914][   T83] batman_adv: batadv0: Removing interface: batadv_slave_0
[  145.066091][   T83] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  145.068699][   T83] batman_adv: batadv0: Removing interface: batadv_slave_1
[  145.104266][   T83] veth1_macvtap: left promiscuous mode
[  145.105782][   T83] veth0_macvtap: left promiscuous mode
[  145.107263][   T83] veth1_vlan: left promiscuous mode
[  145.108655][   T83] veth0_vlan: left promiscuous mode
[  145.818962][   T83] team0 (unregistering): Port device team_slave_1 removed
[  145.837730][ T5359] Bluetooth: hci1: command tx timeout
[  145.911833][   T83] team0 (unregistering): Port device team_slave_0 removed
[  146.599301][ T8107] netlink: 12 bytes leftover after parsing attributes in process `syz.2.625'.
[  146.669362][ T5355] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  146.674095][ T5355] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  146.677264][ T5355] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  146.681779][ T5355] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  146.685788][ T5355] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  146.688377][ T5355] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  146.917620][ T8113] chnl_net:caif_netlink_parms(): no params data found
[  147.008965][ T8113] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.010880][ T8113] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.012880][ T8113] bridge_slave_0: entered allmulticast mode
[  147.015392][ T8113] bridge_slave_0: entered promiscuous mode
[  147.019061][ T8113] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.021192][ T8113] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.023132][ T8113] bridge_slave_1: entered allmulticast mode
[  147.029228][ T8113] bridge_slave_1: entered promiscuous mode
[  147.092767][ T8113] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  147.100153][ T8113] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  147.149602][ T8113] team0: Port device team_slave_0 added
[  147.159753][ T8113] team0: Port device team_slave_1 added
[  147.200538][ T8113] batman_adv: batadv0: Adding interface: batadv_slave_0
[  147.205688][ T8113] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.213386][ T8113] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  147.218825][ T8054] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  147.225448][ T8113] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.227250][ T8113] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.234259][ T8113] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.242406][ T8054] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  147.261952][ T8054] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  147.266543][ T8054] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  147.290713][ T8113] hsr_slave_0: entered promiscuous mode
[  147.297802][ T8113] hsr_slave_1: entered promiscuous mode
[  147.300322][ T8113] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  147.302622][ T8113] Cannot create hsr debugfs directory
[  147.427589][ T8054] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.450168][ T8054] 8021q: adding VLAN 0 to HW filter on device team0
[  147.458270][ T1097] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.460160][ T1097] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.486658][ T1097] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.488529][ T1097] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.586955][ T8148] netlink: 12 bytes leftover after parsing attributes in process `syz.2.628'.
[  147.612841][ T8148] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 20003 - 0
[  147.615166][ T8148] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 20003 - 0
[  147.617445][ T8148] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 20003 - 0
[  147.619922][ T8148] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 20003 - 0
[  147.622799][ T8148] bond0: (slave geneve2): Enslaving as an active interface with an up link
[  147.636071][ T8054] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.671051][ T8152] netlink: 8 bytes leftover after parsing attributes in process `syz.2.629'.
[  147.681486][ T8152] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 20003 - 0
[  147.683850][ T8152] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 20003 - 0
[  147.686230][ T8152] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 20003 - 0
[  147.689063][ T8152] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 20003 - 0
[  147.694626][ T8054] veth0_vlan: entered promiscuous mode
[  147.699637][ T8054] veth1_vlan: entered promiscuous mode
[  147.719534][ T8054] veth0_macvtap: entered promiscuous mode
[  147.724028][ T8054] veth1_macvtap: entered promiscuous mode
[  147.735547][ T8054] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.742854][ T8054] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.757804][ T8054] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.760523][ T8054] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.763443][ T8054] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.766324][ T8054] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.806299][ T8113] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  147.826528][ T8113] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  147.834755][ T8113] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  147.842963][ T8113] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  147.869582][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.875846][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.878897][ T8160] netlink: 'syz.2.631': attribute type 4 has an invalid length.
[  147.887925][ T5355] Bluetooth: hci1: command tx timeout
[  147.888951][ T8160] netlink: 'syz.2.631': attribute type 4 has an invalid length.
[  147.889335][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.889346][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.928560][ T8162] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  147.959547][ T8113] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.993721][ T8113] 8021q: adding VLAN 0 to HW filter on device team0
[  147.999064][ T1097] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.000946][ T1097] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.006714][ T1135] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.008771][ T1135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.022683][ T8113] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  148.028557][ T8113] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  148.105978][ T8113] 8021q: adding VLAN 0 to HW filter on device batadv0
[  148.128102][ T8113] veth0_vlan: entered promiscuous mode
[  148.134499][ T8113] veth1_vlan: entered promiscuous mode
[  148.151047][ T8113] veth0_macvtap: entered promiscuous mode
[  148.155771][ T8113] veth1_macvtap: entered promiscuous mode
[  148.163812][ T8113] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.166641][ T8113] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.170463][ T8113] batman_adv: batadv0: Interface activated: batadv_slave_0
[  148.175894][ T8113] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.178628][ T8113] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.182028][ T8113] batman_adv: batadv0: Interface activated: batadv_slave_1
[  148.186912][ T8113] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.189312][ T8113] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.191845][ T8113] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.194379][ T8113] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.218406][ T8176] netlink: 208040 bytes leftover after parsing attributes in process `syz.2.636'.
[  148.238800][ T1182] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  148.241403][ T1182] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  148.250609][ T5413] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  148.258179][ T1182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  148.259858][ T8181] netlink: 8 bytes leftover after parsing attributes in process `syz.2.637'.
[  148.261647][ T1182] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  148.407957][ T5413] usb 8-1: Using ep0 maxpacket: 8
[  148.414200][ T5413] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  148.417398][ T5413] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  148.420389][ T5413] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  148.423193][ T5413] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  148.426649][ T5413] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  148.429532][ T5413] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.576905][ T8198] sp0: Synchronizing with TNC
[  148.580897][ T8197] [U] è
[  148.627283][ T8200] syz.0.642 (8200): drop_caches: 2
[  148.638908][ T5413] usb 8-1: GET_CAPABILITIES returned 0
[  148.640986][ T5413] usbtmc 8-1:16.0: can't read capabilities
[  148.763073][ T5355] Bluetooth: hci4: command tx timeout
[  149.389685][ T8217] input: syz0 as /devices/virtual/input/input16
[  149.505477][ T8218] input: syz1 as /devices/virtual/input/input17
[  149.729637][ T1182] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.806242][ T5355] Bluetooth: hci4: command tx timeout
[  150.984153][ T5413] usb 8-1: USB disconnect, device number 8
[  151.335758][ T1182] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.427302][ T1182] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.486446][ T5359] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  151.490824][ T5359] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  151.491453][ T8242] netlink: 20 bytes leftover after parsing attributes in process `syz.3.650'.
[  151.494237][ T5359] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  151.501287][ T5359] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  151.511468][ T1182] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.511951][ T5359] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  151.517130][ T5359] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  151.538351][ T8244] syz.0.652 (8244): drop_caches: 2
[  151.676113][ T1182] bridge_slave_1: left allmulticast mode
[  151.679854][ T1182] bridge_slave_1: left promiscuous mode
[  151.682209][ T1182] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.695718][ T1182] bridge_slave_0: left allmulticast mode
[  151.700243][ T1182] bridge_slave_0: left promiscuous mode
[  151.703274][ T1182] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.060473][ T1182] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.077665][ T1182] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.089224][ T1182] bond0 (unregistering): Released all slaves
[  152.399061][ T8238] chnl_net:caif_netlink_parms(): no params data found
[  152.474102][ T1182] hsr_slave_0: left promiscuous mode
[  152.482573][ T1182] hsr_slave_1: left promiscuous mode
[  152.489759][ T1182] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.493744][ T1182] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.498612][ T1182] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.500600][ T1182] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.594505][ T1182] veth1_macvtap: left promiscuous mode
[  152.598036][ T1182] veth0_macvtap: left promiscuous mode
[  152.600652][ T1182] veth1_vlan: left promiscuous mode
[  152.602603][ T1182] veth0_vlan: left promiscuous mode
[  152.872454][ T5359] Bluetooth: hci4: command tx timeout
[  153.436977][  T982] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  153.577154][ T5359] Bluetooth: hci1: command tx timeout
[  153.591258][  T982] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  153.612109][  T982] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  153.616289][  T982] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  153.619816][  T982] usb 5-1: config 0 interface 0 has no altsetting 0
[  153.623038][  T982] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  153.626431][  T982] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  153.629502][  T982] usb 5-1: config 0 interface 0 has no altsetting 0
[  153.632591][  T982] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  153.637313][  T982] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  153.641181][  T982] usb 5-1: config 0 interface 0 has no altsetting 0
[  153.644628][  T982] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  153.647740][  T982] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  153.658896][  T982] usb 5-1: config 0 interface 0 has no altsetting 0
[  153.678729][  T982] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  153.681876][  T982] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  153.686171][  T982] usb 5-1: config 0 interface 0 has no altsetting 0
[  153.689633][  T982] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  153.692908][  T982] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  153.696960][  T982] usb 5-1: config 0 interface 0 has no altsetting 0
[  153.700435][  T982] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  153.703538][  T982] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  153.708793][  T982] usb 5-1: config 0 interface 0 has no altsetting 0
[  153.712041][ T1182] team0 (unregistering): Port device team_slave_1 removed
[  153.712335][  T982] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  153.717255][  T982] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  153.720951][  T982] usb 5-1: config 0 interface 0 has no altsetting 0
[  153.725585][  T982] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  153.728808][  T982] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  153.731459][  T982] usb 5-1: Product: syz
[  153.732575][  T982] usb 5-1: Manufacturer: syz
[  153.734184][  T982] usb 5-1: SerialNumber: syz
[  153.736918][  T982] usb 5-1: config 0 descriptor??
[  153.751525][  T982] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  153.875986][ T1182] team0 (unregistering): Port device team_slave_0 removed
[  154.072768][ T5412] usb 5-1: USB disconnect, device number 8
[  154.073713][    C3] usb 5-1: yurex_control_callback - control failed: -71
[  154.077688][ T8268] yurex 5-1:0.0: yurex_write - failed to send bulk msg, error -19
[  154.077715][ T5412] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  154.640513][ T8263] netlink: 4 bytes leftover after parsing attributes in process `syz.3.654'.
[  154.643626][ T8263] batman_adv: batadv0: Removing interface: batadv_slave_0
[  154.667702][ T8263] batman_adv: batadv0: Removing interface: batadv_slave_1
[  154.709980][ T8263] team0: Port device batadv0 removed
[  154.765386][ T8238] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.767965][ T8238] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.769998][ T8238] bridge_slave_0: entered allmulticast mode
[  154.772034][ T8238] bridge_slave_0: entered promiscuous mode
[  154.921836][ T5359] Bluetooth: hci4: command tx timeout
[  155.636415][ T5359] Bluetooth: hci1: command tx timeout
[  156.525157][ T8238] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.528527][ T8238] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.531033][ T8238] bridge_slave_1: entered allmulticast mode
[  156.533637][ T8238] bridge_slave_1: entered promiscuous mode
[  156.584328][ T8238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.600931][ T8238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.683382][ T8281] FAULT_INJECTION: forcing a failure.
[  156.683382][ T8281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.690171][ T8281] CPU: 1 UID: 0 PID: 8281 Comm: syz.0.658 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  156.692961][ T8281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.695773][ T8281] Call Trace:
[  156.696680][ T8281]  <TASK>
[  156.697556][ T8281]  dump_stack_lvl+0x16c/0x1f0
[  156.698802][ T8281]  should_fail_ex+0x497/0x5b0
[  156.700044][ T8281]  _copy_from_user+0x30/0xf0
[  156.701378][ T8281]  get_compat_msghdr+0xa8/0x170
[  156.702781][ T8281]  ? __pfx_get_compat_msghdr+0x10/0x10
[  156.704217][ T8281]  ? find_held_lock+0x2d/0x110
[  156.705488][ T8281]  ___sys_recvmsg+0x193/0x1a0
[  156.706727][ T8281]  ? __pfx____sys_recvmsg+0x10/0x10
[  156.708155][ T8281]  ? lock_acquire+0x2f/0xb0
[  156.709358][ T8281]  ? __fget_files+0x40/0x3f0
[  156.710583][ T8281]  ? __pfx___might_resched+0x10/0x10
[  156.712043][ T8281]  ? fdget+0x176/0x210
[  156.713139][ T8281]  do_recvmmsg+0x51a/0x750
[  156.714325][ T8281]  ? __pfx_do_recvmmsg+0x10/0x10
[  156.715658][ T8281]  ? __pfx_lock_release+0x10/0x10
[  156.717038][ T8281]  ? vfs_write+0x14d/0x1140
[  156.718645][ T8281]  ? __fget_files+0x244/0x3f0
[  156.720287][ T8281]  __sys_recvmmsg+0x21e/0x280
[  156.721903][ T8281]  ? __pfx___sys_recvmmsg+0x10/0x10
[  156.723243][ T8281]  ? __pfx_ksys_write+0x10/0x10
[  156.724515][ T8281]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  156.726241][ T8281]  ? lockdep_hardirqs_on+0x7c/0x110
[  156.727686][ T8281]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  156.728175][ T8238] team0: Port device team_slave_0 added
[  156.729389][ T8281]  __do_fast_syscall_32+0x73/0x120
[  156.729408][ T8281]  do_fast_syscall_32+0x32/0x80
[  156.731995][ T8238] team0: Port device team_slave_1 added
[  156.732588][ T8281]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  156.737098][ T8281] RIP: 0023:0xf7fd5579
[  156.738239][ T8281] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  156.743180][ T8281] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  156.745286][ T8281] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020001140
[  156.747355][ T8281] RDX: 0000000000000700 RSI: 0000000000000002 RDI: 0000000000000000
[  156.749500][ T8281] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  156.751538][ T8281] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  156.753971][ T8281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  156.756003][ T8281]  </TASK>
[  156.800805][ T8238] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.803938][ T8238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.811241][ T8238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.815470][ T8238] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.817521][ T8238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.824070][ T8238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.905078][ T8238] hsr_slave_0: entered promiscuous mode
[  156.907980][ T8238] hsr_slave_1: entered promiscuous mode
[  156.909931][ T8238] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  156.912097][ T8238] Cannot create hsr debugfs directory
[  157.134223][   T39] kauditd_printk_skb: 121 callbacks suppressed
[  157.134234][   T39] audit: type=1326 audit(1729681547.063:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.0.661" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd5579 code=0x0
[  157.506293][ T8315] syz.3.662 (8315): drop_caches: 2
[  157.636122][ T8238] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  157.639567][ T8238] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  157.646637][ T8238] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  157.660825][ T8238] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  157.698806][ T5359] Bluetooth: hci1: command tx timeout
[  157.734740][ T8238] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.749175][ T8238] 8021q: adding VLAN 0 to HW filter on device team0
[  157.771020][ T1182] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.773694][ T1182] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.779578][ T1182] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.781572][ T1182] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.872672][ T8238] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.890489][ T8334] netlink: 32 bytes leftover after parsing attributes in process `syz.0.663'.
[  157.895259][ T8238] veth0_vlan: entered promiscuous mode
[  157.902133][ T8238] veth1_vlan: entered promiscuous mode
[  157.918473][ T8238] veth0_macvtap: entered promiscuous mode
[  157.921409][ T8238] veth1_macvtap: entered promiscuous mode
[  157.928117][ T8238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.930936][ T8238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.934334][ T8238] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.939320][ T8238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.942196][ T8238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.945285][ T8238] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.951121][ T8238] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.953500][ T8238] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.957032][ T8238] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.959362][ T8238] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.000921][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.003315][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.011134][   T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.013263][   T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.206084][ T8351] netlink: 'syz.3.665': attribute type 1 has an invalid length.
[  158.229735][ T8352] block device autoloading is deprecated and will be removed.
[  158.916185][ T5355] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  158.936159][ T5355] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  158.939102][ T5355] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  158.941821][ T5355] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  158.944172][ T5355] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  158.946728][ T5355] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  159.097824][ T8357] chnl_net:caif_netlink_parms(): no params data found
[  159.227646][ T8357] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.232870][ T8357] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.236259][ T8357] bridge_slave_0: entered allmulticast mode
[  159.250504][ T8357] bridge_slave_0: entered promiscuous mode
[  159.261985][ T8357] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.264460][ T8357] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.276641][ T8357] bridge_slave_1: entered allmulticast mode
[  159.279140][ T8357] bridge_slave_1: entered promiscuous mode
[  159.328712][ T8357] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.333238][ T8357] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.391029][ T8357] team0: Port device team_slave_0 added
[  159.402362][ T8357] team0: Port device team_slave_1 added
[  159.455248][ T8357] batman_adv: batadv0: Adding interface: batadv_slave_0
[  159.457102][ T8357] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.466020][ T8357] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  159.470592][ T8357] batman_adv: batadv0: Adding interface: batadv_slave_1
[  159.472532][ T8357] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.481932][ T8357] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.527088][ T8357] hsr_slave_0: entered promiscuous mode
[  159.529202][ T8357] hsr_slave_1: entered promiscuous mode
[  159.532031][ T8357] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.534856][ T8357] Cannot create hsr debugfs directory
[  159.542061][ T8366] netlink: 28 bytes leftover after parsing attributes in process `syz.0.667'.
[  160.189093][ T8357] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  160.197412][ T8357] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  160.204238][ T8357] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  160.213132][ T8357] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  160.267863][ T8357] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.286048][ T8357] 8021q: adding VLAN 0 to HW filter on device team0
[  160.333829][ T1135] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.345732][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.347659][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  160.352981][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.354833][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.472894][ T8357] 8021q: adding VLAN 0 to HW filter on device batadv0
[  160.503084][ T8357] veth0_vlan: entered promiscuous mode
[  160.511172][ T8357] veth1_vlan: entered promiscuous mode
[  160.551031][ T8357] veth0_macvtap: entered promiscuous mode
[  160.554160][ T8357] veth1_macvtap: entered promiscuous mode
[  160.561085][ T8357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.564428][ T8357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.568597][ T8357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.572745][ T8357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.578099][ T8357] batman_adv: batadv0: Interface activated: batadv_slave_0
[  160.585170][ T8357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.590038][ T8357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.593405][ T8357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.598332][ T8357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.602860][ T8357] batman_adv: batadv0: Interface activated: batadv_slave_1
[  160.608607][ T8357] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.611451][ T8357] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.613967][ T8357] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.616895][ T8357] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.672012][ T1182] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.674157][ T1182] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.690746][ T1182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.693310][ T1182] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.954040][ T5355] Bluetooth: hci1: command tx timeout
[  162.127249][ T8383] FAULT_INJECTION: forcing a failure.
[  162.127249][ T8383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.131234][ T8383] CPU: 2 UID: 0 PID: 8383 Comm: syz.2.666 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  162.134656][ T8383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.138172][ T8383] Call Trace:
[  162.139211][ T8383]  <TASK>
[  162.140137][ T8383]  dump_stack_lvl+0x16c/0x1f0
[  162.141866][ T8383]  should_fail_ex+0x497/0x5b0
[  162.143593][ T8383]  _copy_from_user+0x30/0xf0
[  162.145290][ T8383]  get_compat_msghdr+0xa8/0x170
[  162.146558][ T8383]  ? __pfx_get_compat_msghdr+0x10/0x10
[  162.148067][ T8383]  ? __pfx___lock_acquire+0x10/0x10
[  162.149940][ T8383]  ___sys_sendmsg+0x1b0/0x1e0
[  162.151777][ T8383]  ? __pfx____sys_sendmsg+0x10/0x10
[  162.153717][ T8383]  ? lock_acquire+0x2f/0xb0
[  162.155283][ T8383]  ? __fget_files+0x40/0x3f0
[  162.157001][ T8383]  ? fdget+0x176/0x210
[  162.158215][ T8383]  __sys_sendmsg+0x117/0x1f0
[  162.159806][ T8383]  ? __pfx___sys_sendmsg+0x10/0x10
[  162.161658][ T8383]  ? __fget_files+0x244/0x3f0
[  162.163178][ T8383]  __do_fast_syscall_32+0x73/0x120
[  162.164872][ T8383]  do_fast_syscall_32+0x32/0x80
[  162.166177][ T8383]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  162.167807][ T8383] RIP: 0023:0xf743e579
[  162.168831][ T8383] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  162.173990][ T8383] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  162.176149][ T8383] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000140
[  162.178178][ T8383] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  162.180239][ T8383] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  162.183124][ T8383] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  162.185927][ T8383] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  162.188008][ T8383]  </TASK>
[  162.207825][ T5359] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  162.211648][ T5359] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  162.214054][ T5359] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  162.217997][ T5359] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  162.220062][ T5359] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  162.223670][ T5359] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  162.238788][ T1135] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.338232][ T1135] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.435666][ T1135] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.461900][ T8384] chnl_net:caif_netlink_parms(): no params data found
[  162.465211][ T8391] can0: slcan on ptm0.
[  162.753330][ T8384] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.755384][ T8384] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.772587][ T8384] bridge_slave_0: entered allmulticast mode
[  162.777172][ T8384] bridge_slave_0: entered promiscuous mode
[  162.780844][ T1135] bridge_slave_1: left allmulticast mode
[  162.782390][ T1135] bridge_slave_1: left promiscuous mode
[  162.784409][ T1135] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.791637][ T1135] bridge_slave_0: left allmulticast mode
[  162.797346][ T1135] bridge_slave_0: left promiscuous mode
[  162.798975][ T1135] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.021409][ T5359] Bluetooth: hci1: command tx timeout
[  163.309228][ T8380] delete_channel: no stack
[  163.316080][ T8380] delete_channel: no stack
[  163.406074][ T8408] input: syz1 as /devices/virtual/input/input18
[  163.950689][ T1135] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  163.973910][ T1135] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.014064][ T1135] bond0 (unregistering): Released all slaves
[  164.085289][ T8384] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.087249][ T8384] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.089185][ T8384] bridge_slave_1: entered allmulticast mode
[  164.091236][ T8384] bridge_slave_1: entered promiscuous mode
[  164.166204][ T8385] can0 (unregistered): slcan off ptm0.
[  164.216127][ T8412] 9pnet_fd: Insufficient options for proto=fd
[  164.317230][ T5359] Bluetooth: hci5: command tx timeout
[  164.443006][ T8384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.447921][ T8384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.473940][ T8384] team0: Port device team_slave_0 added
[  164.494686][ T8384] team0: Port device team_slave_1 added
[  164.497585][ T8418] netlink: 64 bytes leftover after parsing attributes in process `syz.3.677'.
[  164.505335][ T8418] delete_channel: no stack
[  164.578593][ T8384] batman_adv: batadv0: Adding interface: batadv_slave_0
[  164.581340][ T8384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.606175][ T8384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  164.624257][ T8384] batman_adv: batadv0: Adding interface: batadv_slave_1
[  164.631661][ T8384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.645615][ T8384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  164.661543][ T1135] hsr_slave_0: left promiscuous mode
[  164.668818][ T1135] hsr_slave_1: left promiscuous mode
[  164.675204][ T1135] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.678099][ T1135] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.682592][ T1135] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.685320][ T1135] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.770348][ T8429] input: syz0 as /devices/virtual/input/input19
[  164.832039][ T1076] sr 2:0:0:0: [sr0] tag#4 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  164.834691][ T1076] sr 2:0:0:0: [sr0] tag#4 Sense Key : Illegal Request [current] 
[  164.836755][ T1076] sr 2:0:0:0: [sr0] tag#4 Add. Sense: Invalid command operation code
[  164.838890][ T1076] sr 2:0:0:0: [sr0] tag#4 CDB: Write(10) 2a 00 00 00 00 0e 00 00 12 00
[  164.840028][ T1135] veth1_macvtap: left promiscuous mode
[  164.843522][ T1076] critical target error, dev sr0, sector 56 op 0x1:(WRITE) flags 0x8800 phys_seg 9 prio class 0
[  164.846138][ T1135] veth0_macvtap: left promiscuous mode
[  164.848436][ T1135] veth1_vlan: left promiscuous mode
[  164.850402][ T1135] veth0_vlan: left promiscuous mode
[  164.920912][ T8435] input: syz1 as /devices/virtual/input/input20
[  165.092565][ T5359] Bluetooth: hci1: command tx timeout
[  165.989721][ T1135] team0 (unregistering): Port device team_slave_1 removed
[  166.102224][ T1135] team0 (unregistering): Port device team_slave_0 removed
[  166.363713][ T5359] Bluetooth: hci5: command tx timeout
[  166.571052][ T8442] random: crng reseeded on system resumption
[  166.907746][ T8433] netlink: 12 bytes leftover after parsing attributes in process `syz.0.679'.
[  167.038041][ T8453] netlink: 56 bytes leftover after parsing attributes in process `syz.3.683'.
[  167.075836][ T8384] hsr_slave_0: entered promiscuous mode
[  167.086218][ T8384] hsr_slave_1: entered promiscuous mode
[  167.088855][ T8384] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  167.092901][ T8384] Cannot create hsr debugfs directory
[  167.169840][ T5359] Bluetooth: hci1: command tx timeout
[  167.304024][ T8470] netlink: 4 bytes leftover after parsing attributes in process `syz.3.689'.
[  167.314182][ T8471] netlink: 4 bytes leftover after parsing attributes in process `syz.3.689'.
[  167.725004][ T8384] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  167.732645][ T8384] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  167.782594][ T8384] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  167.785919][ T8384] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  167.821648][ T8384] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.833238][ T8384] 8021q: adding VLAN 0 to HW filter on device team0
[  167.839619][ T1182] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.841531][ T1182] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.846188][ T1182] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.848094][ T1182] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.965922][ T8384] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.008698][ T8384] veth0_vlan: entered promiscuous mode
[  168.015952][ T8384] veth1_vlan: entered promiscuous mode
[  168.034739][ T8384] veth0_macvtap: entered promiscuous mode
[  168.039372][ T8384] veth1_macvtap: entered promiscuous mode
[  168.050278][ T8384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.053535][ T8384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.057942][ T8384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.063204][ T8384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.068157][ T8384] batman_adv: batadv0: Interface activated: batadv_slave_0
[  168.074368][ T8384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.078059][ T8384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.081415][ T8384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.084068][ T8384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.089423][ T8384] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.095327][ T8384] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.098055][ T8384] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.100970][ T8384] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.103987][ T8384] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.161064][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.165183][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.182352][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.184572][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.603215][ T8519] syz.2.693 (8519): drop_caches: 2
[  169.261129][ T8522] input: syz0 as /devices/virtual/input/input21
[  169.368134][ T8523] input: syz1 as /devices/virtual/input/input22
[  170.356038][ T8534] netlink: 4 bytes leftover after parsing attributes in process `syz.2.695'.
[  170.438093][ T5359] Bluetooth: hci4: command 0x0c1a tx timeout
[  170.441940][ T8516] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[  170.443546][ T8516] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[  170.504205][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.280517][ T8516] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  171.282705][ T8516] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  172.269395][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.322567][   T39] audit: type=1326 audit(1729681562.336:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8550 comm="syz.3.699" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x0
[  172.388931][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.406081][ T8561] netlink: 8 bytes leftover after parsing attributes in process `syz.0.701'.
[  172.416163][ T8553] syz.2.698 (8553): drop_caches: 2
[  172.445492][ T5355] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  172.451193][ T8563] fuse: Invalid rootmode
[  172.453902][ T5355] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  172.457163][ T5355] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  172.462461][ T5355] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  172.465163][ T5355] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  172.468219][ T5355] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  172.485228][ T5359] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  172.487965][ T5359] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  172.490992][ T5359] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  172.495435][ T5359] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  172.498472][ T5359] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  172.501484][ T5359] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  172.513200][ T8561] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.515395][ T8561] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.662434][ T8561] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.678806][ T8561] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.754586][ T8561] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  172.757048][ T8561] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  172.760447][ T8561] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  172.762761][ T8561] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  172.800341][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.873740][ T8572] syz.0.702 (8572): drop_caches: 2
[  172.916309][   T11] bridge_slave_1: left allmulticast mode
[  172.922017][   T11] bridge_slave_1: left promiscuous mode
[  172.926762][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.935906][   T11] bridge_slave_0: left allmulticast mode
[  172.944405][   T11] bridge_slave_0: left promiscuous mode
[  172.946001][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.192436][ T8579] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  173.232421][ T8579] xt_TPROXY: Can be used only with -p tcp or -p udp
[  173.334876][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  173.356479][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  173.363248][   T11] bond0 (unregistering): Released all slaves
[  173.392756][ T8582] random: crng reseeded on system resumption
[  173.413097][ T8564] chnl_net:caif_netlink_parms(): no params data found
[  173.585629][ T8564] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.590952][ T8564] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.615252][ T8564] bridge_slave_0: entered allmulticast mode
[  173.620201][ T8564] bridge_slave_0: entered promiscuous mode
[  173.628521][ T8592] netlink: 'syz.0.705': attribute type 4 has an invalid length.
[  173.659433][ T8592] netlink: 'syz.0.705': attribute type 4 has an invalid length.
[  173.665243][ T8564] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.672873][ T8564] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.678895][ T8564] bridge_slave_1: entered allmulticast mode
[  173.686543][ T8564] bridge_slave_1: entered promiscuous mode
[  173.785763][   T11] hsr_slave_0: left promiscuous mode
[  173.789392][   T11] hsr_slave_1: left promiscuous mode
[  173.798624][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.808442][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  173.814391][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  173.826692][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  173.887597][   T11] veth1_macvtap: left promiscuous mode
[  173.889708][   T11] veth0_macvtap: left promiscuous mode
[  173.891706][   T11] veth1_vlan: left promiscuous mode
[  173.893653][   T11] veth0_vlan: left promiscuous mode
[  174.572274][ T5359] Bluetooth: hci5: command tx timeout
[  175.219086][   T39] audit: type=1326 audit(1729681565.235:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8601 comm="syz.0.707" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd5579 code=0x0
[  175.226775][   T11] team0 (unregistering): Port device team_slave_1 removed
[  175.342356][   T11] team0 (unregistering): Port device team_slave_0 removed
[  175.619870][ T8605] FAULT_INJECTION: forcing a failure.
[  175.619870][ T8605] name failslab, interval 1, probability 0, space 0, times 0
[  175.627975][ T8605] CPU: 1 UID: 0 PID: 8605 Comm: syz.3.708 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  175.631683][ T8605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  175.635305][ T8605] Call Trace:
[  175.636467][ T8605]  <TASK>
[  175.637545][ T8605]  dump_stack_lvl+0x16c/0x1f0
[  175.639303][ T8605]  should_fail_ex+0x497/0x5b0
[  175.641007][ T8605]  ? fs_reclaim_acquire+0xae/0x150
[  175.642602][ T8605]  should_failslab+0xc2/0x120
[  175.644263][ T8605]  __kmalloc_cache_noprof+0x6b/0x310
[  175.646136][ T8605]  ? snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xd4/0x480
[  175.648782][ T8605]  ? kasan_save_track+0x14/0x30
[  175.650477][ T8605]  snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xd4/0x480
[  175.653062][ T8605]  snd_mixer_oss_get_recsrc1_sw+0x105/0x1d0
[  175.655140][ T8605]  ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10
[  175.657320][ T8605]  snd_mixer_oss_ioctl1+0x15b8/0x1a90
[  175.659049][ T8605]  ? tomoyo_path_number_perm+0x292/0x5b0
[  175.661032][ T8605]  ? __pfx_lock_release+0x10/0x10
[  175.662816][ T8605]  ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10
[  175.665062][ T8605]  ? __pfx_snd_mixer_oss_ioctl1+0x10/0x10
[  175.667143][ T8605]  ? tomoyo_path_number_perm+0x467/0x5b0
[  175.669144][ T8605]  ? tomoyo_path_number_perm+0x190/0x5b0
[  175.671066][ T8605]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  175.673144][ T8605]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  175.675136][ T8605]  ? do_vfs_ioctl+0x513/0x1950
[  175.676869][ T8605]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  175.678508][ T8605]  snd_mixer_oss_ioctl_card+0xcb/0x130
[  175.679989][ T8605]  ? __pfx_snd_mixer_oss_ioctl_card+0x10/0x10
[  175.681607][ T8605]  snd_pcm_oss_ioctl+0x136d/0x3780
[  175.683000][ T8605]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  175.684918][ T8605]  ? __fget_files+0x244/0x3f0
[  175.686487][ T8605]  ? __pfx_snd_pcm_oss_ioctl_compat+0x10/0x10
[  175.688658][ T8605]  __do_compat_sys_ioctl+0x259/0x2b0
[  175.690541][ T8605]  __do_fast_syscall_32+0x73/0x120
[  175.691887][ T8605]  do_fast_syscall_32+0x32/0x80
[  175.693267][ T8605]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  175.694940][ T8605] RIP: 0023:0xf7f78579
[  175.695993][ T8605] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  175.700920][ T8605] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  175.703107][ T8605] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080044dff
[  175.705663][ T8605] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000
[  175.708415][ T8605] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  175.711089][ T8605] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  175.713636][ T8605] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  175.716386][ T8605]  </TASK>
[  176.279074][ T8564] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  176.282607][ T8564] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  176.346058][ T8564] team0: Port device team_slave_0 added
[  176.350505][ T8564] team0: Port device team_slave_1 added
[  176.428639][ T8564] batman_adv: batadv0: Adding interface: batadv_slave_0
[  176.431031][ T8564] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.438748][ T8564] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  176.444305][ T8564] batman_adv: batadv0: Adding interface: batadv_slave_1
[  176.446353][ T8564] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.456878][ T8564] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  176.527562][ T8564] hsr_slave_0: entered promiscuous mode
[  176.531512][ T8564] hsr_slave_1: entered promiscuous mode
[  176.536402][ T8564] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  176.539206][ T8564] Cannot create hsr debugfs directory
[  176.636350][ T5413] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  176.647522][ T5359] Bluetooth: hci5: command tx timeout
[  176.787149][ T5413] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  176.789904][ T5413] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  176.793534][ T5413] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  176.799667][ T5413] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  176.802508][ T5413] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  176.819702][ T5413] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  176.822238][ T5413] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  176.830211][ T5413] usb 5-1: Product: syz
[  176.831807][ T5413] usb 5-1: Manufacturer: syz
[  176.847107][ T5413] cdc_wdm 5-1:1.0: skipping garbage
[  176.849868][ T5413] cdc_wdm 5-1:1.0: skipping garbage
[  176.856344][ T5413] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  176.858889][ T5413] cdc_wdm 5-1:1.0: Unknown control protocol
[  177.058322][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.060174][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.062644][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.064355][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.066134][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.067832][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.069539][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.071237][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.072897][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.074598][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.076401][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.078118][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.079872][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.081584][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.083312][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.085024][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.086764][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.088454][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.090199][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  177.091918][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  177.094670][ T5413] usb 5-1: USB disconnect, device number 9
[  177.096219][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  177.206844][ T8564] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  177.217389][ T8564] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  177.225672][ T8564] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  177.233172][ T8564] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  177.428491][ T8564] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.447799][ T8564] 8021q: adding VLAN 0 to HW filter on device team0
[  177.469091][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.471544][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.505750][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.508121][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.796709][ T8564] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.876935][ T8564] veth0_vlan: entered promiscuous mode
[  177.946815][ T8564] veth1_vlan: entered promiscuous mode
[  177.977809][ T8564] veth0_macvtap: entered promiscuous mode
[  177.984177][ T8564] veth1_macvtap: entered promiscuous mode
[  177.992408][ T8564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.996930][ T8564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.003109][ T8564] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.007334][ T8564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.010911][ T8564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.016047][ T8564] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.023524][ T8564] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.026548][ T8564] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.029615][ T8564] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.034321][ T8564] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.062839][ T8663] AppArmor: change_hat: Invalid input, NULL hat and NULL magic
[  178.081918][ T8663] netlink: 'syz.0.714': attribute type 10 has an invalid length.
[  178.090136][ T8663] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.095278][ T8663] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  178.128085][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.130427][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.143881][ T8663] netlink: 'syz.0.714': attribute type 10 has an invalid length.
[  178.165442][ T8663] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.167841][ T8663] team0: Port device bond0 added
[  178.179530][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.182169][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.358347][ T8686] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  178.360727][ T8690] netlink: 24 bytes leftover after parsing attributes in process `syz.3.720'.
[  178.389321][ T8690] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  178.406782][ T8690] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  179.259048][ T8705] x_tables: (null)_tables: cgroup match: used from hooks PREROUTING, but only valid from INPUT/OUTPUT/POSTROUTING
[  179.268174][ T8702] syz.2.722 (8702): drop_caches: 2
[  179.901761][ T1135] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.986494][ T5355] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  181.989464][ T5355] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  181.991900][ T5355] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  181.996098][ T5355] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  181.999652][ T5355] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  182.002094][ T5355] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  182.154176][ T1135] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.166992][ T8736] chnl_net:caif_netlink_parms(): no params data found
[  182.276291][ T1135] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.290781][ T8736] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.292703][ T8736] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.297459][ T8736] bridge_slave_0: entered allmulticast mode
[  182.299463][ T8736] bridge_slave_0: entered promiscuous mode
[  182.302042][ T8736] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.304198][ T8736] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.306325][ T8736] bridge_slave_1: entered allmulticast mode
[  182.308325][ T8736] bridge_slave_1: entered promiscuous mode
[  182.335275][ T8736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  182.338865][ T8736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  182.368216][ T8736] team0: Port device team_slave_0 added
[  182.386821][ T1135] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.392633][ T8736] team0: Port device team_slave_1 added
[  182.422543][ T8736] batman_adv: batadv0: Adding interface: batadv_slave_0
[  182.425465][ T8736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.432121][ T8736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  182.437917][ T8736] batman_adv: batadv0: Adding interface: batadv_slave_1
[  182.439993][ T8736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.447796][ T8736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  182.508946][ T8736] hsr_slave_0: entered promiscuous mode
[  182.512039][ T8736] hsr_slave_1: entered promiscuous mode
[  182.514658][ T8736] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  182.517028][ T8736] Cannot create hsr debugfs directory
[  182.527307][ T8750] ------------[ cut here ]------------
[  182.528814][ T8750] WARNING: CPU: 1 PID: 8750 at mm/util.c:670 __kvmalloc_node_noprof+0x180/0x1a0
[  182.531151][ T8750] Modules linked in:
SYZFAIL: failed to recv rpc
[  182.532291][ T8750] CPU: 1 UID: 0 PID: 8750 Comm: syz.2.733 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  182.536802][ T8750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.539648][ T8750] RIP: 0010:__kvmalloc_node_noprof+0x180/0x1a0
[  182.541292][ T8750] Code: e9 1c ff ff ff e8 a0 a7 bf ff 41 81 e4 00 20 00 00 31 ff 44 89 e6 e8 cf a9 bf ff 45 85 e4 0f 85 3b ff ff ff e8 81 a7 bf ff 90 <0f> 0b 90 31 ed e9 ed fe ff ff 48 c7 c7 68 e5 1c 90 e8 5a fc 20 00
[  182.546740][ T8750] RSP: 0018:ffffc900031cfa18 EFLAGS: 00010283
[  182.548346][ T8750] RAX: 00000000000018ad RBX: 00000000f7932000 RCX: ffffc9002cb3a000
[  182.550439][ T8750] RDX: 0000000000040000 RSI: ffffffff81cd10cf RDI: 0000000000000005
[  182.552493][ T8750] RBP: 0000000000000400 R08: 0000000000000005 R09: 0000000000000000
[  182.554712][ T8750] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  182.556893][ T8750] R13: 00000000ffffffff R14: 0000000000000002 R15: dffffc0000000000
[  182.558935][ T8750] FS:  0000000000000000(0000) GS:ffff88802b500000(0063) knlGS:00000000f5726b40
[  182.561292][ T8750] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  182.563177][ T8750] CR2: 000000002e41fffc CR3: 00000000664d2000 CR4: 0000000000352ef0
[  182.565276][ T8750] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  182.567377][ T8750] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  182.569616][ T8750] Call Trace:
[  182.570526][ T8750]  <TASK>
[  182.571386][ T8750]  ? __warn+0xea/0x3d0
[  182.572593][ T8750]  ? __kvmalloc_node_noprof+0x180/0x1a0
[  182.574073][ T8750]  ? report_bug+0x3c0/0x580
[  182.575242][ T8750]  ? handle_bug+0x54/0xa0
[  182.576404][ T8750]  ? exc_invalid_op+0x17/0x50
[  182.577906][ T8750]  ? asm_exc_invalid_op+0x1a/0x20
[  182.579236][ T8750]  ? __kvmalloc_node_noprof+0x17f/0x1a0
[  182.580682][ T8750]  ? __kvmalloc_node_noprof+0x180/0x1a0
[  182.582245][ T8750]  ? __kvmalloc_node_noprof+0x17f/0x1a0
[  182.583846][ T8750]  __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  182.585456][ T8750]  vivid_update_format_cap+0x127b/0x2530
[  182.586944][ T8750]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  182.588526][ T8750]  ? v4l2_match_dv_timings+0x1df/0x1010
[  182.590000][ T8750]  vivid_vid_cap_s_dv_timings+0xc0f/0xfb0
[  182.591501][ T8750]  vidioc_s_dv_timings+0xa5/0xc0
[  182.592893][ T8750]  ? v4l_stub_s_dv_timings+0x1b/0x60
[  182.594291][ T8750]  __video_do_ioctl+0xaf0/0xf00
[  182.595589][ T8750]  ? __pfx___video_do_ioctl+0x10/0x10
[  182.597064][ T8750]  video_usercopy+0x426/0x1500
[  182.598324][ T8750]  ? __pfx___video_do_ioctl+0x10/0x10
[  182.599743][ T8750]  ? __pfx_video_usercopy+0x10/0x10
[  182.601145][ T8750]  v4l2_ioctl+0x1ba/0x250
[  182.602301][ T8750]  v4l2_compat_ioctl32+0x214/0x2c0
[  182.603961][ T8750]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  182.605483][ T8750]  __do_compat_sys_ioctl+0x259/0x2b0
[  182.606848][ T8750]  __do_fast_syscall_32+0x73/0x120
[  182.608153][ T8750]  do_fast_syscall_32+0x32/0x80
[  182.609463][ T8750]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.611078][ T8750] RIP: 0023:0xf743e579
[  182.612167][ T8750] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  182.617329][ T8750] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  182.619505][ T8750] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657
[  182.621602][ T8750] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  182.623689][ T8750] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  182.625754][ T8750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  182.627801][ T8750] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  182.629884][ T8750]  </TASK>
[  182.630709][ T8750] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  182.632625][ T8750] CPU: 1 UID: 0 PID: 8750 Comm: syz.2.733 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  182.635325][ T8750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.638124][ T8750] Call Trace:
[  182.639016][ T8750]  <TASK>
[  182.639798][ T8750]  dump_stack_lvl+0x3d/0x1f0
[  182.641032][ T8750]  panic+0x71d/0x800
[  182.642074][ T8750]  ? __pfx_panic+0x10/0x10
[  182.643250][ T8750]  ? show_trace_log_lvl+0x29d/0x3d0
[  182.644512][ T8750]  ? __kvmalloc_node_noprof+0x180/0x1a0
[  182.645933][ T8750]  check_panic_on_warn+0xab/0xb0
[  182.647244][ T8750]  __warn+0xf6/0x3d0
[  182.648297][ T8750]  ? __kvmalloc_node_noprof+0x180/0x1a0
[  182.649772][ T8750]  report_bug+0x3c0/0x580
[  182.650904][ T8750]  handle_bug+0x54/0xa0
[  182.651971][ T8750]  exc_invalid_op+0x17/0x50
[  182.653136][ T8750]  asm_exc_invalid_op+0x1a/0x20
[  182.654430][ T8750] RIP: 0010:__kvmalloc_node_noprof+0x180/0x1a0
[  182.656062][ T8750] Code: e9 1c ff ff ff e8 a0 a7 bf ff 41 81 e4 00 20 00 00 31 ff 44 89 e6 e8 cf a9 bf ff 45 85 e4 0f 85 3b ff ff ff e8 81 a7 bf ff 90 <0f> 0b 90 31 ed e9 ed fe ff ff 48 c7 c7 68 e5 1c 90 e8 5a fc 20 00
[  182.661172][ T8750] RSP: 0018:ffffc900031cfa18 EFLAGS: 00010283
[  182.662681][ T8750] RAX: 00000000000018ad RBX: 00000000f7932000 RCX: ffffc9002cb3a000
[  182.664746][ T8750] RDX: 0000000000040000 RSI: ffffffff81cd10cf RDI: 0000000000000005
[  182.666807][ T8750] RBP: 0000000000000400 R08: 0000000000000005 R09: 0000000000000000
[  182.668882][ T8750] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  182.670941][ T8750] R13: 00000000ffffffff R14: 0000000000000002 R15: dffffc0000000000
[  182.673002][ T8750]  ? __kvmalloc_node_noprof+0x17f/0x1a0
[  182.674308][ T8750]  ? __kvmalloc_node_noprof+0x17f/0x1a0
[  182.675764][ T8750]  __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  182.677369][ T8750]  vivid_update_format_cap+0x127b/0x2530
[  182.678836][ T8750]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  182.680390][ T8750]  ? v4l2_match_dv_timings+0x1df/0x1010
[  182.681854][ T8750]  vivid_vid_cap_s_dv_timings+0xc0f/0xfb0
[  182.683347][ T8750]  vidioc_s_dv_timings+0xa5/0xc0
[  182.684642][ T8750]  ? v4l_stub_s_dv_timings+0x1b/0x60
[  182.686041][ T8750]  __video_do_ioctl+0xaf0/0xf00
[  182.687319][ T8750]  ? __pfx___video_do_ioctl+0x10/0x10
[  182.688655][ T8750]  video_usercopy+0x426/0x1500
[  182.689932][ T8750]  ? __pfx___video_do_ioctl+0x10/0x10
[  182.691339][ T8750]  ? __pfx_video_usercopy+0x10/0x10
[  182.692712][ T8750]  v4l2_ioctl+0x1ba/0x250
[  182.693886][ T8750]  v4l2_compat_ioctl32+0x214/0x2c0
[  182.695241][ T8750]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  182.696746][ T8750]  __do_compat_sys_ioctl+0x259/0x2b0
[  182.698150][ T8750]  __do_fast_syscall_32+0x73/0x120
[  182.699504][ T8750]  do_fast_syscall_32+0x32/0x80
[  182.700804][ T8750]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.702452][ T8750] RIP: 0023:0xf743e579
[  182.703526][ T8750] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  182.708548][ T8750] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  182.710761][ T8750] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657
[  182.712850][ T8750] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  182.714915][ T8750] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  182.716999][ T8750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  182.719070][ T8750] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  182.721163][ T8750]  </TASK>
[  182.722634][ T8750] Kernel Offset: disabled
[  182.723802][ T8750] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:06:11  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff81630de0 RBX=dffffc0000000000 RCX=1ffff110036eb495 RDX=0000000000000000
RSI=ffffffff8b4ccc60 RDI=ffff88802b43ee80 RBP=ffffc900003d7df0 RSP=ffffc900003d7c50
R8 =0000000000000000 R9 =fffffbfff2039cc1 R10=ffffffff901ce60f R11=0000000000000000
R12=ffff88801d2c2440 R13=ffffffff8d80b5b0 R14=ffff88802b43f988 R15=ffff88802b43ee80
RIP=ffffffff81630de0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000056ef94c0 CR3=0000000022918000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8503f3f5 RDI=ffffffff9a6402a0 RBP=ffffffff9a640260 RSP=ffffc900031cf378
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000063 R14=ffffffff8503f390 R15=0000000000000000
RIP=ffffffff8503f41f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002e41fffc CR3=00000000664d2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000080080783 RBX=0000000000000000 RCX=ffff88801f4f0fb0 RDX=000000000000009d
RSI=ffffffff86433e26 RDI=ffff88801f4f1188 RBP=0000000000000001 RSP=ffffc90000540b88
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000001 R13=0000000000002328 R14=ffff88801f4f0fb0 R15=0000000000000001
RIP=ffffffff86433e6d RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc5399cdd00 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f66e40 CR3=000000002a632000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=4a9bd29b21218592 b9c0d554a330fb0b 4a9bd29b21218592 b9c0d554a330fb0b 4a9bd29b21218592 b9c0d554a330fb0b 4a9bd29b21218592 b9c0d554a330fb0b
ZMM18=4fa0a35000299945 db14813e1b494aff 4fa0a35000299945 db14813e1b494aff 4fa0a35000299945 db14813e1b494aff 4fa0a35000299945 db14813e1b494aff
ZMM19=a109000000000000 0000000000000005 a109000000000000 0000000000000004 a109000000000000 0000000000000003 a109000000000000 0000000000000002
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=b9c0d554b9c0d554 b9c0d554b9c0d554 b9c0d554b9c0d554 b9c0d554b9c0d554 b9c0d554b9c0d554 b9c0d554b9c0d554 b9c0d554b9c0d554 b9c0d554b9c0d554
ZMM22=2121859221218592 2121859221218592 2121859221218592 2121859221218592 2121859221218592 2121859221218592 2121859221218592 2121859221218592
ZMM23=4a9bd29b4a9bd29b 4a9bd29b4a9bd29b 4a9bd29b4a9bd29b 4a9bd29b4a9bd29b 4a9bd29b4a9bd29b 4a9bd29b4a9bd29b 4a9bd29b4a9bd29b 4a9bd29b4a9bd29b
ZMM24=1b494aff1b494aff 1b494aff1b494aff 1b494aff1b494aff 1b494aff1b494aff 1b494aff1b494aff 1b494aff1b494aff 1b494aff1b494aff 1b494aff1b494aff
ZMM25=db14813edb14813e db14813edb14813e db14813edb14813e db14813edb14813e db14813edb14813e db14813edb14813e db14813edb14813e db14813edb14813e
ZMM26=0029994500299945 0029994500299945 0029994500299945 0029994500299945 0029994500299945 0029994500299945 0029994500299945 0029994500299945
ZMM27=4fa0a3504fa0a350 4fa0a3504fa0a350 4fa0a3504fa0a350 4fa0a3504fa0a350 4fa0a3504fa0a350 4fa0a3504fa0a350 4fa0a3504fa0a350 4fa0a3504fa0a350
ZMM28=000000e0000000df 000000de000000dd 000000dc000000db 000000da000000d9 000000d8000000d7 000000d6000000d5 000000d4000000d3 000000d2000000d1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=a0090000a0090000 a0090000a0090000 a0090000a0090000 a0090000a0090000 a0090000a0090000 a0090000a0090000 a0090000a0090000 a0090000a0090000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff888023fa2440 RCX=ffffffff81530f88 RDX=ffff888023fa2440
RSI=ffffffff8153101d RDI=ffff888023fa2440 RBP=ffffffff8de0e5c0 RSP=ffffc9000322fdc0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000011 R11=0000000000000000
R12=ffff88802248c780 R13=ffffffff8de0e628 R14=ffff88802248c790 R15=0000000000000004
RIP=ffffffff815e2640 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f66e40 CR3=0000000020d40000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73fbff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000