last executing test programs:

5.17624397s ago: executing program 1 (id=2691):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
rmdir(&(0x7f00000001c0)='./file1\x00')
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r2 = socket$packet(0x11, 0x2, 0x300)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$packet_int(r2, 0x107, 0xa, 0x0, 0x0)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}, @printk={@lu}]}, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x0, 0x200}, &(0x7f0000000100), &(0x7f00000002c0))
r3 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xffffffff, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r6, 0x0)
accept4$x25(r6, 0x0, 0x0, 0x0)
mknodat$loop(r0, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

4.846683432s ago: executing program 0 (id=2694):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x200480)
io_setup(0x9, &(0x7f0000000000))
r0 = socket$qrtr(0x2a, 0x2, 0x0)
accept4(r0, &(0x7f0000000240)=@nfc, &(0x7f00000000c0)=0x80, 0x80000)

4.682533353s ago: executing program 0 (id=2695):
r0 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0bc5310, &(0x7f0000001240))
mkdirat(r0, &(0x7f0000000100)='./control\x00', 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000010c0), 0x28040, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000094ffffffffed0000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f0000001140)='qgroup_num_dirty_extents\x00', r1}, 0x10)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0xc048aeca, &(0x7f0000000580)=ANY=[@ANYRES16=r2])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000200)='\x00', &(0x7f00000003c0)="b7562651d8c2f531ea47e3840e7c454912cadfeaeb662a4d2f73cf911a7259a8e8fd4563d2ad2aeaf0d41c3c26d21d0d1d95d862ada8f5b07729fe7b2d", 0x3d)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
write$UHID_INPUT(r8, &(0x7f0000000000)={0xf, {"a2e3ad21ed0d09f91b3d090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f31006c090890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000001080)={0x1, 0x0, 0x20, 0x20, 0x0, 0x0})
keyctl$revoke(0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001040), 0xffffffffffffffff)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f00000011c0)='/proc/keys\x00', 0x0, 0x0)
fcntl$setsig(r0, 0xa, 0x38)
r10 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000001180)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r10, r9, &(0x7f00000000c0)=0x58, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000c86c73b33970fc0d2a1d4c6726b29961f542f32c9c9a4af967d2e84b8e60c8c201be26b12467a2df24e4ba5916ea4b4c9fd420570a520a399213d932e49404ef5c75f0cef0e946a2266f23797f9aa6d2d8a8b990178a0817c7b333c78462c6e39b0d3a9c338079b786f6ecd8964afdc734e24e33f35a580e833e2f71b6e5b59b6dc14688c0932c58dc99da0ff406fc0754369451fca5215fa5c307633ed18a8732d3a31d18a0143f7259cf2bef38f6c4756cce31ee02ab0d292d93"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r11, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r11, &(0x7f0000000080), 0x4)
unlinkat(r0, &(0x7f0000000140)='./control\x00', 0x0)

4.314321408s ago: executing program 1 (id=2696):
modify_ldt$write(0x1, &(0x7f0000000040), 0x10)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x1c1242, 0x0)
ftruncate(r0, 0x2007ffb)
r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000340), 0x103902, 0x0)
sendfile(r1, r0, 0x0, 0x7ffff000)
r2 = syz_open_dev$radio(&(0x7f00000000c0), 0x3, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r3 = gettid()
ptrace$setopts(0x4206, r3, 0x0, 0x300000)
ioctl$VIDIOC_G_SELECTION(r2, 0xc040565e, &(0x7f0000000100)={0x5, 0x2, 0x253eb78447773d47, {0x101, 0x0, 0x0, 0x9550}})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
r4 = syz_open_dev$vcsn(&(0x7f0000000000), 0xfbfffdf9, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000080)={0x2, r4})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000280)=@ipmr_delroute={0x24, 0x18, 0x1, 0x0, 0x0, {0x80, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, 0x5}, [@RTA_DST={0x8, 0x3, @private}]}, 0x24}}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='kvm_unmap_hva_range\x00', r7}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.152758043s ago: executing program 0 (id=2698):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
socket(0x10, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x78, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x1a}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_EXPR={0x40, 0x11, 0x0, 0x1, @synproxy={{0xd}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x8f}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x8}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x1}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x5}]}}}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x2}, @NFTA_SET_FLAGS={0x8}]}, @NFT_MSG_NEWSETELEM={0x24, 0xc, 0xa, 0x0, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe4}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x1f, 0x44, 0x9, 0x40, 0x694, 0x1, 0x1608, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xd, 0x70, 0xda}}]}}]}}, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0)
ioprio_set$pid(0x0, 0x0, 0xd01ad6bed71edf1)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d000500a0e69ee517d34460bc06000000a705251e6182949a3699ac0a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

3.216242826s ago: executing program 1 (id=2699):
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000080)={0x2a, 0xffffffff, 0xfffffffe}, 0xc)
write$binfmt_misc(r1, 0x0, 0x4d)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000040)={'team0\x00', 0x44})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x3}, {0x0, 0x0, 0xfe}]})
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_tables_matches\x00')
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000000)={0x9a, 0x80000009, 0x2, 0x1, 0x85})
socket$l2tp6(0xa, 0x2, 0x73)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @none}, 0xe)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x7, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0x1}, 0xe)
r3 = socket(0x10, 0x3, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000380)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f0000000180)={r5})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f00000004c0)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000080)={r6, 0x3, r4, 0x5})
ioperm(0xfffffffffffffffd, 0xfffc, 0x0)
futex(0x0, 0x1, 0x0, &(0x7f00000000c0), 0x0, 0x0)
connect$unix(r3, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24)
r7 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000000200)={0x2, {0x2, 0x8, 0x43, 0xa, 0x8, 0x4}})
socket$nl_xfrm(0x10, 0x3, 0x6)

3.215927996s ago: executing program 2 (id=2700):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x200, 0x2)
r1 = dup(r0)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000080)={0x23, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 2)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
semget$private(0x0, 0x0, 0x0)

3.006118066s ago: executing program 2 (id=2702):
r0 = openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00001b5000/0x2000)=nil, 0x2000}, 0x3})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, 0x0, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(0xffffffffffffffff, 0x4014563c, &(0x7f0000000100)={0x2})
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))
poll(&(0x7f0000000000)=[{r1}], 0x1, 0xe2)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newpolicy={0xf8, 0x13, 0x15, 0x0, 0x0, {{@in6=@private1, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@tmpl={0x44, 0x10, [{{@in=@remote}, 0x0, @in=@multicast1}]}]}, 0xf8}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x18)
r4 = dup3(0xffffffffffffffff, r1, 0x0)
mlockall(0x3)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000440)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f827d3cbeafbdc4008b8b56f3ec3543f1b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c639ec5cd6bf6a906b7ca9f9d828c209b54f0cea21ec557e0b5f66fdcd6fcb72ee925f650f322fc72333cf3f3a77ba77edd1086eec01b2cb760d134227"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r5}, 0x10)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYRES8=r0, @ANYRES16=r4, @ANYRES8=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$CDROM_CLEAR_OPTIONS(r0, 0x5321, 0x12)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00\a'], 0xd)
socket$l2tp6(0xa, 0x2, 0x73)

2.855459208s ago: executing program 0 (id=2703):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x200480)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
accept4(r0, &(0x7f0000000240)=@nfc, &(0x7f00000000c0)=0x80, 0x80000)

2.855150782s ago: executing program 0 (id=2704):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r3, 0x0, 0x0)
dup(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x42, 0x40, 0x42}, 0x48)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
close(r5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.07565499s ago: executing program 1 (id=2706):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r3, 0x0, 0x0)
dup(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x42, 0x40, 0x42}, 0x48)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
close(r5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.79145735s ago: executing program 2 (id=2707):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="043e0112"], 0x9)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002}, [@IFLA_IFNAME={0x14, 0x3, 'bridge0\x00'}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x0)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'bridge0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x4, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0xa, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0x0, 0xffffffffffffffc7}, 0x90)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7902})
socket(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
pipe(&(0x7f0000000440))
fanotify_init(0x4, 0x48000)
keyctl$set_reqkey_keyring(0xe, 0x1)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0], &(0x7f0000000200), 0x1})
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "546792"}}}, 0xd)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x14, r7, 0x309, 0x0, 0x0, {0x1d}}, 0x14}}, 0x0)
r8 = syz_open_dev$sg(&(0x7f0000001b40), 0x0, 0x0)
rseq(&(0x7f00000001c0), 0x20, 0x0, 0x0)
futex(&(0x7f0000000200)=0x1, 0x0, 0x1, &(0x7f0000000300)={0x0, 0x989680}, 0x0, 0x0)
ioctl$SG_SET_COMMAND_Q(r8, 0x2276, 0xfffffffffffffffe)
r9 = openat$sequencer(0xffffff9c, &(0x7f0000000200), 0x440, 0x0)
ioctl$SNDCTL_TMR_CONTINUE(r9, 0x5404)
syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="042c110200000000000000000000f8000000000066fe97c8ad8845cce102b94a472c20b6d6605ccaaad07dc3f45a6a4a2ff4dacc48ed1733bd5ecba7508fa9212028e285a1a1a16e7f466e7bf13ebf2bfec4286153a23091c522d0"], 0x14)

1.375639951s ago: executing program 2 (id=2708):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r0, &(0x7f0000000880)={0x2, 0x4e24, @local}, 0x10)

1.344156516s ago: executing program 2 (id=2709):
r0 = openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00001b5000/0x2000)=nil, 0x2000}, 0x3})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, 0x0, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(0xffffffffffffffff, 0x4014563c, &(0x7f0000000100)={0x2})
ioctl$sock_netdev_private(r3, 0x8914, &(0x7f0000000000))
poll(&(0x7f0000000000)=[{r1}], 0x1, 0xe2)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newpolicy={0xf8, 0x13, 0x15, 0x0, 0x0, {{@in6=@private1, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@tmpl={0x44, 0x10, [{{@in=@remote}, 0x0, @in=@multicast1}]}]}, 0xf8}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x18)
r5 = dup3(r2, 0xffffffffffffffff, 0x0)
mlockall(0x3)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000440)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f827d3cbeafbdc4008b8b56f3ec3543f1b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c639ec5cd6bf6a906b7ca9f9d828c209b54f0cea21ec557e0b5f66fdcd6fcb72ee925f650f322fc72333cf3f3a77ba77edd1086eec01b2cb760d134227"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r6}, 0x10)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYRES8=r0, @ANYRES16=r5, @ANYRES8=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$CDROM_CLEAR_OPTIONS(r0, 0x5321, 0x12)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r7, &(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00\a'], 0xd)
socket$l2tp6(0xa, 0x2, 0x73)

1.336121351s ago: executing program 0 (id=2710):
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100800001)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r1, 0x84, 0x7f, &(0x7f00000011c0)=""/4072, &(0x7f0000001180)=0xfe8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7)
r2 = syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000500)={"a0453822", 0x0, 0x6, 0x2, 0x0, 0x0, "3377f877c734c4f928875ab8db00", "000100", "0200", "be4d22a4", ["c38600008000080000e6fc00", "51f3541a910080ffffcb3a10", "2ce50f8a285d9500c522afe1"]})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_REMOVE(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000003c0)={0x14, 0x1, 0x5, 0x401}, 0x14}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x39}, "7058abce57033f29eb6dc1f8b128a7537a3409329d374c37fd2f23cfa5a5495ffc36ac891ea6f898ba2a0784b3781c59e6bd91a231a605e31d"}, 0x3d)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r4, &(0x7f0000000400)={'#! ', '', [], 0xa, "9e06ed6d6c85490efa68552c7319495b97c5346dbe0d2b94cae94415aa610dc38b0485b6486cc7dc675cfefead2875ef5cd288d8ae220cb9c79c53fb51b07f7559a0436b25730846d933568c7812c782d66dac9b20c1cbcdc0408336d688bd3aa9de6333e3a57eb15e5a512b2e2e33f7f44c99cc825cbab3f131f53e04f24dd5e0bfe6b9e09e25a98fa8efa67386d5b756f48af524374629270cb1fdffd2e86fe1dddc0a50e5ef999c5a"}, 0xae)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x31}, @l2cap_cid_signaling={{0x2d}, [@l2cap_info_req={{0xa, 0xd, 0x2}, {0x400}}, @l2cap_create_chan_rsp={{0xd, 0x80, 0x8}, {0xa, 0xfff, 0xe000, 0x54}}, @l2cap_conn_req={{0x2, 0x40, 0x4}, {0x1, 0xffc0}}, @l2cap_conf_req={{0x4, 0xf9, 0x8}, {0xffff, 0x3, [@l2cap_conf_ews={0x7, 0x2, 0x80}]}}, @l2cap_move_chan_req={{0xe, 0x7, 0x3}, {0x40, 0xc}}]}}, 0x36)
syz_emit_vhci(&(0x7f0000000580)=@HCI_VENDOR_PKT, 0x2)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r5 = inotify_init()
inotify_add_watch(r5, &(0x7f0000000180)='./file0\x00', 0x80000108)
inotify_add_watch(r5, &(0x7f0000000040)='./file0\x00', 0x16000281)
syz_emit_vhci(0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

1.194553392s ago: executing program 3 (id=2711):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_CONNECT(r0, 0x0, 0x0)

1.096361621s ago: executing program 3 (id=2712):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
accept4(r0, &(0x7f0000000240)=@nfc, &(0x7f00000000c0)=0x80, 0x80000)

1.096098763s ago: executing program 3 (id=2713):
io_uring_setup(0x497c, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3})
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f00000012c0)=[{&(0x7f0000000100)="7270aa3f0c63ef31716980d71af481e691d156e5c690c37493c965008b713ed133a85027d43b49d05b8ec0e538f674752205f76fb42632a5233a7d", 0x3b}], 0x1, 0x4, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000001100)={0x14, 0x0, 0x1}, 0x14}}, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x58, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x44, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x6, @empty, 0x8}}, {0x14, 0x2, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x40}]}]}, 0x58}}, 0x4001)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000003680)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0)
syz_open_dev$dri(&(0x7f00000010c0), 0x0, 0x0)
syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f00000002c0)={0x0, 0x3, &(0x7f0000000280)={&(0x7f00000005c0)={0x2c, r4, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x2c}}, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x4, 0x0, [{0xd000, 0xd3, &(0x7f0000000780)=""/211}, {0x0, 0xce, &(0x7f0000000500)=""/206}, {0xd000, 0x71, &(0x7f0000000880)=""/113}, {0xe8b84bb294a96876, 0xe4, &(0x7f00000009c0)=""/228}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=""/253, 0x0, &(0x7f0000000600)=""/91})
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="020d00000a0000000000000000000000030000000000000002000000ffffffff000000000000000005000600000000000a00000000000000fc0000000000000800"/80], 0x50}}, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f00000001c0)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r7, 0x84, 0x80, &(0x7f0000002140)=""/4092, &(0x7f0000001080)=0xffc)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x6, 0x0)
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)

433.581265ms ago: executing program 1 (id=2714):
r0 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0bc5310, &(0x7f0000001240))
mkdirat(r0, &(0x7f0000000100)='./control\x00', 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000010c0), 0x28040, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000094ffffffffed0000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f0000001140)='qgroup_num_dirty_extents\x00', r1}, 0x10)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0xc048aeca, &(0x7f0000000580)=ANY=[@ANYRES16=r2])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000200)='\x00', &(0x7f00000003c0)="b7562651d8c2f531ea47e3840e7c454912cadfeaeb662a4d2f73cf911a7259a8e8fd4563d2ad2aeaf0d41c3c26d21d0d1d95d862ada8f5b07729fe7b2d", 0x3d)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
write$UHID_INPUT(r8, &(0x7f0000000000)={0xf, {"a2e3ad21ed0d09f91b3d090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f31006c090890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000001080)={0x1, 0x0, 0x20, 0x20, 0x0, 0x0})
keyctl$revoke(0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001040), 0xffffffffffffffff)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f00000011c0)='/proc/keys\x00', 0x0, 0x0)
fcntl$setsig(r0, 0xa, 0x38)
r10 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000001180)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r10, r9, &(0x7f00000000c0)=0x58, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000c86c73b33970fc0d2a1d4c6726b29961f542f32c9c9a4af967d2e84b8e60c8c201be26b12467a2df24e4ba5916ea4b4c9fd420570a520a399213d932e49404ef5c75f0cef0e946a2266f23797f9aa6d2d8a8b990178a0817c7b333c78462c6e39b0d3a9c338079b786f6ecd8964afdc734e24e33f35a580e833e2f71b6e5b59b6dc14688c0932c58dc99da0ff406fc0754369451fca5215fa5c307633ed18a8732d3a31d18a0143f7259cf2bef38f6c4756cce31ee02ab0d292d93"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r11, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r11, &(0x7f0000000080), 0x4)
unlinkat(r0, &(0x7f0000000140)='./control\x00', 0x0)

196.523178ms ago: executing program 3 (id=2715):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
r0 = syz_open_dev$video(&(0x7f0000000000), 0x7ff, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f0000000040)={0x40001, 0x3231564e, 0xb, 0x168, 0x2, @stepwise={{0x0, 0xfffff5bd}, {0x0, 0x1}}})

106.533679ms ago: executing program 3 (id=2716):
io_uring_setup(0x0, &(0x7f0000000140))
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000001a000100000000000000000081"], 0x30}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000f8b70000", @ANYRES32=0x0], 0x18}, 0x1, 0xf00}, 0x0)
syz_io_uring_setup(0x3717, &(0x7f0000000080)={0x0, 0x46b8, 0x8, 0x0, 0x29f}, &(0x7f0000000580), &(0x7f0000000100)=<r2=>0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x50, 0xffffffffffffffff, 0x10000000)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
accept4$x25(0xffffffffffffffff, &(0x7f0000000140)={0x9, @remote}, &(0x7f0000000180)=0x12, 0x80000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000480)=ANY=[@ANYRESHEX=r2, @ANYRES16=r3], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='ext4_remove_blocks\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.stat\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r5, 0x4030582b, &(0x7f0000000500)={'ip6erspan0\x00', @random="40008b00"})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x0, 0x4, 0xd, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYRESHEX=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x2003}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b708"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r7, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00'}, 0x10)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES8=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x440922, 0x0)
preadv(r8, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)

67.506374ms ago: executing program 2 (id=2717):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="043e0112"], 0x9)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002}, [@IFLA_IFNAME={0x14, 0x3, 'bridge0\x00'}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x0)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'bridge0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x4, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0xa, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0x0, 0xffffffffffffffc7}, 0x90)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7902})
socket(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
pipe(&(0x7f0000000440))
fanotify_init(0x4, 0x48000)
keyctl$set_reqkey_keyring(0xe, 0x1)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0], &(0x7f0000000200), 0x1})
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "546792"}}}, 0xd)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x14, r7, 0x309, 0x0, 0x0, {0x1d}}, 0x14}}, 0x0)
r8 = syz_open_dev$sg(&(0x7f0000001b40), 0x0, 0x0)
rseq(&(0x7f00000001c0), 0x20, 0x0, 0x0)
futex(&(0x7f0000000200)=0x1, 0x0, 0x1, &(0x7f0000000300)={0x0, 0x989680}, 0x0, 0x0)
ioctl$SG_SET_COMMAND_Q(r8, 0x2276, 0xfffffffffffffffe)
r9 = openat$sequencer(0xffffff9c, &(0x7f0000000200), 0x440, 0x0)
ioctl$SNDCTL_TMR_CONTINUE(r9, 0x5404)
syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="042c110200000000000000000000f8000000000066fe97c8ad8845cce102b94a472c20b6d6605ccaaad07dc3f45a6a4a2ff4dacc48ed1733bd5ecba7508fa9212028e285a1a1a16e7f466e7bf13ebf2bfec4286153a23091c522d0"], 0x14)

19.490122ms ago: executing program 3 (id=2718):
getpid()
syz_80211_inject_frame(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x47)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x10, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan1\x00'})
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000100)={0x0, 'bridge_slave_0\x00'}, 0x18)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
pipe(0x0)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000140)={{{@in6=@initdev, @in=@loopback}}, {{}, 0x0, @in=@broadcast}}, &(0x7f00000002c0)=0xe8)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEV(r2, 0x0, 0x0)
socket(0x1e, 0x5, 0x0)
r4 = gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x38, r3, 0x101, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_PID={0x8, 0x1c, r4}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x38}}, 0x20000080) (fail_nth: 23)

0s ago: executing program 1 (id=2719):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r3, 0x0, 0x0)
dup(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x42, 0x40, 0x42}, 0x48)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
close(r5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

kernel console output (not intermixed with test programs):

RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  359.642238][T12267] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  359.645709][T12267] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  359.649230][T12267] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  359.652546][T12267]  </TASK>
[  359.725329][T12277] syzkaller0: entered promiscuous mode
[  359.727552][T12277] syzkaller0: entered allmulticast mode
[  359.736896][T12248] batman_adv: batadv0: Adding interface: batadv_slave_0
[  359.750566][T12248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  359.768772][T12248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  359.774561][T12248] batman_adv: batadv0: Adding interface: batadv_slave_1
[  359.777142][T12248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  359.786685][T12248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  359.860748][T12248] hsr_slave_0: entered promiscuous mode
[  359.863371][T12248] hsr_slave_1: entered promiscuous mode
[  359.865814][T12248] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  359.869880][T12248] Cannot create hsr debugfs directory
[  359.920151][   T11] bridge_slave_1: left allmulticast mode
[  359.922755][   T11] bridge_slave_1: left promiscuous mode
[  359.925504][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  359.935861][   T11] bridge_slave_0: left allmulticast mode
[  359.938191][   T11] bridge_slave_0: left promiscuous mode
[  359.941866][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  360.334394][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  360.346569][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  360.353380][   T11] bond0 (unregistering): Released all slaves
[  360.453367][   T11] tipc: Left network mode
[  360.490210][T12286] 9pnet_fd: Insufficient options for proto=fd
[  360.813361][   T11] hsr_slave_0: left promiscuous mode
[  360.817975][   T11] hsr_slave_1: left promiscuous mode
[  360.823256][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  360.826594][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  360.831656][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  360.834501][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  360.871227][   T11] veth1_macvtap: left promiscuous mode
[  360.873028][   T11] veth0_macvtap: left promiscuous mode
[  360.875241][   T11] veth1_vlan: left promiscuous mode
[  360.877422][   T11] veth0_vlan: left promiscuous mode
[  360.979616][ T5208] Bluetooth: hci4: command tx timeout
[  361.434928][T12308] netlink: 'syz.0.2104': attribute type 4 has an invalid length.
[  361.440235][T12308] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.2104'.
[  361.465823][T12308] ieee802154 phy0 wpan0: encryption failed: -22
[  361.813447][   T11] team0 (unregistering): Port device team_slave_1 removed
[  361.906757][   T11] team0 (unregistering): Port device team_slave_0 removed
[  362.405145][T12320] netlink: 144212 bytes leftover after parsing attributes in process `syz.3.2106'.
[  362.547914][T12304] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.563352][T12313] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2106'.
[  362.614487][T12325] netlink: 'syz.0.2107': attribute type 49 has an invalid length.
[  362.624331][T12316] batadv_slave_1: entered promiscuous mode
[  362.632890][T12325] netlink: 'syz.0.2107': attribute type 49 has an invalid length.
[  362.640759][T12311] batadv_slave_1: left promiscuous mode
[  362.682344][T12323] can: request_module (can-proto-5) failed.
[  362.711565][T12248] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  362.735208][T12248] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  362.750222][T12248] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  362.756817][T12248] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  362.907405][T12341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2111'.
[  362.918737][T12248] 8021q: adding VLAN 0 to HW filter on device bond0
[  362.936127][T12248] 8021q: adding VLAN 0 to HW filter on device team0
[  362.942980][ T5244] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.945735][ T5244] bridge0: port 1(bridge_slave_0) entered forwarding state
[  362.955160][ T5244] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.957678][ T5244] bridge0: port 2(bridge_slave_1) entered forwarding state
[  363.060147][ T5208] Bluetooth: hci4: command tx timeout
[  363.144229][T12248] 8021q: adding VLAN 0 to HW filter on device batadv0
[  363.190680][T12248] veth0_vlan: entered promiscuous mode
[  363.202582][T12248] veth1_vlan: entered promiscuous mode
[  363.233657][T12248] veth0_macvtap: entered promiscuous mode
[  363.244229][T12248] veth1_macvtap: entered promiscuous mode
[  363.264136][T12248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.270093][T12248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.274292][T12248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.279031][T12248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.282857][T12248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.286996][T12248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.292811][T12248] batman_adv: batadv0: Interface activated: batadv_slave_0
[  363.304639][T12248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.309534][T12248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.314096][T12248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.319364][T12248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.323078][T12248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.327097][T12248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.335085][T12248] batman_adv: batadv0: Interface activated: batadv_slave_1
[  363.342951][T12248] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  363.345918][T12248] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  363.349220][T12248] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  363.352222][T12248] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  363.427303][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  363.433493][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  363.455157][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  363.459169][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  363.923355][T12362] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2114'.
[  363.930687][T12361] netlink: 'syz.0.2116': attribute type 4 has an invalid length.
[  363.934100][T12361] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.2116'.
[  363.950958][T12361] ieee802154 phy0 wpan0: encryption failed: -22
[  364.096310][T12364] can: request_module (can-proto-5) failed.
[  364.169799][T12374] ax25_connect(): syz.2.2120 uses autobind, please contact jreuter@yaina.de
[  364.253467][T12379] syzkaller0: entered promiscuous mode
[  364.255857][T12379] syzkaller0: entered allmulticast mode
[  364.811173][T12385] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2122'.
[  365.148435][ T5208] Bluetooth: hci4: command tx timeout
[  365.452467][T12400] can: request_module (can-proto-5) failed.
[  365.733815][ T5208] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  366.111673][T12418] syzkaller0: entered promiscuous mode
[  366.119842][T12418] syzkaller0: entered allmulticast mode
[  366.307521][T12423] syzkaller0: entered promiscuous mode
[  366.312887][T12423] syzkaller0: entered allmulticast mode
[  366.565062][T12426] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2135'.
[  367.219048][ T5208] Bluetooth: hci4: command tx timeout
[  367.308046][T12429] can: request_module (can-proto-5) failed.
[  367.512499][T12444] autofs: Bad value for 'fd'
[  367.808659][   T25] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  368.001636][   T25] usb 8-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  368.005585][   T25] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.009194][   T25] usb 8-1: Product: syz
[  368.011007][   T25] usb 8-1: Manufacturer: syz
[  368.013022][   T25] usb 8-1: SerialNumber: syz
[  368.016981][   T25] usb 8-1: config 0 descriptor??
[  368.023609][   T25] legousbtower 8-1:0.0: interrupt endpoints not found
[  368.234551][   T25] usb 8-1: USB disconnect, device number 30
[  368.721469][T12461] can: request_module (can-proto-5) failed.
[  368.898096][T12467] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2147'.
[  368.972856][T12468] syzkaller0: entered promiscuous mode
[  368.975126][T12468] syzkaller0: entered allmulticast mode
[  369.389620][T12473] binder: 12471:12473 ioctl c0306201 20000680 returned -14
[  370.043934][T12490] can: request_module (can-proto-5) failed.
[  370.286950][T12496] syzkaller0: entered promiscuous mode
[  370.289303][T12496] syzkaller0: entered allmulticast mode
[  370.368473][ T5776] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  370.555745][ T5776] usb 7-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  370.558954][ T5776] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.561694][ T5776] usb 7-1: Product: syz
[  370.563392][ T5776] usb 7-1: Manufacturer: syz
[  370.565032][ T5776] usb 7-1: SerialNumber: syz
[  370.569931][ T5776] usb 7-1: config 0 descriptor??
[  370.574759][ T5776] legousbtower 7-1:0.0: interrupt endpoints not found
[  370.802212][ T5242] usb 7-1: USB disconnect, device number 30
[  370.816029][T12508] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2160'.
[  371.431417][T12522] can: request_module (can-proto-5) failed.
[  372.476029][T12557] syzkaller0: entered promiscuous mode
[  372.476931][T12555] can: request_module (can-proto-5) failed.
[  372.478030][T12557] syzkaller0: entered allmulticast mode
[  372.728671][ T5242] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  372.927921][ T5242] usb 5-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  372.931964][ T5242] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.936095][ T5242] usb 5-1: Product: syz
[  372.939295][ T5242] usb 5-1: Manufacturer: syz
[  372.944119][ T5242] usb 5-1: SerialNumber: syz
[  372.954611][ T5242] usb 5-1: config 0 descriptor??
[  372.963555][ T5242] legousbtower 5-1:0.0: interrupt endpoints not found
[  373.204364][ T5242] usb 5-1: USB disconnect, device number 35
[  373.558075][T12569] tap0: tun_chr_ioctl cmd 1074025676
[  373.560347][T12569] tap0: owner set to 0
[  373.617924][T12570] x_tables: duplicate underflow at hook 1
[  373.854558][T12582] can: request_module (can-proto-5) failed.
[  373.884710][T12585] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  373.924492][T12588] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2185'.
[  373.929768][T12588] openvswitch: netlink: Tunnel attr 0 has unexpected len 2 expected 8
[  373.934472][T12588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2185'.
[  374.408455][   T56] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  374.461559][T12596] FAULT_INJECTION: forcing a failure.
[  374.461559][T12596] name failslab, interval 1, probability 0, space 0, times 0
[  374.467381][T12596] CPU: 1 PID: 12596 Comm: syz.3.2188 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  374.471898][T12596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  374.476764][T12596] Call Trace:
[  374.478305][T12596]  <TASK>
[  374.479667][T12596]  dump_stack_lvl+0x16c/0x1f0
[  374.481796][T12596]  should_fail_ex+0x497/0x5b0
[  374.483935][T12596]  should_failslab+0x9/0x20
[  374.485990][T12596]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  374.488386][T12596]  ? skb_clone+0x190/0x3f0
[  374.490543][T12596]  skb_clone+0x190/0x3f0
[  374.492462][T12596]  netlink_deliver_tap+0xb26/0xcf0
[  374.494776][T12596]  netlink_unicast+0x604/0x820
[  374.496960][T12596]  ? __pfx_netlink_unicast+0x10/0x10
[  374.499220][T12596]  ? __phys_addr_symbol+0x30/0x80
[  374.501510][T12596]  ? __check_object_size+0x48e/0x720
[  374.503907][T12596]  netlink_sendmsg+0x8b8/0xd70
[  374.506072][T12596]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.508448][T12596]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  374.510808][T12596]  ____sys_sendmsg+0x9b4/0xb50
[  374.513007][T12596]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.515367][T12596]  ? get_compat_msghdr+0x11b/0x170
[  374.517718][T12596]  ? __pfx___lock_acquire+0x10/0x10
[  374.520079][T12596]  ___sys_sendmsg+0x135/0x1e0
[  374.522206][T12596]  ? __pfx____sys_sendmsg+0x10/0x10
[  374.524578][T12596]  ? ksys_write+0x21c/0x260
[  374.526625][T12596]  ? __fget_light+0x173/0x210
[  374.528757][T12596]  __sys_sendmsg+0x117/0x1f0
[  374.530827][T12596]  ? __pfx___sys_sendmsg+0x10/0x10
[  374.533138][T12596]  __do_fast_syscall_32+0x73/0x120
[  374.535422][T12596]  do_fast_syscall_32+0x32/0x80
[  374.537643][T12596]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  374.540513][T12596] RIP: 0023:0xf741b579
[  374.542375][T12596] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  374.550886][T12596] RSP: 002b:00000000f5d3357c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  374.554458][T12596] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  374.557977][T12596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  374.561485][T12596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  374.564965][T12596] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  374.568424][T12596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  374.571937][T12596]  </TASK>
[  374.705511][   T56] usb 7-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  374.709431][   T56] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.712244][   T56] usb 7-1: Product: syz
[  374.713810][   T56] usb 7-1: Manufacturer: syz
[  374.715435][   T56] usb 7-1: SerialNumber: syz
[  374.721006][   T56] usb 7-1: config 0 descriptor??
[  374.727006][   T56] legousbtower 7-1:0.0: interrupt endpoints not found
[  374.962712][   T25] usb 7-1: USB disconnect, device number 31
[  375.546133][T12608] can: request_module (can-proto-5) failed.
[  375.738739][T12618] nbd: must specify at least one socket
[  375.938532][T12622] FAULT_INJECTION: forcing a failure.
[  375.938532][T12622] name failslab, interval 1, probability 0, space 0, times 0
[  375.943663][T12622] CPU: 0 PID: 12622 Comm: syz.2.2196 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  375.947973][T12622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  375.952609][T12622] Call Trace:
[  375.954093][T12622]  <TASK>
[  375.955499][T12622]  dump_stack_lvl+0x16c/0x1f0
[  375.957664][T12622]  should_fail_ex+0x497/0x5b0
[  375.959779][T12622]  should_failslab+0x9/0x20
[  375.961812][T12622]  __kmalloc_noprof+0xcf/0x420
[  375.963944][T12622]  ? audit_alloc+0xa3/0x7b0
[  375.965949][T12622]  security_task_alloc+0x1e4/0x280
[  375.968165][T12622]  copy_process+0x2163/0x6f50
[  375.970103][T12622]  ? __pfx_copy_process+0x10/0x10
[  375.972276][T12622]  ? find_held_lock+0x2d/0x110
[  375.974021][T12622]  kernel_clone+0xfd/0x980
[  375.975571][T12622]  ? __pfx_kernel_clone+0x10/0x10
[  375.977272][T12622]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  375.979299][T12622]  __do_compat_sys_ia32_clone+0xb7/0x100
[  375.981232][T12622]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  375.983631][T12622]  __do_fast_syscall_32+0x73/0x120
[  375.985879][T12622]  do_fast_syscall_32+0x32/0x80
[  375.988051][T12622]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.990828][T12622] RIP: 0023:0xf740f579
[  375.992645][T12622] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  376.001009][T12622] RSP: 002b:00000000f5d2752c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  376.004358][T12622] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  376.007778][T12622] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  376.011248][T12622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  376.014398][T12622] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  376.017129][T12622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  376.019759][T12622]  </TASK>
[  376.858674][   T56] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  376.967001][T12638] syzkaller0: entered promiscuous mode
[  376.973672][T12638] syzkaller0: entered allmulticast mode
[  377.063488][   T56] usb 8-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  377.067681][   T56] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.072885][   T56] usb 8-1: Product: syz
[  377.075459][   T56] usb 8-1: Manufacturer: syz
[  377.077755][   T56] usb 8-1: SerialNumber: syz
[  377.092908][   T56] usb 8-1: config 0 descriptor??
[  377.101606][   T56] legousbtower 8-1:0.0: interrupt endpoints not found
[  377.158875][T12643] syzkaller0: entered promiscuous mode
[  377.161583][T12643] syzkaller0: entered allmulticast mode
[  377.343931][ T5776] usb 8-1: USB disconnect, device number 31
[  378.004009][T12653] nbd: must specify at least one socket
[  378.543634][T12663] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2211'.
[  378.546844][T12663] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2211'.
[  378.550941][T12663] FAULT_INJECTION: forcing a failure.
[  378.550941][T12663] name failslab, interval 1, probability 0, space 0, times 0
[  378.556290][T12663] CPU: 2 PID: 12663 Comm: syz.1.2211 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  378.560107][T12663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  378.564163][T12663] Call Trace:
[  378.565632][T12663]  <TASK>
[  378.566896][T12663]  dump_stack_lvl+0x16c/0x1f0
[  378.568543][T12663]  should_fail_ex+0x497/0x5b0
[  378.570302][T12663]  should_failslab+0x9/0x20
[  378.572246][T12663]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  378.574647][T12663]  ? __kernfs_new_node+0xd3/0x890
[  378.576712][T12663]  __kernfs_new_node+0xd3/0x890
[  378.578693][T12663]  ? hlock_class+0x4e/0x130
[  378.580746][T12663]  ? __pfx___kernfs_new_node+0x10/0x10
[  378.582826][T12663]  ? __pfx___lock_acquire+0x10/0x10
[  378.584598][T12663]  kernfs_new_node+0x186/0x240
[  378.586256][T12663]  __kernfs_create_file+0x53/0x350
[  378.588009][T12663]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  378.590135][T12663]  sysfs_create_file_ns+0x13e/0x1d0
[  378.592429][T12663]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  378.594683][T12663]  ? down_read+0xc9/0x330
[  378.596219][T12663]  ? __pfx___up_read+0x10/0x10
[  378.597859][T12663]  ? kobject_put+0xbe/0x5b0
[  378.599421][T12663]  device_create_file+0xf2/0x1e0
[  378.601130][T12663]  device_add+0x2c0/0x1a70
[  378.602628][T12663]  ? __pfx_dev_set_name+0x10/0x10
[  378.604333][T12663]  ? __pfx_device_add+0x10/0x10
[  378.606118][T12663]  ? __init_waitqueue_head+0xca/0x150
[  378.607997][T12663]  netdev_register_kobject+0x187/0x3f0
[  378.609990][T12663]  register_netdevice+0x12ce/0x1c40
[  378.611836][T12663]  ? __pfx_register_netdevice+0x10/0x10
[  378.613713][T12663]  ? validate_linkmsg+0x6d2/0x9a0
[  378.615484][T12663]  br_dev_newlink+0x27/0x110
[  378.617154][T12663]  ? __pfx_br_dev_newlink+0x10/0x10
[  378.618934][T12663]  __rtnl_newlink+0x119c/0x1960
[  378.620669][T12663]  ? __pfx___rtnl_newlink+0x10/0x10
[  378.622452][T12663]  rtnl_newlink+0x67/0xa0
[  378.623969][T12663]  ? __pfx_rtnl_newlink+0x10/0x10
[  378.625699][T12663]  rtnetlink_rcv_msg+0x3c7/0xea0
[  378.627465][T12663]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  378.629386][T12663]  ? __dev_queue_xmit+0x87e/0x4130
[  378.631203][T12663]  netlink_rcv_skb+0x165/0x410
[  378.632868][T12663]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  378.634747][T12663]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  378.636647][T12663]  ? netlink_deliver_tap+0x1ae/0xcf0
[  378.638467][T12663]  netlink_unicast+0x542/0x820
[  378.640108][T12663]  ? __pfx_netlink_unicast+0x10/0x10
[  378.642007][T12663]  ? __phys_addr_symbol+0x30/0x80
[  378.643773][T12663]  ? __check_object_size+0x48e/0x720
[  378.645618][T12663]  netlink_sendmsg+0x8b8/0xd70
[  378.647308][T12663]  ? __pfx_netlink_sendmsg+0x10/0x10
[  378.649139][T12663]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  378.651012][T12663]  ____sys_sendmsg+0x9b4/0xb50
[  378.652674][T12663]  ? __pfx_____sys_sendmsg+0x10/0x10
[  378.654501][T12663]  ? get_compat_msghdr+0x11b/0x170
[  378.656333][T12663]  ? __pfx___lock_acquire+0x10/0x10
[  378.658123][T12663]  ___sys_sendmsg+0x135/0x1e0
[  378.659784][T12663]  ? __pfx____sys_sendmsg+0x10/0x10
[  378.661646][T12663]  ? __pfx_lock_release+0x10/0x10
[  378.663407][T12663]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  378.665378][T12663]  ? __fget_light+0x173/0x210
[  378.667024][T12663]  __sys_sendmmsg+0x2a5/0x450
[  378.668709][T12663]  ? __pfx___sys_sendmmsg+0x10/0x10
[  378.670528][T12663]  ? vfs_write+0x14d/0x1140
[  378.672156][T12663]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  378.674266][T12663]  ? fput+0x32/0x390
[  378.675912][T12663]  ? ksys_write+0x1ab/0x260
[  378.677965][T12663]  ? __pfx_ksys_write+0x10/0x10
[  378.680170][T12663]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  378.682241][T12663]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  378.684797][T12663]  __do_fast_syscall_32+0x73/0x120
[  378.687036][T12663]  do_fast_syscall_32+0x32/0x80
[  378.689201][T12663]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  378.691984][T12663] RIP: 0023:0xf73c7579
[  378.693800][T12663] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  378.702109][T12663] RSP: 002b:00000000f5cdf57c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  378.704895][T12663] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140
[  378.707647][T12663] RDX: 0000000004924b68 RSI: 0000000000000000 RDI: 0000000000000000
[  378.710810][T12663] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  378.713819][T12663] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  378.716518][T12663] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  378.719445][T12663]  </TASK>
[  378.905053][T12669] can: request_module (can-proto-5) failed.
[  379.102000][T12675] pim6reg: entered allmulticast mode
[  379.121746][T12676] syzkaller0: entered promiscuous mode
[  379.138706][T12676] syzkaller0: entered allmulticast mode
[  379.155695][T12675] pim6reg: left allmulticast mode
[  379.303977][T12678] FAULT_INJECTION: forcing a failure.
[  379.303977][T12678] name failslab, interval 1, probability 0, space 0, times 0
[  379.311956][T12678] CPU: 0 PID: 12678 Comm: syz.0.2216 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  379.315842][T12678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  379.320184][T12678] Call Trace:
[  379.321396][T12678]  <TASK>
[  379.322714][T12678]  dump_stack_lvl+0x16c/0x1f0
[  379.324845][T12678]  should_fail_ex+0x497/0x5b0
[  379.326662][T12678]  should_failslab+0x9/0x20
[  379.328622][T12678]  kmalloc_node_trace_noprof+0x6e/0x360
[  379.330939][T12678]  ? __get_vm_area_node+0xe1/0x2d0
[  379.333108][T12678]  __get_vm_area_node+0xe1/0x2d0
[  379.335054][T12678]  ? mark_lock+0xb5/0xc60
[  379.336953][T12678]  __vmalloc_node_range_noprof+0x276/0x1520
[  379.339532][T12678]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  379.341986][T12678]  ? mark_lock+0xb5/0xc60
[  379.343950][T12678]  ? __pfx_mark_lock+0x10/0x10
[  379.346105][T12678]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  379.348589][T12678]  ? hlock_class+0x4e/0x130
[  379.350564][T12678]  ? mark_lock+0xb5/0xc60
[  379.352291][T12678]  ? aa_get_newest_label+0x376/0x680
[  379.354605][T12678]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  379.357182][T12678]  ? __pfx_aa_get_newest_label+0x10/0x10
[  379.359627][T12678]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  379.361877][T12678]  __vmalloc_noprof+0x6d/0x90
[  379.364013][T12678]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  379.366492][T12678]  bpf_prog_alloc_no_stats+0x54/0x5e0
[  379.368798][T12678]  bpf_prog_alloc+0x3b/0x240
[  379.370733][T12678]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  379.373389][T12678]  bpf_prog_load+0x1b4e/0x2670
[  379.375543][T12678]  ? __pfx_bpf_prog_load+0x10/0x10
[  379.377852][T12678]  ? find_held_lock+0x2d/0x110
[  379.379785][T12678]  ? security_bpf+0x8c/0xc0
[  379.381842][T12678]  __sys_bpf+0x9d2/0x5830
[  379.383802][T12678]  ? __pfx___sys_bpf+0x10/0x10
[  379.385965][T12678]  ? ksys_write+0x21c/0x260
[  379.388038][T12678]  ? __pfx_lock_release+0x10/0x10
[  379.390267][T12678]  ? __mutex_unlock_slowpath+0x164/0x650
[  379.392471][T12678]  ? fput+0x32/0x390
[  379.394222][T12678]  ? ksys_write+0x1ab/0x260
[  379.396283][T12678]  ? __pfx_ksys_write+0x10/0x10
[  379.398461][T12678]  __ia32_sys_bpf+0x76/0xe0
[  379.400225][T12678]  __do_fast_syscall_32+0x73/0x120
[  379.402486][T12678]  do_fast_syscall_32+0x32/0x80
[  379.404642][T12678]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  379.407210][T12678] RIP: 0023:0xf7425579
[  379.408849][T12678] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  379.417279][T12678] RSP: 002b:00000000f5d3d57c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  379.420705][T12678] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000440
[  379.424191][T12678] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  379.427724][T12678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  379.430935][T12678] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  379.434087][T12678] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  379.437177][T12678]  </TASK>
[  379.443718][T12678] syz.0.2216: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  379.450695][T12678] CPU: 1 PID: 12678 Comm: syz.0.2216 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  379.454622][T12678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  379.459175][T12678] Call Trace:
[  379.460548][T12678]  <TASK>
[  379.461855][T12678]  dump_stack_lvl+0x16c/0x1f0
[  379.463928][T12678]  warn_alloc+0x24d/0x3a0
[  379.465791][T12678]  ? __pfx_warn_alloc+0x10/0x10
[  379.467833][T12678]  ? __kasan_kmalloc+0x8a/0xb0
[  379.469953][T12678]  ? __get_vm_area_node+0x1bc/0x2d0
[  379.472232][T12678]  __vmalloc_node_range_noprof+0xc1e/0x1520
[  379.474870][T12678]  ? mark_lock+0xb5/0xc60
[  379.476802][T12678]  ? __pfx_mark_lock+0x10/0x10
[  379.478933][T12678]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  379.481392][T12678]  ? hlock_class+0x4e/0x130
[  379.483427][T12678]  ? mark_lock+0xb5/0xc60
[  379.485321][T12678]  ? aa_get_newest_label+0x376/0x680
[  379.487577][T12678]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  379.490357][T12678]  ? __pfx_aa_get_newest_label+0x10/0x10
[  379.492843][T12678]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  379.495219][T12678]  __vmalloc_noprof+0x6d/0x90
[  379.497255][T12678]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  379.499617][T12678]  bpf_prog_alloc_no_stats+0x54/0x5e0
[  379.501994][T12678]  bpf_prog_alloc+0x3b/0x240
[  379.504084][T12678]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  379.506623][T12678]  bpf_prog_load+0x1b4e/0x2670
[  379.508618][T12678]  ? __pfx_bpf_prog_load+0x10/0x10
[  379.510750][T12678]  ? find_held_lock+0x2d/0x110
[  379.512768][T12678]  ? security_bpf+0x8c/0xc0
[  379.514627][T12678]  __sys_bpf+0x9d2/0x5830
[  379.516351][T12678]  ? __pfx___sys_bpf+0x10/0x10
[  379.517958][T12678]  ? ksys_write+0x21c/0x260
[  379.519509][T12678]  ? __pfx_lock_release+0x10/0x10
[  379.521208][T12678]  ? __mutex_unlock_slowpath+0x164/0x650
[  379.523110][T12678]  ? fput+0x32/0x390
[  379.524438][T12678]  ? ksys_write+0x1ab/0x260
[  379.526089][T12678]  ? __pfx_ksys_write+0x10/0x10
[  379.527760][T12678]  __ia32_sys_bpf+0x76/0xe0
[  379.529300][T12678]  __do_fast_syscall_32+0x73/0x120
[  379.531036][T12678]  do_fast_syscall_32+0x32/0x80
[  379.532691][T12678]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  379.534819][T12678] RIP: 0023:0xf7425579
[  379.536257][T12678] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  379.542736][T12678] RSP: 002b:00000000f5d3d57c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  379.545580][T12678] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000440
[  379.548237][T12678] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  379.550866][T12678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  379.553504][T12678] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  379.556343][T12678] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  379.559047][T12678]  </TASK>
[  379.562560][T12678] Mem-Info:
[  379.564027][T12678] active_anon:37468 inactive_anon:864 isolated_anon:0
[  379.564027][T12678]  active_file:4521 inactive_file:45884 isolated_file:0
[  379.564027][T12678]  unevictable:1704 dirty:267 writeback:0
[  379.564027][T12678]  slab_reclaimable:5020 slab_unreclaimable:54048
[  379.564027][T12678]  mapped:11022 shmem:32601 pagetables:645
[  379.564027][T12678]  sec_pagetables:334 bounce:0
[  379.564027][T12678]  kernel_misc_reclaimable:0
[  379.564027][T12678]  free:79747 free_pcp:1631 free_cma:0
[  379.580822][T12678] Node 0 active_anon:2100kB inactive_anon:492kB active_file:84kB inactive_file:52kB unevictable:5280kB isolated(anon):0kB isolated(file):0kB mapped:3248kB dirty:160kB writeback:0kB shmem:2296kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9728kB pagetables:1724kB sec_pagetables:1280kB all_unreclaimable? no
[  379.595550][T12678] Node 1 active_anon:145808kB inactive_anon:732kB active_file:17992kB inactive_file:183492kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:40840kB dirty:908kB writeback:0kB shmem:128116kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1172kB pagetables:856kB sec_pagetables:56kB all_unreclaimable? no
[  379.610209][T12678] Node 0 DMA free:924kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:16kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:340kB local_pcp:64kB free_cma:0kB
[  379.628572][T12678] lowmem_reserve[]: 0 374 0 0 0
[  379.630683][T12678] Node 0 DMA32 free:29924kB boost:0kB min:19048kB low:23808kB high:28568kB reserved_highatomic:6144KB active_anon:1416kB inactive_anon:1280kB active_file:144kB inactive_file:0kB unevictable:5280kB writepending:160kB present:1032192kB managed:410812kB mlocked:3744kB bounce:0kB free_pcp:2416kB local_pcp:188kB free_cma:0kB
[  379.652686][T12678] lowmem_reserve[]: 0 0 0 0 0
[  379.661963][T12678] Node 1 DMA32 free:288280kB boost:0kB min:47048kB low:58808kB high:70568kB reserved_highatomic:0KB active_anon:138244kB inactive_anon:732kB active_file:17992kB inactive_file:183492kB unevictable:1536kB writepending:908kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:16080kB local_pcp:1684kB free_cma:0kB
[  379.683827][T12678] lowmem_reserve[]: 0 0 0 0 0
[  379.693960][T12678] Node 0 DMA: 17*4kB (U) 15*8kB (U) 21*16kB (U) 13*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 940kB
[  379.702639][T12678] Node 0 DMA32: 435*4kB (UMH) 260*8kB (UMEH) 114*16kB (UMEH) 111*32kB (UEH) 57*64kB (UMEH) 29*128kB (UME) 16*256kB (UME) 4*512kB (UE) 2*1024kB (M) 1*2048kB (M) 1*4096kB (U) = 30892kB
[  379.711391][T12678] Node 1 DMA32: 176*4kB (UME) 253*8kB (UME) 55*16kB (UE) 45*32kB (UME) 148*64kB (UE) 33*128kB (UME) 60*256kB (UM) 36*512kB (UM) 14*1024kB (UME) 6*2048kB (UM) 51*4096kB (UM) = 288056kB
[  379.721780][T12678] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  379.725713][T12678] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  379.729908][T12678] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  379.733869][T12678] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  379.738298][T12678] 83013 total pagecache pages
[  379.744640][T12678] 632 pages in swap cache
[  379.746469][T12678] Free swap  = 107148kB
[  379.748228][T12678] Total swap = 124996kB
[  379.750054][T12678] 524155 pages RAM
[  379.751650][T12678] 0 pages HighMem/MovableOnly
[  379.753623][T12678] 181060 pages reserved
[  379.755371][T12678] 0 pages cma reserved
[  379.856473][T12684] syzkaller0: entered promiscuous mode
[  379.860520][T12684] syzkaller0: entered allmulticast mode
[  380.146067][T12688] syzkaller0: entered promiscuous mode
[  380.150453][T12688] syzkaller0: entered allmulticast mode
[  380.986272][T12692] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  381.395486][T12697] nbd: must specify a size in bytes for the device
[  381.858534][ T5265] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  381.923928][T12711] FAULT_INJECTION: forcing a failure.
[  381.923928][T12711] name failslab, interval 1, probability 0, space 0, times 0
[  381.928147][T12711] CPU: 0 PID: 12711 Comm: syz.3.2227 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  381.931585][T12711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  381.935218][T12711] Call Trace:
[  381.936373][T12711]  <TASK>
[  381.937380][T12711]  dump_stack_lvl+0x16c/0x1f0
[  381.939296][T12711]  should_fail_ex+0x497/0x5b0
[  381.941401][T12711]  should_failslab+0x9/0x20
[  381.943269][T12711]  __kmalloc_noprof+0xcf/0x420
[  381.945400][T12711]  usb_alloc_urb+0x71/0x1a0
[  381.947461][T12711]  do_proc_control+0x2eb/0x1070
[  381.949527][T12711]  ? __pfx_do_proc_control+0x10/0x10
[  381.951824][T12711]  usbdev_ioctl+0x22cb/0x3f10
[  381.953852][T12711]  ? tomoyo_path_number_perm+0x190/0x5b0
[  381.956372][T12711]  ? __pfx_usbdev_ioctl+0x10/0x10
[  381.958588][T12711]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  381.961342][T12711]  ? do_vfs_ioctl+0x515/0x1a90
[  381.963489][T12711]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  381.965730][T12711]  ? __pfx_lock_release+0x10/0x10
[  381.968005][T12711]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  381.970680][T12711]  ? __fget_files+0x256/0x400
[  381.972795][T12711]  ? __pfx_usbdev_ioctl+0x10/0x10
[  381.975022][T12711]  compat_ptr_ioctl+0x71/0xb0
[  381.977148][T12711]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  381.979528][T12711]  __do_compat_sys_ioctl+0x2c3/0x330
[  381.981883][T12711]  __do_fast_syscall_32+0x73/0x120
[  381.984183][T12711]  do_fast_syscall_32+0x32/0x80
[  381.986361][T12711]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  381.989120][T12711] RIP: 0023:0xf741b579
[  381.990933][T12711] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  381.999473][T12711] RSP: 002b:00000000f5d3357c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  382.003155][T12711] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0185500
[  382.006639][T12711] RDX: 0000000020001340 RSI: 0000000000000000 RDI: 0000000000000000
[  382.010064][T12711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  382.013543][T12711] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  382.017040][T12711] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  382.020528][T12711]  </TASK>
[  382.043817][ T5265] usb 5-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  382.047360][ T5265] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.051024][ T5265] usb 5-1: Product: syz
[  382.052800][ T5265] usb 5-1: Manufacturer: syz
[  382.054770][ T5265] usb 5-1: SerialNumber: syz
[  382.057967][ T5265] usb 5-1: config 0 descriptor??
[  382.062397][ T5265] legousbtower 5-1:0.0: interrupt endpoints not found
[  382.269524][ T5776] usb 5-1: USB disconnect, device number 36
[  382.533160][T12722] syzkaller0: entered promiscuous mode
[  382.535658][T12722] syzkaller0: entered allmulticast mode
[  382.827030][T12725] syzkaller0: entered promiscuous mode
[  382.830055][T12725] syzkaller0: entered allmulticast mode
[  382.931612][ T5208] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  383.353443][T12737] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  383.891530][T12752] can: request_module (can-proto-5) failed.
[  383.892647][T12757] netlink: 'syz.1.2241': attribute type 5 has an invalid length.
[  383.912698][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  383.916253][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  383.942374][ T1353] ieee802154 phy0 wpan0: encryption failed: -22
[  383.944629][ T1353] ieee802154 phy1 wpan1: encryption failed: -22
[  384.131172][T12773] FAULT_INJECTION: forcing a failure.
[  384.131172][T12773] name failslab, interval 1, probability 0, space 0, times 0
[  384.136723][T12773] CPU: 3 PID: 12773 Comm: syz.0.2248 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  384.140800][T12773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  384.145067][T12773] Call Trace:
[  384.146429][T12773]  <TASK>
[  384.147688][T12773]  dump_stack_lvl+0x16c/0x1f0
[  384.149620][T12773]  should_fail_ex+0x497/0x5b0
[  384.151534][T12773]  should_failslab+0x9/0x20
[  384.153134][T12773]  __kmalloc_noprof+0xcf/0x420
[  384.154732][T12773]  io_cqring_event_overflow+0xcb/0x6f0
[  384.156672][T12773]  __io_submit_flush_completions+0x1041/0x1f70
[  384.158826][T12773]  ? io_queue_sqe_fallback+0x121/0xaa0
[  384.160720][T12773]  io_submit_sqes+0xa75/0x2500
[  384.162337][T12773]  __do_sys_io_uring_enter+0xbd8/0x1130
[  384.164231][T12773]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  384.166317][T12773]  ? ksys_write+0x1ab/0x260
[  384.167913][T12773]  ? __pfx_ksys_write+0x10/0x10
[  384.169605][T12773]  __do_fast_syscall_32+0x73/0x120
[  384.171380][T12773]  do_fast_syscall_32+0x32/0x80
[  384.173058][T12773]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  384.175231][T12773] RIP: 0023:0xf7425579
[  384.176662][T12773] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  384.184301][T12773] RSP: 002b:00000000f5d3d57c EFLAGS: 00000292 ORIG_RAX: 00000000000001aa
[  384.187465][T12773] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000009b3
[  384.190362][T12773] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  384.193082][T12773] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  384.195794][T12773] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  384.198502][T12773] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  384.201337][T12773]  </TASK>
[  384.314750][T12780] syzkaller0: entered promiscuous mode
[  384.318183][T12780] syzkaller0: entered allmulticast mode
[  384.439056][T12779] syzkaller0: entered promiscuous mode
[  384.440929][T12779] syzkaller0: entered allmulticast mode
[  384.469650][T12782] can: request_module (can-proto-5) failed.
[  384.500843][T12788] nbd: must specify a size in bytes for the device
[  384.519361][T12791] netlink: 'syz.3.2254': attribute type 5 has an invalid length.
[  384.528052][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  384.537825][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  385.598769][T12812] can: request_module (can-proto-5) failed.
[  385.670655][T12816] 9pnet_virtio: no channels available for device syz
[  385.802701][T12821] nbd: nbd3 already in use
[  386.148511][ T5265] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  386.353196][ T5265] usb 7-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  386.356373][ T5265] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.359664][ T5265] usb 7-1: Product: syz
[  386.361351][ T5265] usb 7-1: Manufacturer: syz
[  386.363206][ T5265] usb 7-1: SerialNumber: syz
[  386.367802][ T5265] usb 7-1: config 0 descriptor??
[  386.375392][ T5265] legousbtower 7-1:0.0: interrupt endpoints not found
[  386.591260][   T25] usb 7-1: USB disconnect, device number 32
[  386.712464][T12833] netlink: 'syz.3.2269': attribute type 5 has an invalid length.
[  386.784238][T12837] can: request_module (can-proto-5) failed.
[  386.825515][T12844] 9pnet_virtio: no channels available for device syz
[  386.827371][T12835] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  386.976339][T12853] nbd: nbd1 already in use
[  387.151954][T12861] fuse: Unknown parameter 'ùäƒá�ƒòÌ¨í·ž`'
[  387.270427][ T5208] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  387.895874][T12869] can: request_module (can-proto-5) failed.
[  389.076064][T12887] 9pnet_virtio: no channels available for device syz
[  389.091562][T12890] 9pnet_virtio: no channels available for device syz
[  389.293361][T12895] nbd: nbd3 already in use
[  389.348161][T12898] can: request_module (can-proto-5) failed.
[  390.404440][T12934] 9pnet_virtio: no channels available for device syz
[  390.527830][T12937] can: request_module (can-proto-5) failed.
[  390.706656][ T5208] Bluetooth: hci1: Unable to find connection with handle 0x0000
[  390.847494][T12948] nbd: nbd0 already in use
[  391.085167][T12957] ecryptfs_parse_options: eCryptfs: unrecognized option [&@]
[  391.088745][T12957] ecryptfs_parse_options: eCryptfs: unrecognized option [ention_end]
[  391.092145][T12957] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  391.099216][T12957] Error parsing options; rc = [-22]
[  392.088693][T12974] can: request_module (can-proto-5) failed.
[  392.190207][T12978] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  392.236315][T12978] kvm: pic: level sensitive irq not supported
[  392.237222][T12978] kvm: pic: non byte read
[  392.249446][T12987] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2311'.
[  392.429023][ T5208] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  392.508425][ T4661] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  392.718419][ T4661] usb 6-1: Using ep0 maxpacket: 8
[  392.721767][ T4661] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  392.724508][ T4661] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  392.727898][ T4661] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  392.731292][ T4661] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  392.734622][ T4661] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  392.739284][ T4661] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  392.742577][ T4661] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.962418][ T4661] usb 6-1: GET_CAPABILITIES returned 0
[  392.964377][ T4661] usbtmc 6-1:16.0: can't read capabilities
[  393.059321][ T5208] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  393.062807][ T5208] Bluetooth: hci4: Injecting HCI hardware error event
[  393.066156][ T5208] Bluetooth: hci4: hardware error 0x00
[  393.170393][   T55] usb 6-1: USB disconnect, device number 35
[  393.473708][T13004] can: request_module (can-proto-5) failed.
[  393.968200][T13027] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2324'.
[  394.298653][T13037] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2327'.
[  394.310037][T13035] can: request_module (can-proto-5) failed.
[  394.437372][T13041] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  394.457357][T13041] kvm: pic: level sensitive irq not supported
[  394.458138][T13041] kvm: pic: non byte read
[  394.487373][ T5203] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  394.809235][T13055] FAULT_INJECTION: forcing a failure.
[  394.809235][T13055] name failslab, interval 1, probability 0, space 0, times 0
[  394.813661][T13055] CPU: 3 PID: 13055 Comm: syz.1.2333 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  394.817067][T13055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  394.820690][T13055] Call Trace:
[  394.821822][T13055]  <TASK>
[  394.822830][T13055]  dump_stack_lvl+0x16c/0x1f0
[  394.824460][T13055]  should_fail_ex+0x497/0x5b0
[  394.826101][T13055]  should_failslab+0x9/0x20
[  394.827656][T13055]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  394.829470][T13055]  ? skb_clone+0x190/0x3f0
[  394.831002][T13055]  skb_clone+0x190/0x3f0
[  394.832425][T13055]  netlink_deliver_tap+0xb26/0xcf0
[  394.834202][T13055]  netlink_unicast+0x6be/0x820
[  394.835902][T13055]  ? __pfx_netlink_unicast+0x10/0x10
[  394.837721][T13055]  ctrl_getfamily+0x40b/0x540
[  394.839351][T13055]  ? __pfx_ctrl_getfamily+0x10/0x10
[  394.841154][T13055]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  394.843649][T13055]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  394.846184][T13055]  genl_family_rcv_msg_doit+0x202/0x2f0
[  394.848071][T13055]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  394.850205][T13055]  ? __radix_tree_lookup+0x21f/0x2c0
[  394.852024][T13055]  genl_rcv_msg+0x565/0x800
[  394.853581][T13055]  ? __pfx_genl_rcv_msg+0x10/0x10
[  394.855308][T13055]  ? __dev_queue_xmit+0x85d/0x4130
[  394.857064][T13055]  ? __pfx_ctrl_getfamily+0x10/0x10
[  394.858833][T13055]  netlink_rcv_skb+0x165/0x410
[  394.860479][T13055]  ? __pfx_genl_rcv_msg+0x10/0x10
[  394.862189][T13055]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  394.864025][T13055]  ? down_read+0xc9/0x330
[  394.865498][T13055]  ? __pfx_down_read+0x10/0x10
[  394.867130][T13055]  ? netlink_deliver_tap+0x1ae/0xcf0
[  394.868967][T13055]  genl_rcv+0x28/0x40
[  394.870324][T13055]  netlink_unicast+0x542/0x820
[  394.871964][T13055]  ? __pfx_netlink_unicast+0x10/0x10
[  394.873756][T13055]  ? __phys_addr_symbol+0x30/0x80
[  394.875497][T13055]  ? __check_object_size+0x48e/0x720
[  394.877306][T13055]  netlink_sendmsg+0x8b8/0xd70
[  394.878962][T13055]  ? __pfx_netlink_sendmsg+0x10/0x10
[  394.880795][T13055]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  394.882646][T13055]  __sys_sendto+0x47f/0x4e0
[  394.884258][T13055]  ? __pfx___sys_sendto+0x10/0x10
[  394.886000][T13055]  ? __might_fault+0x13b/0x190
[  394.887680][T13055]  ? __pfx_lock_release+0x10/0x10
[  394.889767][T13055]  __do_compat_sys_socketcall+0x5e2/0x700
[  394.892237][T13055]  ? __pfx___do_compat_sys_socketcall+0x10/0x10
[  394.894696][T13055]  ? fput+0x32/0x390
[  394.896047][T13055]  __do_fast_syscall_32+0x73/0x120
[  394.897772][T13055]  do_fast_syscall_32+0x32/0x80
[  394.899511][T13055]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  394.901661][T13055] RIP: 0023:0xf73c7579
[  394.903064][T13055] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  394.909694][T13055] RSP: 002b:00000000f5cde450 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[  394.912501][T13055] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f5cde464
[  394.915220][T13055] RDX: 0000000000000000 RSI: 00000000f5cde580 RDI: 00000000f73b1ff4
[  394.917906][T13055] RBP: 00000000f5cde580 R08: 0000000000000000 R09: 0000000000000000
[  394.920574][T13055] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000000
[  394.923245][T13055] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  394.925927][T13055]  </TASK>
[  395.106376][T13072] can: request_module (can-proto-5) failed.
[  395.138477][ T5208] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  395.336515][T13082] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  395.357220][T13082] kvm: pic: level sensitive irq not supported
[  395.358009][T13082] kvm: pic: non byte read
[  395.361297][T13086] syzkaller0: entered promiscuous mode
[  395.366597][T13086] syzkaller0: entered allmulticast mode
[  395.617928][T13098] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2343'.
[  396.476107][T13116] can: request_module (can-proto-5) failed.
[  396.709855][T13127] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  396.739111][T13127] kvm: pic: level sensitive irq not supported
[  396.739739][T13127] kvm: pic: non byte read
[  397.143671][T13145] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2359'.
[  397.460738][T13147] can: request_module (can-proto-5) failed.
[  397.755313][T13153] syzkaller0: entered promiscuous mode
[  397.757739][T13153] syzkaller0: entered allmulticast mode
[  398.024331][T13156] syzkaller0: entered promiscuous mode
[  398.026720][T13156] syzkaller0: entered allmulticast mode
[  399.179649][T13171] nbd: nbd2 already in use
[  399.295095][T13177] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  399.523918][T13180] can: request_module (can-proto-5) failed.
[  399.650434][T13189] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2371'.
[  401.093621][T13225] syzkaller0: entered promiscuous mode
[  401.096082][T13225] syzkaller0: entered allmulticast mode
[  401.187741][T13227] can: request_module (can-proto-5) failed.
[  401.271511][T13235] nbd: nbd0 already in use
[  401.554314][T13242] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2385'.
[  401.611671][T13242] batman_adv: batadv1: Adding interface: ipvlan1
[  401.615008][T13242] batman_adv: batadv1: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  401.627350][T13242] batman_adv: batadv1: Not using interface ipvlan1 (retrying later): interface not active
[  401.986860][T13250] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2388'.
[  403.082423][T13266] can: request_module (can-proto-5) failed.
[  403.549692][T13280] syzkaller0: entered promiscuous mode
[  403.552092][T13280] syzkaller0: entered allmulticast mode
[  403.795864][T13283] nbd: nbd3 already in use
[  404.291341][T13293] syzkaller0: entered promiscuous mode
[  404.295749][T13293] syzkaller0: entered allmulticast mode
[  404.379053][T13298] can: request_module (can-proto-5) failed.
[  404.434740][T13301] FAULT_INJECTION: forcing a failure.
[  404.434740][T13301] name failslab, interval 1, probability 0, space 0, times 0
[  404.440559][T13301] CPU: 3 PID: 13301 Comm: syz.2.2402 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  404.444889][T13301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.449647][T13301] Call Trace:
[  404.451153][T13301]  <TASK>
[  404.452472][T13301]  dump_stack_lvl+0x16c/0x1f0
[  404.454607][T13301]  should_fail_ex+0x497/0x5b0
[  404.456530][T13301]  should_failslab+0x9/0x20
[  404.458018][T13301]  kmem_cache_alloc_node_noprof+0x71/0x310
[  404.460239][T13301]  ? __alloc_skb+0x2b3/0x380
[  404.462226][T13301]  __alloc_skb+0x2b3/0x380
[  404.464134][T13301]  ? __pfx___alloc_skb+0x10/0x10
[  404.466099][T13301]  ? module_put+0xd/0x30
[  404.467902][T13301]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  404.470063][T13301]  netlink_ack+0x164/0xb20
[  404.471973][T13301]  netlink_rcv_skb+0x327/0x410
[  404.473948][T13301]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  404.476034][T13301]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  404.477805][T13301]  ? netlink_deliver_tap+0x1ae/0xcf0
[  404.479594][T13301]  netlink_unicast+0x542/0x820
[  404.481202][T13301]  ? __pfx_netlink_unicast+0x10/0x10
[  404.482985][T13301]  ? __phys_addr_symbol+0x30/0x80
[  404.484644][T13301]  ? __check_object_size+0x48e/0x720
[  404.486431][T13301]  netlink_sendmsg+0x8b8/0xd70
[  404.488079][T13301]  ? __pfx_netlink_sendmsg+0x10/0x10
[  404.489873][T13301]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  404.491583][T13301]  ____sys_sendmsg+0x9b4/0xb50
[  404.493099][T13301]  ? __pfx_____sys_sendmsg+0x10/0x10
[  404.494869][T13301]  ? get_compat_msghdr+0x11b/0x170
[  404.496623][T13301]  ? __pfx___lock_acquire+0x10/0x10
[  404.498306][T13301]  ___sys_sendmsg+0x135/0x1e0
[  404.499974][T13301]  ? __pfx____sys_sendmsg+0x10/0x10
[  404.501728][T13301]  ? ksys_write+0x21c/0x260
[  404.503287][T13301]  ? __fget_light+0x173/0x210
[  404.504867][T13301]  __sys_sendmsg+0x117/0x1f0
[  404.506896][T13301]  ? __pfx___sys_sendmsg+0x10/0x10
[  404.509480][T13301]  __do_fast_syscall_32+0x73/0x120
[  404.512167][T13301]  do_fast_syscall_32+0x32/0x80
[  404.514914][T13301]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  404.518116][T13301] RIP: 0023:0xf740f579
[  404.519964][T13301] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  404.528414][T13301] RSP: 002b:00000000f5d2757c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  404.532103][T13301] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000300
[  404.535593][T13301] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  404.539134][T13301] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  404.542646][T13301] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  404.546179][T13301] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  404.549763][T13301]  </TASK>
[  404.609604][T13303] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  404.659985][T13312] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2405'.
[  404.728829][T13322] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2408'.
[  404.755005][T13322] batman_adv: batadv1: Removing interface: ipvlan1
[  404.759246][T13322] batman_adv: batadv2: Adding interface: ipvlan1
[  404.761442][T13322] batman_adv: batadv2: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.772607][T13322] batman_adv: batadv2: Not using interface ipvlan1 (retrying later): interface not active
[  404.842941][T13328] can: request_module (can-proto-5) failed.
[  404.895616][   T39] audit: type=1326 audit(1720347511.253:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741b579 code=0x7ffc0000
[  404.904369][   T39] audit: type=1326 audit(1720347511.253:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741b579 code=0x7ffc0000
[  404.976301][T13344] FAULT_INJECTION: forcing a failure.
[  404.976301][T13344] name failslab, interval 1, probability 0, space 0, times 0
[  405.003003][T13344] CPU: 3 PID: 13344 Comm: syz.2.2413 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  405.006476][T13344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  405.010077][T13344] Call Trace:
[  405.011237][T13344]  <TASK>
[  405.012253][T13344]  dump_stack_lvl+0x16c/0x1f0
[  405.013876][T13344]  should_fail_ex+0x497/0x5b0
[  405.015489][T13344]  should_failslab+0x9/0x20
[  405.017054][T13344]  __kmalloc_noprof+0xcf/0x420
[  405.018683][T13344]  copy_splice_read+0x1a8/0xb80
[  405.020347][T13344]  ? __pfx_copy_splice_read+0x10/0x10
[  405.022196][T13344]  ? find_held_lock+0x2d/0x110
[  405.023846][T13344]  ? splice_direct_to_actor+0x346/0xa40
[  405.025725][T13344]  ? __pfx_copy_splice_read+0x10/0x10
[  405.027554][T13344]  do_splice_read+0x294/0x380
[  405.029160][T13344]  splice_direct_to_actor+0x2a4/0xa40
[  405.030989][T13344]  ? __pfx_direct_splice_actor+0x10/0x10
[  405.032893][T13344]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  405.034917][T13344]  ? __fget_files+0x24c/0x400
[  405.036559][T13344]  ? __pfx_lock_release+0x10/0x10
[  405.038281][T13344]  do_splice_direct+0x17e/0x250
[  405.039958][T13344]  ? __pfx_do_splice_direct+0x10/0x10
[  405.041785][T13344]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  405.043821][T13344]  do_sendfile+0xb1e/0xe50
[  405.045348][T13344]  ? __pfx_do_sendfile+0x10/0x10
[  405.047041][T13344]  __ia32_compat_sys_sendfile+0x1e7/0x230
[  405.048925][T13344]  ? ksys_write+0x1ab/0x260
[  405.050471][T13344]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  405.052580][T13344]  __do_fast_syscall_32+0x73/0x120
[  405.054325][T13344]  do_fast_syscall_32+0x32/0x80
[  405.056016][T13344]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  405.058151][T13344] RIP: 0023:0xf740f579
[  405.059971][T13344] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  405.068019][T13344] RSP: 002b:00000000f5d0657c EFLAGS: 00000292 ORIG_RAX: 00000000000000bb
[  405.071656][T13344] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000003
[  405.074933][T13344] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  405.077735][T13344] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  405.080575][T13344] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  405.083363][T13344] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  405.086406][T13344]  </TASK>
[  405.127346][T13349] nbd: nbd1 already in use
[  405.179928][T13353] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  405.190229][T13353] IPVS: Error joining to the multicast group
[  405.281877][T13360] can: request_module (can-proto-5) failed.
[  405.355492][T13364] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  405.372228][T13366] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 0, id = 0
[  405.382646][T13364] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  405.680223][ T5203] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  405.686760][ T5203] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  405.692841][ T5203] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  405.697935][ T5203] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  405.701791][ T5203] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  405.705298][ T5203] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  405.735150][T13368] wlan0 speed is unknown, defaulting to 1000
[  405.871904][T13368] chnl_net:caif_netlink_parms(): no params data found
[  405.982552][T13376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2422'.
[  406.035372][T13376] batman_adv: batadv1: Adding interface: ipvlan1
[  406.039134][T13376] batman_adv: batadv1: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.053448][T13376] batman_adv: batadv1: Not using interface ipvlan1 (retrying later): interface not active
[  406.058648][T13368] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.063292][T13368] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.066652][T13368] bridge_slave_0: entered allmulticast mode
[  406.070195][T13368] bridge_slave_0: entered promiscuous mode
[  406.079306][T13368] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.087364][T13368] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.091356][T13368] bridge_slave_1: entered allmulticast mode
[  406.095275][T13368] bridge_slave_1: entered promiscuous mode
[  406.168824][T13368] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  406.173891][T13368] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  406.237413][T13368] team0: Port device team_slave_0 added
[  406.242094][T13368] team0: Port device team_slave_1 added
[  406.306852][T10465] bridge0: port 3(syz_tun) entered disabled state
[  406.348648][T10465] syz_tun (unregistering): left allmulticast mode
[  406.351482][T10465] syz_tun (unregistering): left promiscuous mode
[  406.354158][T10465] bridge0: port 3(syz_tun) entered disabled state
[  406.379597][T13368] batman_adv: batadv0: Adding interface: batadv_slave_0
[  406.382512][T13368] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.392756][T13368] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  406.400447][T13368] batman_adv: batadv0: Adding interface: batadv_slave_1
[  406.403365][T13368] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.414609][T13368] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  406.485980][T13368] hsr_slave_0: entered promiscuous mode
[  406.488990][T13368] hsr_slave_1: entered promiscuous mode
[  406.491424][ T5203] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  406.492283][T13368] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  406.500229][T13368] Cannot create hsr debugfs directory
[  406.685127][T13407] nbd: nbd2 already in use
[  406.695597][T13368] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.790482][T13368] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.893911][T13368] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.999408][T13368] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.187119][T13368] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  407.200697][T13368] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  407.208300][T13368] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  407.219488][T13368] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  407.305788][T13368] 8021q: adding VLAN 0 to HW filter on device bond0
[  407.324277][T13368] 8021q: adding VLAN 0 to HW filter on device team0
[  407.332562][ T5265] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.335575][ T5265] bridge0: port 1(bridge_slave_0) entered forwarding state
[  407.351908][ T5265] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.354349][ T5265] bridge0: port 2(bridge_slave_1) entered forwarding state
[  407.357771][T13418] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2432'.
[  407.373196][T13418] batman_adv: batadv1: Adding interface: ipvlan1
[  407.375409][T13418] batman_adv: batadv1: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  407.384265][T13418] batman_adv: batadv1: Not using interface ipvlan1 (retrying later): interface not active
[  407.413501][T13368] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  407.417106][T13368] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  407.587043][T13368] 8021q: adding VLAN 0 to HW filter on device batadv0
[  407.622687][   T39] audit: type=1326 audit(1720347513.983:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13431 comm="syz.2.2435" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf740f579 code=0x0
[  407.643078][T13368] veth0_vlan: entered promiscuous mode
[  407.655347][T13368] veth1_vlan: entered promiscuous mode
[  407.699390][T13368] veth0_macvtap: entered promiscuous mode
[  407.704470][T13368] veth1_macvtap: entered promiscuous mode
[  407.715169][T13368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  407.718794][T13368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.722771][T13368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  407.726246][T13368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.729921][T13368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  407.733289][T13368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.736483][T13368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  407.740263][T13368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.744908][T13368] batman_adv: batadv0: Interface activated: batadv_slave_0
[  407.752062][T13368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  407.755535][T13368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.766156][T13368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  407.770881][T13368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.774161][T13368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  407.777579][T13368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.780685][T13368] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  407.783843][T13368] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.788602][ T5203] Bluetooth: hci3: command tx timeout
[  407.789708][T13368] batman_adv: batadv0: Interface activated: batadv_slave_1
[  407.796321][T13368] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  407.799525][T13368] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  407.802849][T13368] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  407.805954][T13368] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  407.906421][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.920928][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.959364][T12505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.962013][T12505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.974835][T13438] can: request_module (can-proto-5) failed.
[  408.402948][T13454] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2440'.
[  408.460570][T13460] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  408.541651][T13463] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2444'.
[  408.613591][T13465] netlink: 212404 bytes leftover after parsing attributes in process `syz.2.2445'.
[  408.694611][T13470] can: request_module (can-proto-5) failed.
[  408.748503][   T56] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  408.939288][   T56] usb 8-1: Using ep0 maxpacket: 16
[  408.943656][   T56] usb 8-1: config 0 has no interfaces?
[  408.946059][   T56] usb 8-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  408.950316][   T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.955910][   T56] usb 8-1: config 0 descriptor??
[  409.148470][   T30] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  409.353483][   T30] usb 7-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  409.356653][   T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  409.359629][   T30] usb 7-1: Product: syz
[  409.361243][   T30] usb 7-1: Manufacturer: syz
[  409.362887][   T30] usb 7-1: SerialNumber: syz
[  409.369198][   T30] usb 7-1: config 0 descriptor??
[  409.372074][T13460] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  409.376471][T13460] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  409.382079][   T30] legousbtower 7-1:0.0: interrupt endpoints not found
[  409.478516][T13482] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2443'.
[  409.589182][T12347] usb 7-1: USB disconnect, device number 33
[  409.858483][ T5203] Bluetooth: hci3: command tx timeout
[  410.508185][T13494] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2453'.
[  410.516394][T13494] binder: 13493:13494 ioctl c0306201 200001c0 returned -14
[  410.622608][T13500] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2454'.
[  410.911141][T13502] can: request_module (can-proto-5) failed.
[  411.108947][T13508] nbd: nbd1 already in use
[  411.718488][   T25] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  411.903901][   T25] usb 7-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  411.907427][   T25] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.917306][   T25] usb 7-1: Product: syz
[  411.919047][   T25] usb 7-1: Manufacturer: syz
[  411.920795][   T25] usb 7-1: SerialNumber: syz
[  411.924452][   T25] usb 7-1: config 0 descriptor??
[  411.928756][   T25] legousbtower 7-1:0.0: interrupt endpoints not found
[  411.948448][ T5203] Bluetooth: hci3: command tx timeout
[  411.978257][T13518] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2460'.
[  411.991025][T13518] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  411.993688][T13518] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  412.003630][T13518] vhci_hcd vhci_hcd.0: Device attached
[  412.008034][T13520] vhci_hcd: cannot find a urb of seqnum 6 max seqnum 0
[  412.016239][T12502] vhci_hcd: stop threads
[  412.017841][T12502] vhci_hcd: release socket
[  412.019663][T12502] vhci_hcd: disconnect device
[  412.134687][ T5265] usb 7-1: USB disconnect, device number 34
[  412.718077][T13536] can: request_module (can-proto-5) failed.
[  412.771016][T13538] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 80
[  413.044649][T13543] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  413.077664][T13544] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 0, id = 0
[  413.081465][T13543] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  413.413564][T13548] syzkaller0: entered promiscuous mode
[  413.415597][T13548] syzkaller0: entered allmulticast mode
[  413.598098][T13550] nbd: nbd0 already in use
[  414.018458][ T5203] Bluetooth: hci3: command tx timeout
[  414.619145][T12347] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  414.816142][T12347] usb 7-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  414.820154][T12347] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.823571][T12347] usb 7-1: Product: syz
[  414.825367][T12347] usb 7-1: Manufacturer: syz
[  414.827170][T12347] usb 7-1: SerialNumber: syz
[  414.837957][T12347] usb 7-1: config 0 descriptor??
[  414.845084][T12347] legousbtower 7-1:0.0: interrupt endpoints not found
[  415.047820][T12347] usb 7-1: USB disconnect, device number 35
[  415.240040][T13576] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2476'.
[  415.334852][T13585] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2478'.
[  416.078108][T13597] nbd: nbd1 already in use
[  416.275404][T13603] syzkaller0: entered promiscuous mode
[  416.277940][T13603] syzkaller0: entered allmulticast mode
[  416.418516][ T5208] Bluetooth: hci3: command 0x0405 tx timeout
[  416.833876][T13609] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2484'.
[  417.848631][ T5358] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  418.033056][ T5358] usb 6-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  418.037036][ T5358] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.048483][ T5358] usb 6-1: Product: syz
[  418.050314][ T5358] usb 6-1: Manufacturer: syz
[  418.052320][ T5358] usb 6-1: SerialNumber: syz
[  418.056213][ T5358] usb 6-1: config 0 descriptor??
[  418.068973][ T5358] legousbtower 6-1:0.0: interrupt endpoints not found
[  418.273667][ T5242] usb 6-1: USB disconnect, device number 36
[  418.755113][ T5208] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  418.762357][ T5208] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  418.766844][ T5208] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  418.787657][ T5208] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  418.794635][ T5208] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  418.798188][ T5208] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  418.834557][T13633] wlan0 speed is unknown, defaulting to 1000
[  418.939615][ T5203] Bluetooth: hci3: unexpected event for opcode 0x2062
[  418.955036][T13642] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2494'.
[  418.965409][T13642] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  418.996235][T13633] chnl_net:caif_netlink_parms(): no params data found
[  419.141793][T13633] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.145048][T13633] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.148431][T13633] bridge_slave_0: entered allmulticast mode
[  419.152423][T13633] bridge_slave_0: entered promiscuous mode
[  419.158008][T13633] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.161376][T13633] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.164004][T13633] bridge_slave_1: entered allmulticast mode
[  419.167164][T13633] bridge_slave_1: entered promiscuous mode
[  419.171556][T13660] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2498'.
[  419.235597][T13633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  419.243305][T13633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  419.324207][T13633] team0: Port device team_slave_0 added
[  419.330783][T13633] team0: Port device team_slave_1 added
[  419.370630][T13633] batman_adv: batadv0: Adding interface: batadv_slave_0
[  419.372794][T13633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.381263][T13633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  419.387352][T13633] batman_adv: batadv0: Adding interface: batadv_slave_1
[  419.391417][T13633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.402742][T13633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  419.467814][T13633] hsr_slave_0: entered promiscuous mode
[  419.472560][T13633] hsr_slave_1: entered promiscuous mode
[  419.475259][T13633] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  419.477554][T13633] Cannot create hsr debugfs directory
[  419.639357][T13633] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.679042][T13666] nbd: nbd1 already in use
[  419.708517][ T4661] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  419.715774][T13633] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.797906][T13633] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.875946][T13633] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.895485][ T4661] usb 7-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  419.898683][ T4661] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.902044][ T4661] usb 7-1: Product: syz
[  419.903490][ T4661] usb 7-1: Manufacturer: syz
[  419.905464][ T4661] usb 7-1: SerialNumber: syz
[  419.909414][ T4661] usb 7-1: config 0 descriptor??
[  419.913480][ T4661] legousbtower 7-1:0.0: interrupt endpoints not found
[  420.013026][T13633] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  420.017899][T13633] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  420.028109][T13633] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  420.033860][T13633] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  420.094106][T13633] 8021q: adding VLAN 0 to HW filter on device bond0
[  420.110564][T13633] 8021q: adding VLAN 0 to HW filter on device team0
[  420.161347][ T5358] bridge0: port 1(bridge_slave_0) entered blocking state
[  420.164469][ T5358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  420.166876][ T4661] usb 7-1: USB disconnect, device number 36
[  420.169306][ T5358] bridge0: port 2(bridge_slave_1) entered blocking state
[  420.172712][ T5358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  420.329041][T13633] 8021q: adding VLAN 0 to HW filter on device batadv0
[  420.380878][T13633] veth0_vlan: entered promiscuous mode
[  420.391552][T13633] veth1_vlan: entered promiscuous mode
[  420.436120][T13633] veth0_macvtap: entered promiscuous mode
[  420.444338][T13633] veth1_macvtap: entered promiscuous mode
[  420.476504][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.481443][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.485632][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.492164][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.496498][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.501048][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.505191][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.510089][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.514282][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.518730][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.524919][T13633] batman_adv: batadv0: Interface activated: batadv_slave_0
[  420.537976][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.543662][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.547958][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.552533][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.556700][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.562498][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.566487][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.570877][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.575032][T13633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.579603][T13633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.585496][T13633] batman_adv: batadv0: Interface activated: batadv_slave_1
[  420.591017][T13678] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  420.600637][T13633] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  420.604477][T13633] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  420.607927][T13633] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  420.612577][T13633] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  420.691836][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  420.695230][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.732908][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  420.735984][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.780276][T13680] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2504'.
[  420.819355][ T5203] Bluetooth: hci2: command tx timeout
[  420.868213][T13680] batman_adv: batadv2: Removing interface: ipvlan1
[  420.872859][T13680] batman_adv: batadv3: Adding interface: ipvlan1
[  420.877680][T13680] batman_adv: batadv3: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.888124][ T5265] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  420.894913][T13680] batman_adv: batadv3: Not using interface ipvlan1 (retrying later): interface not active
[  421.079693][ T5265] usb 6-1: Using ep0 maxpacket: 16
[  421.083985][ T5265] usb 6-1: config 0 has no interfaces?
[  421.086577][ T5265] usb 6-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  421.097219][ T5265] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.116471][ T5265] usb 6-1: config 0 descriptor??
[  421.575327][T13678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  421.586830][T13678] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  421.705013][T13678] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2503'.
[  421.968787][T13707] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2510'.
[  421.983365][T13709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  421.986552][T13709] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  422.629397][T13719] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2514'.
[  422.899753][ T5203] Bluetooth: hci2: command 0x041b tx timeout
[  422.938426][   T30] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  422.978687][ T5208] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  422.983147][ T5208] Bluetooth: hci3: Injecting HCI hardware error event
[  422.986306][ T5208] Bluetooth: hci3: hardware error 0x00
[  423.120067][   T30] usb 5-1: config 27 has an invalid interface number: 8 but max is 0
[  423.123235][   T30] usb 5-1: config 27 has an invalid descriptor of length 76, skipping remainder of the config
[  423.127173][   T30] usb 5-1: config 27 has no interface number 0
[  423.138434][   T30] usb 5-1: too many endpoints for config 27 interface 8 altsetting 6: 53, using maximum allowed: 30
[  423.142548][   T30] usb 5-1: config 27 interface 8 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[  423.147761][   T30] usb 5-1: config 27 interface 8 has no altsetting 0
[  423.168396][   T30] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  423.171854][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.476733][   T30] usb 5-1: string descriptor 0 read error: -71
[  423.485119][   T30] usb 5-1: USB disconnect, device number 37
[  423.620978][T13747] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2520'.
[  423.787097][T13751] nbd: nbd0 already in use
[  424.677905][T13764] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2526'.
[  424.691906][T13764] batman_adv: batadv1: Adding interface: ipvlan1
[  424.694081][T13764] batman_adv: batadv1: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  424.707623][T13764] batman_adv: batadv1: Not using interface ipvlan1 (retrying later): interface not active
[  424.978684][ T5203] Bluetooth: hci2: command 0x041b tx timeout
[  425.059287][ T5208] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  425.437664][T13784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2531'.
[  426.292667][T13794] nbd: nbd3 already in use
[  427.063261][ T5208] Bluetooth: hci2: command 0x041b tx timeout
[  427.629833][T13810] nbd: nbd0 already in use
[  428.128548][T13778] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  428.318490][T13778] usb 7-1: Using ep0 maxpacket: 16
[  428.323128][T13778] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  428.327809][T13778] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  428.332322][T13778] usb 7-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[  428.336779][T13778] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.344517][T13778] usb 7-1: config 0 descriptor??
[  428.558143][T13825] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2542'.
[  428.760573][T13778] usbhid 7-1:0.0: can't add hid device: -71
[  428.763221][T13778] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  428.775527][T13778] usb 7-1: USB disconnect, device number 37
[  429.138538][ T5208] Bluetooth: hci2: command 0x041b tx timeout
[  429.446155][T13835] nbd: nbd0 already in use
[  429.497936][T13833] syzkaller0: entered promiscuous mode
[  429.499941][T13833] syzkaller0: entered allmulticast mode
[  429.975190][T13839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  429.979876][T13839] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  430.657604][T13855] syzkaller0: entered promiscuous mode
[  430.663148][T13855] syzkaller0: entered allmulticast mode
[  430.682254][ T5212] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  430.686146][ T5212] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  430.696385][ T5212] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  430.700900][ T5212] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  430.703836][ T5212] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  430.706567][ T5212] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  430.753462][T13857] wlan0 speed is unknown, defaulting to 1000
[  430.898101][T13857] chnl_net:caif_netlink_parms(): no params data found
[  431.033158][T13857] bridge0: port 1(bridge_slave_0) entered blocking state
[  431.035978][T13857] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.042744][T13857] bridge_slave_0: entered allmulticast mode
[  431.054486][T13857] bridge_slave_0: entered promiscuous mode
[  431.067919][T13857] bridge0: port 2(bridge_slave_1) entered blocking state
[  431.076067][T13857] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.080424][T13857] bridge_slave_1: entered allmulticast mode
[  431.088544][T13857] bridge_slave_1: entered promiscuous mode
[  431.165783][T13857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  431.176413][T13857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  431.342910][T13857] team0: Port device team_slave_0 added
[  431.347756][T13857] team0: Port device team_slave_1 added
[  431.362409][T13870] can: request_module (can-proto-5) failed.
[  431.486925][T13857] batman_adv: batadv0: Adding interface: batadv_slave_0
[  431.490244][T13857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.502791][T13857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  431.539388][T13857] batman_adv: batadv0: Adding interface: batadv_slave_1
[  431.542454][T13857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.556010][T13857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  431.646622][T13857] hsr_slave_0: entered promiscuous mode
[  431.656191][T13857] hsr_slave_1: entered promiscuous mode
[  431.659590][T13857] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  431.662932][T13857] Cannot create hsr debugfs directory
[  431.752604][   T25] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  431.856227][T13857] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.941648][   T25] usb 5-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  431.944978][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.947654][   T25] usb 5-1: Product: syz
[  431.955358][   T25] usb 5-1: Manufacturer: syz
[  431.957023][   T25] usb 5-1: SerialNumber: syz
[  431.960070][   T25] usb 5-1: config 0 descriptor??
[  431.962120][T13857] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.964430][   T25] legousbtower 5-1:0.0: interrupt endpoints not found
[  432.057555][T13857] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.159267][T13857] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.185781][   T25] usb 5-1: USB disconnect, device number 38
[  432.317631][T13857] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  432.324294][T13857] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  432.331690][T13857] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  432.337718][T13857] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  432.401760][T13857] 8021q: adding VLAN 0 to HW filter on device bond0
[  432.417277][T13857] 8021q: adding VLAN 0 to HW filter on device team0
[  432.432565][  T972] bridge0: port 1(bridge_slave_0) entered blocking state
[  432.435028][  T972] bridge0: port 1(bridge_slave_0) entered forwarding state
[  432.454316][  T972] bridge0: port 2(bridge_slave_1) entered blocking state
[  432.456805][  T972] bridge0: port 2(bridge_slave_1) entered forwarding state
[  432.619827][T13857] 8021q: adding VLAN 0 to HW filter on device batadv0
[  432.630177][T13894] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2561'.
[  432.654476][T13857] veth0_vlan: entered promiscuous mode
[  432.665022][T13857] veth1_vlan: entered promiscuous mode
[  432.686290][T13896] can: request_module (can-proto-5) failed.
[  432.687336][T13857] veth0_macvtap: entered promiscuous mode
[  432.693826][T13857] veth1_macvtap: entered promiscuous mode
[  432.706557][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  432.712823][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.716155][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  432.722395][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.725796][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  432.730385][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.734501][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  432.738057][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.738689][ T5212] Bluetooth: hci5: command tx timeout
[  432.742279][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  432.748819][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.752535][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  432.756710][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.762410][T13857] batman_adv: batadv0: Interface activated: batadv_slave_0
[  432.775676][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  432.781845][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.786048][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  432.790666][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.794899][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  432.801293][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.805658][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  432.810232][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.814414][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  432.819560][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.823833][T13857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  432.828274][T13857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.834546][T13857] batman_adv: batadv0: Interface activated: batadv_slave_1
[  432.848181][T13857] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  432.852244][T13857] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  432.855559][T13907] can: request_module (can-proto-5) failed.
[  432.856089][T13857] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  432.863276][T13857] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  432.937962][T12502] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  432.947578][T12502] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  432.967449][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  432.972613][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  433.017378][T13914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2567'.
[  433.100028][T13916] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2552'.
[  433.133300][T13921] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2569'.
[  433.137486][T13923] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  433.143362][T13923] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  433.179597][T13925] Bluetooth: MGMT ver 1.22
[  433.251756][T13932] FAULT_INJECTION: forcing a failure.
[  433.251756][T13932] name failslab, interval 1, probability 0, space 0, times 0
[  433.256085][T13932] CPU: 2 PID: 13932 Comm: syz.1.2572 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  433.260232][T13932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.264950][T13932] Call Trace:
[  433.265301][T13930] can: request_module (can-proto-5) failed.
[  433.266442][T13932]  <TASK>
[  433.269554][T13932]  dump_stack_lvl+0x16c/0x1f0
[  433.271218][T13932]  should_fail_ex+0x497/0x5b0
[  433.272770][T13932]  should_failslab+0x9/0x20
[  433.274335][T13932]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  433.276210][T13932]  ? security_file_alloc+0x41/0x260
[  433.278084][T13932]  security_file_alloc+0x41/0x260
[  433.279865][T13932]  init_file+0x99/0x260
[  433.281289][T13932]  alloc_empty_file+0x91/0x1e0
[  433.282928][T13932]  path_openat+0xe0/0x2e50
[  433.284450][T13932]  ? hlock_class+0x4e/0x130
[  433.286007][T13932]  ? __lock_acquire+0x14f4/0x3b30
[  433.287760][T13932]  ? __pfx_path_openat+0x10/0x10
[  433.289440][T13932]  ? __pfx___lock_acquire+0x10/0x10
[  433.291378][T13932]  ? find_held_lock+0x2d/0x110
[  433.293015][T13932]  do_filp_open+0x1dc/0x430
[  433.294543][T13932]  ? __pfx_do_filp_open+0x10/0x10
[  433.296252][T13932]  ? find_held_lock+0x2d/0x110
[  433.298470][T13932]  ? _raw_spin_unlock+0x28/0x50
[  433.300115][T13932]  ? alloc_fd+0x2d7/0x6c0
[  433.301541][T13932]  do_sys_openat2+0x17a/0x1e0
[  433.303085][T13932]  ? __pfx_do_sys_openat2+0x10/0x10
[  433.304824][T13932]  __ia32_compat_sys_openat+0x16e/0x210
[  433.306668][T13932]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  433.308712][T13932]  ? ksys_write+0x1ab/0x260
[  433.310235][T13932]  __do_fast_syscall_32+0x73/0x120
[  433.311938][T13932]  do_fast_syscall_32+0x32/0x80
[  433.313549][T13932]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  433.315635][T13932] RIP: 0023:0xf742d579
[  433.317195][T13932] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  433.323696][T13932] RSP: 002b:00000000f5d2457c EFLAGS: 00000292 ORIG_RAX: 0000000000000127
[  433.326521][T13932] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000200000c0
[  433.329534][T13932] RDX: 0000000000000802 RSI: 0000000000000000 RDI: 0000000000000000
[  433.332608][T13932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  433.335817][T13932] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  433.339092][T13932] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.342178][T13932]  </TASK>
[  433.562909][T13949] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2579'.
[  433.655137][T13951] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2581'.
[  433.795105][T13959] can: request_module (can-proto-5) failed.
[  433.827108][T13963] tipc: Can't bind to reserved service type 0
[  433.874762][T13967] Error parsing options; rc = [-22]
[  434.067699][T13976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2588'.
[  434.167562][T13980] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  434.170632][T13980] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  434.343582][T13984] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2592'.
[  434.818690][ T5212] Bluetooth: hci5: command 0x041b tx timeout
[  434.861616][T14005] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2599'.
[  435.044650][T14017] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  435.047828][T14017] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  435.409707][T14022] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2605'.
[  435.461438][T14026] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2608'.
[  435.555146][T14027] syzkaller0: entered promiscuous mode
[  435.557158][T14027] syzkaller0: entered allmulticast mode
[  435.594307][T14035] mkiss: ax0: crc mode is auto.
[  435.615148][T14035] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2611'.
[  435.859428][T14039] syzkaller0: entered promiscuous mode
[  435.862766][T14039] syzkaller0: entered allmulticast mode
[  435.956497][T14050] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2617'.
[  435.993916][T14051] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  436.113651][T14054] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2618'.
[  436.133426][T14056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  436.136739][T14056] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  436.798082][T14072] nbd: nbd0 already in use
[  436.847207][   T39] audit: type=1326 audit(1720347543.203:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14074 comm="syz.3.2625" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7442579 code=0x0
[  436.899156][ T5212] Bluetooth: hci5: command 0x041b tx timeout
[  437.112255][T14082] FAULT_INJECTION: forcing a failure.
[  437.112255][T14082] name failslab, interval 1, probability 0, space 0, times 0
[  437.117438][T14082] CPU: 2 PID: 14082 Comm: syz.2.2627 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  437.121461][T14082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  437.125536][T14082] Call Trace:
[  437.126696][T14082]  <TASK>
[  437.127694][T14082]  dump_stack_lvl+0x16c/0x1f0
[  437.129286][T14082]  should_fail_ex+0x497/0x5b0
[  437.130898][T14082]  should_failslab+0x9/0x20
[  437.132429][T14082]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  437.134229][T14082]  ? anon_vma_fork+0x200/0x620
[  437.135904][T14082]  anon_vma_fork+0x200/0x620
[  437.137483][T14082]  copy_mm+0x1a56/0x2680
[  437.138930][T14082]  ? find_held_lock+0x2d/0x110
[  437.140542][T14082]  ? __pfx_copy_mm+0x10/0x10
[  437.142147][T14082]  ? __raw_spin_lock_init+0x3a/0x110
[  437.143990][T14082]  copy_process+0x3ea8/0x6f50
[  437.145606][T14082]  ? __pfx_copy_process+0x10/0x10
[  437.147439][T14082]  ? find_held_lock+0x2d/0x110
[  437.149133][T14082]  kernel_clone+0xfd/0x980
[  437.150869][T14082]  ? __pfx_kernel_clone+0x10/0x10
[  437.152542][T14082]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  437.154502][T14082]  __do_compat_sys_ia32_clone+0xb7/0x100
[  437.156318][T14082]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  437.158372][T14082]  __do_fast_syscall_32+0x73/0x120
[  437.160056][T14082]  do_fast_syscall_32+0x32/0x80
[  437.161649][T14082]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  437.163721][T14082] RIP: 0023:0xf740f579
[  437.165047][T14082] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  437.171394][T14082] RSP: 002b:00000000f5d2752c EFLAGS: 00000202 ORIG_RAX: 0000000000000078
[  437.174165][T14082] RAX: ffffffffffffffda RBX: 0000000000001000 RCX: 0000000000000000
[  437.176797][T14082] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  437.179406][T14082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  437.182049][T14082] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  437.184698][T14082] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  437.187350][T14082]  </TASK>
[  437.359317][T14088] FAULT_INJECTION: forcing a failure.
[  437.359317][T14088] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  437.364109][T14088] CPU: 1 PID: 14088 Comm: syz.2.2630 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  437.367684][T14088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  437.371650][T14088] Call Trace:
[  437.373102][T14088]  <TASK>
[  437.374373][T14088]  dump_stack_lvl+0x16c/0x1f0
[  437.376456][T14088]  should_fail_ex+0x497/0x5b0
[  437.378532][T14088]  copy_fpstate_to_sigframe+0x812/0xaa0
[  437.380744][T14088]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  437.383378][T14088]  ? __pfx_lock_acquire+0x10/0x10
[  437.385225][T14088]  ? do_raw_spin_unlock+0x172/0x230
[  437.387045][T14088]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  437.388989][T14088]  ? find_held_lock+0x2d/0x110
[  437.390821][T14088]  get_sigframe+0x455/0x930
[  437.392809][T14088]  ? __pfx_get_sigframe+0x10/0x10
[  437.394932][T14088]  ? _raw_spin_unlock_irq+0x23/0x50
[  437.397222][T14088]  ? siginfo_layout+0x177/0x290
[  437.399384][T14088]  ia32_setup_rt_frame+0xe4/0xb20
[  437.401598][T14088]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  437.404046][T14088]  arch_do_signal_or_restart+0x47b/0x7e0
[  437.406166][T14088]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  437.408352][T14088]  ? __pfx_do_readv+0x10/0x10
[  437.410071][T14088]  syscall_exit_to_user_mode+0x14a/0x2a0
[  437.412412][T14088]  do_int80_emulation+0x111/0x200
[  437.414589][T14088]  asm_int80_emulation+0x1a/0x20
[  437.416376][T14088] RIP: 0023:0xf740f577
[  437.417830][T14088] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  437.425726][T14088] RSP: 002b:00000000f5d2757c EFLAGS: 00000292 ORIG_RAX: 0000000000000091
[  437.428868][T14088] RAX: 0000000000000091 RBX: 0000000000000003 RCX: 00000000200003c0
[  437.432160][T14088] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  437.434983][T14088] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  437.437812][T14088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  437.440716][T14088] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  437.444128][T14088]  </TASK>
[  437.789578][ T5244] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  437.913875][T14111] can: request_module (can-proto-5) failed.
[  437.985944][T14118] nbd: nbd1 already in use
[  437.988552][T14119] FAULT_INJECTION: forcing a failure.
[  437.988552][T14119] name failslab, interval 1, probability 0, space 0, times 0
[  437.994068][T14119] CPU: 2 PID: 14119 Comm: syz.3.2641 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  437.998443][T14119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  438.003019][T14119] Call Trace:
[  438.004504][T14119]  <TASK>
[  438.005901][T14119]  dump_stack_lvl+0x16c/0x1f0
[  438.007981][T14119]  should_fail_ex+0x497/0x5b0
[  438.010065][T14119]  should_failslab+0x9/0x20
[  438.012124][T14119]  __kmalloc_noprof+0xcf/0x420
[  438.014229][T14119]  ? __pfx_lock_acquire+0x10/0x10
[  438.016322][T14119]  tomoyo_realpath_from_path+0xbf/0x710
[  438.018680][T14119]  ? tomoyo_profile+0x47/0x60
[  438.020727][T14119]  tomoyo_path_number_perm+0x245/0x5b0
[  438.023135][T14119]  ? tomoyo_path_number_perm+0x232/0x5b0
[  438.025492][T14119]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  438.027920][T14119]  ? __pfx_lock_release+0x10/0x10
[  438.030092][T14119]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  438.032693][T14119]  ? __fget_files+0x256/0x400
[  438.034848][T14119]  security_file_ioctl_compat+0x75/0xc0
[  438.037074][T14119]  __do_compat_sys_ioctl+0x5d/0x330
[  438.039282][T14119]  __do_fast_syscall_32+0x73/0x120
[  438.041521][T14119]  do_fast_syscall_32+0x32/0x80
[  438.043704][T14119]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  438.046401][T14119] RIP: 0023:0xf7442579
[  438.048175][T14119] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  438.056697][T14119] RSP: 002b:00000000f5d5a57c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  438.060409][T14119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040045701
[  438.063836][T14119] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  438.067082][T14119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  438.070545][T14119] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  438.073991][T14119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  438.077639][T14119]  </TASK>
[  438.079166][    C2] vkms_vblank_simulate: vblank timer overrun
[  438.087148][T14119] ERROR: Out of memory at tomoyo_realpath_from_path.
[  438.089546][ T5244] usb 7-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  438.089575][ T5244] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  438.089594][ T5244] usb 7-1: Product: syz
[  438.089606][ T5244] usb 7-1: Manufacturer: syz
[  438.089619][ T5244] usb 7-1: SerialNumber: syz
[  438.091283][ T5244] usb 7-1: config 0 descriptor??
[  438.106634][ T5244] legousbtower 7-1:0.0: interrupt endpoints not found
[  438.118641][T14122] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  438.121399][T14122] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  438.125137][T14122] vhci_hcd vhci_hcd.0: Device attached
[  438.129680][T14123] vhci_hcd: connection closed
[  438.129887][ T1090] vhci_hcd: stop threads
[  438.133060][ T1090] vhci_hcd: release socket
[  438.134665][ T1090] vhci_hcd: disconnect device
[  438.316181][T12347] usb 7-1: USB disconnect, device number 38
[  438.819393][T14127] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  438.822239][T14127] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  438.826026][T14127] vhci_hcd vhci_hcd.0: Device attached
[  438.863949][T14129] vhci_hcd: connection closed
[  438.868024][   T63] vhci_hcd: stop threads
[  438.874852][   T63] vhci_hcd: release socket
[  438.876479][   T63] vhci_hcd: disconnect device
[  438.978952][ T5208] Bluetooth: hci5: command 0x041b tx timeout
[  439.255985][T14144] can: request_module (can-proto-5) failed.
[  439.606229][T14154] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  439.634900][T14154] FAULT_INJECTION: forcing a failure.
[  439.634900][T14154] name failslab, interval 1, probability 0, space 0, times 0
[  439.658444][T14154] CPU: 1 PID: 14154 Comm: syz.3.2651 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  439.661866][T14154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  439.665498][T14154] Call Trace:
[  439.666724][T14154]  <TASK>
[  439.667719][T14154]  dump_stack_lvl+0x16c/0x1f0
[  439.669385][T14154]  should_fail_ex+0x497/0x5b0
[  439.671198][T14154]  should_failslab+0x9/0x20
[  439.673026][T14154]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  439.675317][T14154]  ? do_raw_spin_lock+0x12d/0x2c0
[  439.677067][T14154]  ? configfs_new_dirent+0x52/0x400
[  439.678823][T14154]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  439.680710][T14154]  configfs_new_dirent+0x52/0x400
[  439.682371][T14154]  configfs_dir_open+0x104/0x1e0
[  439.684051][T14154]  do_dentry_open+0x91f/0x15f0
[  439.685775][T14154]  ? __pfx_configfs_dir_open+0x10/0x10
[  439.687831][T14154]  ? lockdep_hardirqs_on+0x7c/0x110
[  439.689873][T14154]  vfs_open+0x82/0x3f0
[  439.691562][T14154]  dentry_open+0x71/0xd0
[  439.693291][T14154]  ovl_path_open+0x198/0x1f0
[  439.695219][T14154]  ovl_dir_read_merged+0x359/0x5d0
[  439.697310][T14154]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[  439.699591][T14154]  ? __pfx_ovl_fill_merge+0x10/0x10
[  439.701730][T14154]  ? kasan_save_track+0x14/0x30
[  439.703716][T14154]  ovl_iterate+0x885/0xe60
[  439.705557][T14154]  ? down_read_killable+0xcc/0x380
[  439.707645][T14154]  ? __pfx_ovl_iterate+0x10/0x10
[  439.709646][T14154]  wrap_directory_iterator+0xa5/0xe0
[  439.711776][T14154]  iterate_dir+0x53e/0xb60
[  439.713720][T14154]  __ia32_sys_getdents64+0x14f/0x2e0
[  439.715880][T14154]  ? __pfx___ia32_sys_getdents64+0x10/0x10
[  439.718262][T14154]  ? __pfx_filldir64+0x10/0x10
[  439.720238][T14154]  ? syscall_user_dispatch+0x77/0x140
[  439.722413][T14154]  __do_fast_syscall_32+0x73/0x120
[  439.724523][T14154]  do_fast_syscall_32+0x32/0x80
[  439.726520][T14154]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  439.729106][T14154] RIP: 0023:0xf7442579
[  439.730756][T14154] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  439.738444][T14154] RSP: 002b:00000000f5d3957c EFLAGS: 00000292 ORIG_RAX: 00000000000000dc
[  439.741807][T14154] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000f80
[  439.744971][T14154] RDX: 0000000000000300 RSI: 0000000000000000 RDI: 0000000000000000
[  439.748135][T14154] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  439.751334][T14154] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  439.754515][T14154] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  439.757777][T14154]  </TASK>
[  439.907546][T14157] nbd: nbd0 already in use
[  440.040121][T14162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  440.043365][T14162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  440.300221][T14168] NILFS (nbd2): device size too small
[  440.304612][T14168] __nla_validate_parse: 1 callbacks suppressed
[  440.304629][T14168] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2656'.
[  440.343082][T14171] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  440.441911][T14173] can: request_module (can-proto-5) failed.
[  440.583282][T14181] can: request_module (can-proto-5) failed.
[  440.677172][T14185] Process accounting resumed
[  440.701991][T14189] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2663'.
[  440.707752][T14190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  440.718785][T14190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  440.739316][T14195] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  441.058591][ T5208] Bluetooth: hci5: command 0x041b tx timeout
[  441.728541][   T56] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  441.848745][T14223] can: request_module (can-proto-5) failed.
[  441.924337][T14229] MTD: Couldn't look up './file0': -15
[  441.927564][ T5208] Bluetooth: hci2: SCO packet for unknown connection handle 0
[  441.927812][T14229] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2674'.
[  441.932595][   T56] usb 5-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  441.935253][T14231] nbd: nbd1 already in use
[  441.937355][   T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.937376][   T56] usb 5-1: Product: syz
[  441.937391][   T56] usb 5-1: Manufacturer: syz
[  441.937404][   T56] usb 5-1: SerialNumber: syz
[  441.949485][   T56] usb 5-1: config 0 descriptor??
[  441.953692][   T56] legousbtower 5-1:0.0: interrupt endpoints not found
[  442.099936][T14238] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  442.161713][   T56] usb 5-1: USB disconnect, device number 39
[  442.376120][T14244] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2677'.
[  443.138718][ T5208] Bluetooth: hci5: command 0x041b tx timeout
[  443.345844][T14265] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  443.735801][T14281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  443.741652][T14281] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  443.746888][T14283] nbd: nbd0 already in use
[  443.994081][   T39] audit: type=1326 audit(1720347550.353:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.2682" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7442579 code=0x7fc00000
[  444.154308][T14290] syzkaller0: entered promiscuous mode
[  444.156561][T14290] syzkaller0: entered allmulticast mode
[  444.382707][T14294] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  444.668259][T14300] xt_NFQUEUE: number of queues (257) out of range (got 65786)
[  445.140063][ T5265] hid-generic 0000:0000:0000.0006: unknown main item tag 0x7
[  445.142767][ T5265] hid-generic 0000:0000:0000.0006: ignoring exceeding usage max
[  445.145690][ T5265] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  445.148707][ T5265] hid-generic 0000:0000:0000.0006: unknown main item tag 0x4
[  445.151219][ T5265] hid-generic 0000:0000:0000.0006: item fetching failed at offset 38/43
[  445.154630][ T5265] hid-generic 0000:0000:0000.0006: probe with driver hid-generic failed with error -22
[  445.384815][ T1353] ieee802154 phy0 wpan0: encryption failed: -22
[  445.387651][ T1353] ieee802154 phy1 wpan1: encryption failed: -22
[  445.718546][   T55] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  445.911429][   T55] usb 5-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=16.08
[  445.918538][   T55] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.921248][   T55] usb 5-1: Product: syz
[  445.922690][   T55] usb 5-1: Manufacturer: syz
[  445.924267][   T55] usb 5-1: SerialNumber: syz
[  445.937505][   T55] usb 5-1: config 0 descriptor??
[  445.947846][   T55] legousbtower 5-1:0.0: interrupt endpoints not found
[  446.154109][ T5265] usb 5-1: USB disconnect, device number 40
[  446.403018][T14325] FAULT_INJECTION: forcing a failure.
[  446.403018][T14325] name failslab, interval 1, probability 0, space 0, times 0
[  446.410451][T14325] CPU: 1 PID: 14325 Comm: syz.2.2700 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  446.415009][T14325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  446.419790][T14325] Call Trace:
[  446.421317][T14325]  <TASK>
[  446.422662][T14325]  dump_stack_lvl+0x16c/0x1f0
[  446.424962][T14325]  should_fail_ex+0x497/0x5b0
[  446.427087][T14325]  should_failslab+0x9/0x20
[  446.429121][T14325]  __kmalloc_noprof+0xcf/0x420
[  446.431280][T14325]  ? __pfx_d_absolute_path+0x10/0x10
[  446.433631][T14325]  tomoyo_encode2+0x100/0x3e0
[  446.435763][T14325]  tomoyo_realpath_from_path+0x1a7/0x710
[  446.438297][T14325]  tomoyo_path_number_perm+0x245/0x5b0
[  446.440780][T14325]  ? tomoyo_path_number_perm+0x232/0x5b0
[  446.443279][T14325]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  446.445950][T14325]  ? __pfx_lock_release+0x10/0x10
[  446.448229][T14325]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  446.450908][T14325]  ? __fget_files+0x256/0x400
[  446.452948][T14325]  security_file_ioctl_compat+0x75/0xc0
[  446.453680][T14327] nbd: nbd3 already in use
[  446.455405][T14325]  __do_compat_sys_ioctl+0x5d/0x330
[  446.459283][T14325]  __do_fast_syscall_32+0x73/0x120
[  446.461584][T14325]  do_fast_syscall_32+0x32/0x80
[  446.463770][T14325]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  446.466589][T14325] RIP: 0023:0xf740f579
[  446.468393][T14325] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  446.476958][T14325] RSP: 002b:00000000f5d2757c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  446.480618][T14325] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0185500
[  446.484103][T14325] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  446.487566][T14325] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  446.491059][T14325] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  446.494546][T14325] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  446.498059][T14325]  </TASK>
[  446.506115][T14325] ERROR: Out of memory at tomoyo_realpath_from_path.
[  446.677602][T14339] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2699'.
[  446.841207][T14346] syzkaller0: entered promiscuous mode
[  446.843402][T14346] syzkaller0: entered allmulticast mode
[  447.393548][T14349] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  447.849110][T14359] bridge0: port 2(bridge_slave_1) entered disabled state
[  447.852206][T14359] bridge0: port 1(bridge_slave_0) entered disabled state
[  447.858995][T14359] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.862142][T14359] bridge0: port 2(bridge_slave_1) entered forwarding state
[  447.866057][T14359] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.868601][T14359] bridge0: port 1(bridge_slave_0) entered forwarding state
[  447.884623][T14359] team0: Port device bridge0 added
[  447.951090][T14352] syzkaller0: entered promiscuous mode
[  447.953066][T14352] syzkaller0: entered allmulticast mode
[  448.465523][T14375] nbd: nbd3 already in use
[  449.388121][T12347] hid-generic 0000:0000:0000.0007: unknown main item tag 0x7
[  449.392501][T12347] hid-generic 0000:0000:0000.0007: ignoring exceeding usage max
[  449.400145][T12347] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  449.402726][T12347] hid-generic 0000:0000:0000.0007: unknown main item tag 0x4
[  449.411722][T12347] hid-generic 0000:0000:0000.0007: item fetching failed at offset 38/43
[  449.418882][T12347] hid-generic 0000:0000:0000.0007: probe with driver hid-generic failed with error -22
[  449.539533][T14390] bridge0: port 2(bridge_slave_1) entered disabled state
[  449.542834][T14390] bridge0: port 1(bridge_slave_0) entered disabled state
[  449.683637][T14392] FAULT_INJECTION: forcing a failure.
[  449.683637][T14392] name failslab, interval 1, probability 0, space 0, times 0
[  449.690516][T14392] CPU: 3 PID: 14392 Comm: syz.3.2718 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  449.694764][T14392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.699112][T14392] Call Trace:
[  449.700306][T14392]  <TASK>
[  449.701401][T14392]  dump_stack_lvl+0x16c/0x1f0
[  449.703383][T14392]  should_fail_ex+0x497/0x5b0
[  449.705137][T14392]  should_failslab+0x9/0x20
[  449.707062][T14392]  __kmalloc_noprof+0xcf/0x420
[  449.709083][T14392]  ? preempt_schedule_thunk+0x1a/0x30
[  449.711338][T14392]  kobject_get_path+0xcb/0x230
[  449.713349][T14392]  kobject_rename+0xcb/0x260
[  449.715312][T14392]  ? __pfx_kobject_rename+0x10/0x10
[  449.717520][T14392]  device_rename+0x131/0x1e0
[  449.719504][T14392]  __dev_change_net_namespace+0xac8/0x1290
[  449.721926][T14392]  ? __pfx___dev_change_net_namespace+0x10/0x10
[  449.724540][T14392]  ? find_held_lock+0x2d/0x110
[  449.726556][T14392]  ? find_held_lock+0x2d/0x110
[  449.728576][T14392]  ? get_net_ns_by_pid+0x184/0x2e0
[  449.730718][T14392]  ? __pfx_lock_release+0x10/0x10
[  449.732379][T14392]  ? do_raw_spin_lock+0x12d/0x2c0
[  449.734038][T14392]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  449.735863][T14392]  cfg802154_switch_netns+0xbf/0x450
[  449.737606][T14392]  nl802154_wpan_phy_netns+0x134/0x2d0
[  449.739404][T14392]  genl_family_rcv_msg_doit+0x202/0x2f0
[  449.741248][T14392]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  449.743259][T14392]  ? security_capable+0x98/0xd0
[  449.744879][T14392]  genl_rcv_msg+0x565/0x800
[  449.746417][T14392]  ? __pfx_genl_rcv_msg+0x10/0x10
[  449.748078][T14392]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  449.749869][T14392]  ? __pfx_nl802154_wpan_phy_netns+0x10/0x10
[  449.752443][T14392]  ? __pfx_nl802154_post_doit+0x10/0x10
[  449.754935][T14392]  ? __pfx___lock_acquire+0x10/0x10
[  449.757278][T14392]  netlink_rcv_skb+0x165/0x410
[  449.759430][T14392]  ? __pfx_genl_rcv_msg+0x10/0x10
[  449.761639][T14392]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  449.763988][T14392]  ? down_read+0xc9/0x330
[  449.765676][T14392]  ? __pfx_down_read+0x10/0x10
[  449.767285][T14392]  ? netlink_deliver_tap+0x1ae/0xcf0
[  449.769049][T14392]  genl_rcv+0x28/0x40
[  449.770438][T14392]  netlink_unicast+0x542/0x820
[  449.772565][T14392]  ? __pfx_netlink_unicast+0x10/0x10
[  449.775002][T14392]  ? __phys_addr_symbol+0x30/0x80
[  449.777298][T14392]  ? __check_object_size+0x48e/0x720
[  449.779667][T14392]  netlink_sendmsg+0x8b8/0xd70
[  449.781813][T14392]  ? __pfx_netlink_sendmsg+0x10/0x10
[  449.784156][T14392]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  449.786523][T14392]  ____sys_sendmsg+0x9b4/0xb50
[  449.788674][T14392]  ? __pfx_____sys_sendmsg+0x10/0x10
[  449.791018][T14392]  ? get_compat_msghdr+0x11b/0x170
[  449.792784][T14392]  ? __pfx___lock_acquire+0x10/0x10
[  449.794501][T14392]  ___sys_sendmsg+0x135/0x1e0
[  449.796064][T14392]  ? __pfx____sys_sendmsg+0x10/0x10
[  449.797768][T14392]  ? ksys_write+0x21c/0x260
[  449.799302][T14392]  ? __fget_light+0x173/0x210
[  449.801008][T14392]  __sys_sendmsg+0x117/0x1f0
[  449.803052][T14392]  ? __pfx___sys_sendmsg+0x10/0x10
[  449.805308][T14392]  __do_fast_syscall_32+0x73/0x120
[  449.807603][T14392]  do_fast_syscall_32+0x32/0x80
[  449.809776][T14392]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  449.812558][T14392] RIP: 0023:0xf7442579
[  449.814382][T14392] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  449.822382][T14392] RSP: 002b:00000000f5d5a57c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  449.825953][T14392] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000780
[  449.829333][T14392] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  449.831962][T14392] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  449.834528][T14392] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  449.837134][T14392] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  449.839707][T14392]  </TASK>
[  449.844565][T14392] ------------[ cut here ]------------
[  449.847019][T14392] WARNING: CPU: 3 PID: 14392 at net/core/dev.c:11431 __dev_change_net_namespace+0x1048/0x1290
[  449.851424][T14392] Modules linked in:
[  449.853219][T14392] CPU: 3 PID: 14392 Comm: syz.3.2718 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  449.860051][T14392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.864707][T14392] RIP: 0010:__dev_change_net_namespace+0x1048/0x1290
[  449.867622][T14392] Code: 50 d2 f8 31 f6 4c 89 e7 e8 85 2b fe ff 89 44 24 28 e9 69 f3 ff ff e8 37 50 d2 f8 90 0f 0b 90 e9 5b fe ff ff e8 29 50 d2 f8 90 <0f> 0b 90 e9 bc fa ff ff bd ea ff ff ff e9 71 f2 ff ff e8 31 78 2f
[  449.876995][T14392] RSP: 0018:ffffc90022ef7380 EFLAGS: 00010293
[  449.879938][T14392] RAX: 0000000000000000 RBX: ffff888019c58000 RCX: ffffffff88bc3923
[  449.883118][T14392] RDX: ffff88801f6c2440 RSI: ffffffff88bc3e67 RDI: 0000000000000005
[  449.885667][T14392] RBP: ffff888019c58734 R08: 0000000000000005 R09: 0000000000000000
[  449.888242][T14392] R10: 00000000fffffff4 R11: 0000000000000003 R12: ffff888047041cc0
[  449.891145][T14392] R13: 00000000fffffff4 R14: ffff888019c58bf0 R15: 1ffff920045dee7e
[  449.894669][T14392] FS:  0000000000000000(0000) GS:ffff88802c300000(0063) knlGS:00000000f5d5ab40
[  449.898708][T14392] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  449.901736][T14392] CR2: 00000000f5d03da4 CR3: 000000002984a000 CR4: 0000000000350ef0
[  449.905260][T14392] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  449.908839][T14392] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  449.911915][T14392] Call Trace:
[  449.913412][T14392]  <TASK>
[  449.914758][T14392]  ? show_regs+0x8c/0xa0
[  449.916676][T14392]  ? __warn+0xe5/0x3c0
[  449.918644][T14392]  ? __dev_change_net_namespace+0x1048/0x1290
[  449.921236][T14392]  ? report_bug+0x3c0/0x580
[  449.923287][T14392]  ? handle_bug+0x3d/0x70
[  449.925221][T14392]  ? exc_invalid_op+0x17/0x50
[  449.927341][T14392]  ? asm_exc_invalid_op+0x1a/0x20
[  449.929529][T14392]  ? __dev_change_net_namespace+0xb03/0x1290
[  449.931654][T14392]  ? __dev_change_net_namespace+0x1047/0x1290
[  449.933717][T14392]  ? __dev_change_net_namespace+0x1048/0x1290
[  449.935750][T14392]  ? __pfx___dev_change_net_namespace+0x10/0x10
[  449.937772][T14392]  ? find_held_lock+0x2d/0x110
[  449.939426][T14392]  ? find_held_lock+0x2d/0x110
[  449.941115][T14392]  ? get_net_ns_by_pid+0x184/0x2e0
[  449.942895][T14392]  ? __pfx_lock_release+0x10/0x10
[  449.944532][T14392]  ? do_raw_spin_lock+0x12d/0x2c0
[  449.946182][T14392]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  449.948248][T14392]  cfg802154_switch_netns+0xbf/0x450
[  449.950704][T14392]  nl802154_wpan_phy_netns+0x134/0x2d0
[  449.953142][T14392]  genl_family_rcv_msg_doit+0x202/0x2f0
[  449.955091][T14392]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  449.957090][T14392]  ? security_capable+0x98/0xd0
[  449.958766][T14392]  genl_rcv_msg+0x565/0x800
[  449.960307][T14392]  ? __pfx_genl_rcv_msg+0x10/0x10
[  449.962500][T14392]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  449.964866][T14392]  ? __pfx_nl802154_wpan_phy_netns+0x10/0x10
[  449.967486][T14392]  ? __pfx_nl802154_post_doit+0x10/0x10
[  449.969942][T14392]  ? __pfx___lock_acquire+0x10/0x10
[  449.971956][T14392]  netlink_rcv_skb+0x165/0x410
[  449.973521][T14392]  ? __pfx_genl_rcv_msg+0x10/0x10
[  449.975230][T14392]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  449.976981][T14392]  ? down_read+0xc9/0x330
[  449.978463][T14392]  ? __pfx_down_read+0x10/0x10
[  449.980059][T14392]  ? netlink_deliver_tap+0x1ae/0xcf0
[  449.981849][T14392]  genl_rcv+0x28/0x40
[  449.983565][T14392]  netlink_unicast+0x542/0x820
[  449.985191][T14392]  ? __pfx_netlink_unicast+0x10/0x10
[  449.986969][T14392]  ? __phys_addr_symbol+0x30/0x80
[  449.988679][T14392]  ? __check_object_size+0x48e/0x720
[  449.990427][T14392]  netlink_sendmsg+0x8b8/0xd70
[  449.992105][T14392]  ? __pfx_netlink_sendmsg+0x10/0x10
[  449.993823][T14392]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  449.995638][T14392]  ____sys_sendmsg+0x9b4/0xb50
[  449.997214][T14392]  ? __pfx_____sys_sendmsg+0x10/0x10
[  449.999018][T14392]  ? get_compat_msghdr+0x11b/0x170
[  450.000736][T14392]  ? __pfx___lock_acquire+0x10/0x10
[  450.002495][T14392]  ___sys_sendmsg+0x135/0x1e0
[  450.004055][T14392]  ? __pfx____sys_sendmsg+0x10/0x10
[  450.005824][T14392]  ? ksys_write+0x21c/0x260
[  450.007336][T14392]  ? __fget_light+0x173/0x210
[  450.008958][T14392]  __sys_sendmsg+0x117/0x1f0
[  450.010520][T14392]  ? __pfx___sys_sendmsg+0x10/0x10
[  450.012258][T14392]  __do_fast_syscall_32+0x73/0x120
[  450.013938][T14392]  do_fast_syscall_32+0x32/0x80
[  450.015608][T14392]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  450.017678][T14392] RIP: 0023:0xf7442579
[  450.019121][T14392] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  450.026782][T14392] RSP: 002b:00000000f5d5a57c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  450.030261][T14392] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000780
[  450.033442][T14392] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  450.036421][T14392] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  450.039764][T14392] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  450.042531][T14392] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  450.045245][T14392]  </TASK>
[  450.046297][T14392] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  450.048770][T14392] CPU: 3 PID: 14392 Comm: syz.3.2718 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  450.052260][T14392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  450.055983][T14392] Call Trace:
[  450.057120][T14392]  <TASK>
[  450.058135][T14392]  dump_stack_lvl+0x3d/0x1f0
[  450.059735][T14392]  panic+0x6f5/0x7a0
[  450.061111][T14392]  ? __pfx_panic+0x10/0x10
[  450.062629][T14392]  ? show_trace_log_lvl+0x363/0x500
[  450.064400][T14392]  ? check_panic_on_warn+0x1f/0xb0
[  450.066138][T14392]  ? __dev_change_net_namespace+0x1048/0x1290
[  450.068392][T14392]  check_panic_on_warn+0xab/0xb0
[  450.070083][T14392]  __warn+0xf1/0x3c0
[  450.071726][T14392]  ? __dev_change_net_namespace+0x1048/0x1290
[  450.074277][T14392]  report_bug+0x3c0/0x580
[  450.075805][T14392]  handle_bug+0x3d/0x70
[  450.077225][T14392]  exc_invalid_op+0x17/0x50
[  450.078805][T14392]  asm_exc_invalid_op+0x1a/0x20
[  450.080423][T14392] RIP: 0010:__dev_change_net_namespace+0x1048/0x1290
[  450.082780][T14392] Code: 50 d2 f8 31 f6 4c 89 e7 e8 85 2b fe ff 89 44 24 28 e9 69 f3 ff ff e8 37 50 d2 f8 90 0f 0b 90 e9 5b fe ff ff e8 29 50 d2 f8 90 <0f> 0b 90 e9 bc fa ff ff bd ea ff ff ff e9 71 f2 ff ff e8 31 78 2f
[  450.089228][T14392] RSP: 0018:ffffc90022ef7380 EFLAGS: 00010293
[  450.091444][T14392] RAX: 0000000000000000 RBX: ffff888019c58000 RCX: ffffffff88bc3923
[  450.094077][T14392] RDX: ffff88801f6c2440 RSI: ffffffff88bc3e67 RDI: 0000000000000005
[  450.096794][T14392] RBP: ffff888019c58734 R08: 0000000000000005 R09: 0000000000000000
[  450.099512][T14392] R10: 00000000fffffff4 R11: 0000000000000003 R12: ffff888047041cc0
[  450.102289][T14392] R13: 00000000fffffff4 R14: ffff888019c58bf0 R15: 1ffff920045dee7e
[  450.104964][T14392]  ? __dev_change_net_namespace+0xb03/0x1290
[  450.107034][T14392]  ? __dev_change_net_namespace+0x1047/0x1290
[  450.109079][T14392]  ? __pfx___dev_change_net_namespace+0x10/0x10
[  450.111568][T14392]  ? find_held_lock+0x2d/0x110
[  450.113726][T14392]  ? find_held_lock+0x2d/0x110
[  450.115788][T14392]  ? get_net_ns_by_pid+0x184/0x2e0
[  450.117504][T14392]  ? __pfx_lock_release+0x10/0x10
[  450.119090][T14392]  ? do_raw_spin_lock+0x12d/0x2c0
[  450.120813][T14392]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  450.122794][T14392]  cfg802154_switch_netns+0xbf/0x450
[  450.124551][T14392]  nl802154_wpan_phy_netns+0x134/0x2d0
[  450.126406][T14392]  genl_family_rcv_msg_doit+0x202/0x2f0
[  450.128251][T14392]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  450.130261][T14392]  ? security_capable+0x98/0xd0
[  450.131903][T14392]  genl_rcv_msg+0x565/0x800
[  450.133389][T14392]  ? __pfx_genl_rcv_msg+0x10/0x10
[  450.135045][T14392]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  450.136889][T14392]  ? __pfx_nl802154_wpan_phy_netns+0x10/0x10
[  450.138852][T14392]  ? __pfx_nl802154_post_doit+0x10/0x10
[  450.141107][T14392]  ? __pfx___lock_acquire+0x10/0x10
[  450.143362][T14392]  netlink_rcv_skb+0x165/0x410
[  450.145408][T14392]  ? __pfx_genl_rcv_msg+0x10/0x10
[  450.147455][T14392]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  450.149610][T14392]  ? down_read+0xc9/0x330
[  450.151346][T14392]  ? __pfx_down_read+0x10/0x10
[  450.152965][T14392]  ? netlink_deliver_tap+0x1ae/0xcf0
[  450.155051][T14392]  genl_rcv+0x28/0x40
[  450.156567][T14392]  netlink_unicast+0x542/0x820
[  450.158520][T14392]  ? __pfx_netlink_unicast+0x10/0x10
[  450.160799][T14392]  ? __phys_addr_symbol+0x30/0x80
[  450.163024][T14392]  ? __check_object_size+0x48e/0x720
[  450.165381][T14392]  netlink_sendmsg+0x8b8/0xd70
[  450.167539][T14392]  ? __pfx_netlink_sendmsg+0x10/0x10
[  450.169882][T14392]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  450.172144][T14392]  ____sys_sendmsg+0x9b4/0xb50
[  450.173804][T14392]  ? __pfx_____sys_sendmsg+0x10/0x10
[  450.175618][T14392]  ? get_compat_msghdr+0x11b/0x170
[  450.177341][T14392]  ? __pfx___lock_acquire+0x10/0x10
[  450.179114][T14392]  ___sys_sendmsg+0x135/0x1e0
[  450.180801][T14392]  ? __pfx____sys_sendmsg+0x10/0x10
[  450.183130][T14392]  ? ksys_write+0x21c/0x260
[  450.184945][T14392]  ? __fget_light+0x173/0x210
[  450.186547][T14392]  __sys_sendmsg+0x117/0x1f0
[  450.188102][T14392]  ? __pfx___sys_sendmsg+0x10/0x10
[  450.190080][T14392]  __do_fast_syscall_32+0x73/0x120
[  450.192337][T14392]  do_fast_syscall_32+0x32/0x80
[  450.194459][T14392]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  450.196950][T14392] RIP: 0023:0xf7442579
[  450.198600][T14392] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  450.206617][T14392] RSP: 002b:00000000f5d5a57c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  450.210261][T14392] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000780
[  450.213746][T14392] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  450.216446][T14392] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  450.219103][T14392] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  450.222050][T14392] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  450.224724][T14392]  </TASK>
[  450.226262][T14392] Kernel Offset: disabled
[  450.227852][T14392] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:19:16  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000006 RBX=ffff88802c229540 RCX=1ffffffff283f895 RDX=0000000000000000
RSI=ffffffff8b2cb9e0 RDI=ffffffff8b8fb620 RBP=0000000000000246 RSP=ffffc90000e3f6f0
R8 =0000000000000001 R9 =fffffbfff283e65a R10=ffffffff941f32d7 R11=0000000000000001
R12=0000000000000000 R13=ffffc90000e3f8c8 R14=0000000000000001 R15=0000000000000002
RIP=ffffffff8adfb7d4 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002de14ff8 CR3=00000000289e6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000003fffffff7 00000094fffffff7
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000189eb51 RBX=0000000000000001 RCX=ffffffff8adc1c39 RDX=0000000000000000
RSI=ffffffff8b2cb9e0 RDI=ffffffff8b8fb620 RBP=ffffed1002c7a910 RSP=ffffc90000477e08
R8 =0000000000000001 R9 =ffffed1005826fdd R10=ffff88802c137eeb R11=0000000000000000
R12=0000000000000001 R13=ffff8880163d4880 R14=ffffffff8fe29550 R15=0000000000000000
RIP=ffffffff8adc302f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002de0eff8 CR3=00000000289e6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88801b3ad388 RCX=00000000a7ee1e88 RDX=1ffff11003675a75
RSI=00000000d1003d2c RDI=ffff88801b3ad3a8 RBP=ffffffff94235658 RSP=ffffc90003267538
R8 =0000000000000000 R9 =fffffbfff283e663 R10=ffffffff941f331f R11=0000000000000001
R12=ffffed1003675a6b R13=00000000000002ed R14=ffff88801b3ad388 R15=0000000000000003
RIP=ffffffff816bcae9 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7c45498d00 ffffffff 00c00000
GS =0000 ffff88802c200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000557d98b3d000 CR3=000000001cbb6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=03f470e903f470e9 03f470e903f470e9 03f470e903f470e9 03f470e903f470e9 03f470e903f470e9 03f470e903f470e9 03f470e903f470e9 03f470e903f470e9
ZMM22=de453b3ede453b3e de453b3ede453b3e de453b3ede453b3e de453b3ede453b3e de453b3ede453b3e de453b3ede453b3e de453b3ede453b3e de453b3ede453b3e
ZMM23=d6d16c9fd6d16c9f d6d16c9fd6d16c9f d6d16c9fd6d16c9f d6d16c9fd6d16c9f d6d16c9fd6d16c9f d6d16c9fd6d16c9f d6d16c9fd6d16c9f d6d16c9fd6d16c9f
ZMM24=c6b6f20bc6b6f20b c6b6f20bc6b6f20b c6b6f20bc6b6f20b c6b6f20bc6b6f20b c6b6f20bc6b6f20b c6b6f20bc6b6f20b c6b6f20bc6b6f20b c6b6f20bc6b6f20b
ZMM25=a80bd3faa80bd3fa a80bd3faa80bd3fa a80bd3faa80bd3fa a80bd3faa80bd3fa a80bd3faa80bd3fa a80bd3faa80bd3fa a80bd3faa80bd3fa a80bd3faa80bd3fa
ZMM26=c06b5551c06b5551 c06b5551c06b5551 c06b5551c06b5551 c06b5551c06b5551 c06b5551c06b5551 c06b5551c06b5551 c06b5551c06b5551 c06b5551c06b5551
ZMM27=a8927c2aa8927c2a a8927c2aa8927c2a a8927c2aa8927c2a a8927c2aa8927c2a a8927c2aa8927c2a a8927c2aa8927c2a a8927c2aa8927c2a a8927c2aa8927c2a
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=9a1100009a110000 9a1100009a110000 9a1100009a110000 9a1100009a110000 9a1100009a110000 9a1100009a110000 9a1100009a110000 9a1100009a110000
info registers vcpu 3

CPU#3
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff84f94590 RDI=ffffffff94d59e00 RBP=ffffffff94d59dc0 RSP=ffffc90022ef6d18
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000006
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff29ab412 R15=dffffc0000000000
RIP=ffffffff84f945b7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5d03da4 CR3=000000002984a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000