last executing test programs:

29.914561396s ago: executing program 3 (id=2777):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x5, &(0x7f00000001c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10)
lsetxattr$security_capability(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180)=@v2={0x2000000, [{0x9, 0x6}, {0x0, 0x1c0}]}, 0x14, 0x2)
fchdir(r1)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f000000b5c0)={0x8, 0x3, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, &(0x7f0000000700)={"b3c9efd887059b68f5766f059c7f9af2e7007393402bfd1811346676c18aa139ae61beb20038bb88a4d4e24d80384fdc581d4b856d1f3b81f787cfaf6f46933a53fd2cbccdba9e52a43bfdaac02b5656cc1006182e0fa24175a29bf7975df6f505ee2a5be588f8618b88dbae25d2c18b133cce9c1640a101c64fb7100d2594b0526b33c7d86109032b528ba4d08c5d80279d07939305791dac15d07e70bece577440ac0c5876aab61e03a1cfb2f6860db94b5f3e41a595eec89aa62cd9737d132e6c322d0ca45171be7214c98fa25225f24c160c2457b95d466f070c849a03acd6b326eabb4e64cfd3dd26fc6ab7ea8cd7365fecb650af3c51613e4cf893c44efbf92c63a769ee2835f1f238cdd007e2edd6f659bf11684397769ae757c62e076a7a212fb8ffe50a989d91ad4870b5d26ff277df2fa96300af6d481139afea12b6ca0dc2cc7351855072ffda9e32335e8b66a7fe304a6041291cc6ef90fbdf448d78042d1701dd411a9ad8441a4acac6e4a637460bf4be6e4c237220d29934d5de436818116cdb727e243a4548a9fed8f8c88a0f5954c75bbc4bc6283732c9759c44b9319a5ebcbb7644fb876f2c12bf529b5b777bd9974d6b495a65c24e4b9b7bb7622bfa6cb3ef070c505f59fb9f6de0052f359e2b0add4fd1e6e78db12508577141ba6d5128799673140ceafccde0cc9fe6bdf0c0907cfe71c7ce29de748289eac65d6fe2eece2545b42c78e38aea5a4db6e293b68f29c9e75e7cd7107dd8dffd103fd8362823ac2fff64e423354965892d32ae1c896dc06ba3236b08e5f97950e8498bc04ea9d24161e43193b145828299afa7f4e60d74862bbc9c6d16e6287b3f2f03ccb355b79922636e2bedc744010c4558141aef7681109acfbb847828a359387ec67c62432e70f35922768df329c9d5384deed2f94dd3aa8cdbe351d6258457caf7a66b97baf687548e899686a25ce8403ca0325e123b93e4652218ad7df640ff733a22d647f7803884d95fd84953786c9c6d7a3ebe1d5d84edabf2d813cc0797a72e3630da76b673ea314da55f04d5bfe66ed48f66f284cbb953422078ac3f339a77ae7fa0407ac5afec2ecee929070305d0b668cb718da0f5f6b9568d7ac286e4274d9bddb1ed1e29366f24f60a349692936e93b33b83fee8d00cfc8c74e98112ec5d4be6680dda5695bc30d93c9f9a3afda00b118d5a78f6e2ac3eafe64018951d1cfe67bff98ca44f03bc1ed4ff406c0f4acc528079299d3358416530c4443e1fb28c072e590a848df46ba08289e1e2c72bd08c40aaa344342c5701ec96488ad33e45f92771dcbf3a6fb87e23b5a22a39d0875da9878234d2160f8acf73e91e7ebacc365655deae2c07bfe5c30134bee287454867ca1a6d5ab7a3406265e5470eec9e7904650782c6a4ba6323265c5e03ea81f702ade93d60cd"})
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

29.914407551s ago: executing program 3 (id=2778):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x409, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_PROXYARP={0x5, 0xa, 0x1}]}}}]}, 0x44}}, 0x20000080) (fail_nth: 2)

29.75452755s ago: executing program 3 (id=2780):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = fcntl$dupfd(r3, 0x0, r3)
write$sndseq(r4, &(0x7f0000000180)=[{0x0, 0x3, 0x0, 0x0, @tick, {}, {}, @connect={{0xfd, 0x4}, {0x2, 0x6}}}, {0x0, 0x0, 0x0, 0x0, @time={0x2, 0x500}, {}, {0x0, 0x40}, @time}], 0x38)
read$char_usb(r4, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000440)='1', 0x1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74)
r6 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r7 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2)
ftruncate(r7, 0x1000006)
fcntl$addseals(r7, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r6, 0x40187542, &(0x7f0000000000)={r7, 0x0, 0x0, 0x1000000})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x335, @tick=0x6, 0x0, {}, 0x6})
tkill(0x0, 0x7)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

29.080134768s ago: executing program 3 (id=2783):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=0xffffffffffffffff, 0x4)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000600)='projid_map\x00')
preadv(r0, &(0x7f00000021c0)=[{&(0x7f0000002180)=""/18, 0x12}], 0x1, 0x10001, 0x7)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
syz_emit_ethernet(0x82, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa77b6d4f11b3286dd60100000004c2b00fe8000000000000000000200000000bbfe8000000000000000000000000000aa6700000000d4212821"], 0x0)
write$sndseq(r0, &(0x7f0000001480)=[{0x1, 0x1, 0x3, 0x4b, @tick=0xa0000, {0x5, 0x9}, {0x1, 0x32}, @queue={0x0, {0xf, 0x34635f7d}}}], 0x1c)
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x20}, [@TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x58}}, 0x4840)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001380)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000faffffff0000000000000000850000002c000000850000000700000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[], 0x10}, 0x1, 0x0, 0x0, 0x20001091}, 0x2004e804)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f9ff000085000000860000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x1000, &(0x7f0000000240)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r4, r9, 0x5, 0x0, 0x0, @void, @value}, 0x10)
openat$cgroup_root(0xffffff9c, &(0x7f0000001440)='./cgroup/syz1\x00', 0x200002, 0x0)
close(0x4)

29.016607995s ago: executing program 3 (id=2784):
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="b40500849b000000000071102300000000001c700000000000009500000000000000e0b43a052bf4ac5105d11e7ec01e8e21d3f025433b313e8ad14c4773aa3a6b344e2e1739de14f8"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x41, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x0, 0xfffffffe, 0x8}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x80)
ioctl$I2C_PEC(r0, 0x708, 0x2)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000100)={0x0, 0x4, 0x5, &(0x7f0000000080)={0x6, "14a6c63d876ff44271f1aca6e4482718dab7299602aed83463604d70b41d4008e3"}})
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x0, 0x8010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, 0x0, 0x0, 0x0)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14a}})
socket$nl_route(0x10, 0x3, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
dup(r5)
r6 = dup(r4)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
pselect6(0x40, &(0x7f0000000600)={0x6, 0x0, 0x0, 0x40, 0x2, 0xd, 0x0, 0x7}, 0x0, &(0x7f0000000680)={0x7ff, 0x7, 0x9, 0x7, 0x7, 0x0, 0x5, 0x7}, 0x0, 0x0)
ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000100))
ioctl$TCSETS2(r3, 0x402c542b, &(0x7f0000000180)={0xffff7523, 0x281, 0x2020007e, 0x0, 0xfe, "f06fca79066e3af41f7096533f0c683cc267a0", 0x47})

28.363721953s ago: executing program 3 (id=2789):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x6}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67200000000000150600000fff070067070000200000006a0200000ee60000bf250000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff3d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba4580047a9dc88de358ce795731891a2031de4e09740c64e5506f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfadfe6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a97677400ef0bd697d135324ce480c2960344de346bd511dea4ff7a07400b2d12dd1a8c4c300aee5f948777085ca142b79dfc3aca5fadaa0532ab0572169f68584ff2ee063bc7e75ecd5cc8973464629ba236e3ff97f6033d0800000000000000cef54a60aff12590a50ef147e3e640193d00263003a4ef412420a070dd0327e47c8c7abb77b4b53874788d7e2e5d554de4713db957afb56d4673f1b904c5a317d3670003000000183fb7d36e173044f4ab34"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000400)={r5, r0}, 0xc)
r6 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000200000040000180060001000a00000008000500000000000c000700000000000000000008000900710000000700060072720000080008"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x3, {0x8000, 0x1000, 0x4, 0x2}})
syz_io_uring_submit(0x0, 0x0, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x4)
write(r9, &(0x7f0000000140)="29000000140005b7ff00000004eabdeb0101b6ff02159f7e5520756b0f33b49db96ad24d12595fbea5", 0x29)
ioctl$CDROMMULTISESSION(0xffffffffffffffff, 0x5310, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

28.274057767s ago: executing program 32 (id=2789):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x6}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67200000000000150600000fff070067070000200000006a0200000ee60000bf250000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff3d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba4580047a9dc88de358ce795731891a2031de4e09740c64e5506f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfadfe6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a97677400ef0bd697d135324ce480c2960344de346bd511dea4ff7a07400b2d12dd1a8c4c300aee5f948777085ca142b79dfc3aca5fadaa0532ab0572169f68584ff2ee063bc7e75ecd5cc8973464629ba236e3ff97f6033d0800000000000000cef54a60aff12590a50ef147e3e640193d00263003a4ef412420a070dd0327e47c8c7abb77b4b53874788d7e2e5d554de4713db957afb56d4673f1b904c5a317d3670003000000183fb7d36e173044f4ab34"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000400)={r5, r0}, 0xc)
r6 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000200000040000180060001000a00000008000500000000000c000700000000000000000008000900710000000700060072720000080008"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x3, {0x8000, 0x1000, 0x4, 0x2}})
syz_io_uring_submit(0x0, 0x0, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x4)
write(r9, &(0x7f0000000140)="29000000140005b7ff00000004eabdeb0101b6ff02159f7e5520756b0f33b49db96ad24d12595fbea5", 0x29)
ioctl$CDROMMULTISESSION(0xffffffffffffffff, 0x5310, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

4.546607335s ago: executing program 2 (id=2905):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x3, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
write$dsp(0xffffffffffffffff, &(0x7f0000002000)='`', 0x88020)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0) (fail_nth: 9)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x24000040)

4.152187575s ago: executing program 2 (id=2906):
socket(0x1e, 0x4, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_add_memb(r0, 0x107, 0x2, &(0x7f00000005c0)={0x0, 0x1, 0x20, @local}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
clock_gettime(0xfffffffffffffff1, &(0x7f0000000000))
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400000034000900000000000140000002000000e90be83a27b10e50ff18311e13352e9bfa49f46e70a739049c57a982518429aceb09d77f10ccc0e01afd3ea2a5795594405e37feb7a126d6cc13ef790857d0e94fb6e393b0b540980a020c70ad42a7a4062f469d107ec396156f77e167854ae3ff48e4111bd07a550f5d93a4d5fad36ddf1a170c4b4b"], 0x14}, 0x1, 0x0, 0x0, 0x4841}, 0x4000010)
socket(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={0x38, 0x19, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_COMPAT={0xc, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x6000}]}]}, 0x38}}, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r6, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000400)={0x20, r7, 0x701, 0x70bd2b, 0x0, {0x19}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0xffa6)
r8 = openat$sequencer(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_TMR_STOP(r8, 0x5403)
ioctl$KVM_SET_CPUID2(r5, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r4])

4.035562671s ago: executing program 2 (id=2907):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f0000000100)={0xa, 0x4e21, 0x80000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1400"], 0x14}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=@newtaction={0x2dc, 0x30, 0x1, 0x0, 0x3, {}, [{0x2c8, 0x1, [@m_mirred={0xdc, 0x0, 0x0, 0x0, {{0xb}, {0xa4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0x4, 0x0, 0xa0, 0x2}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xb, 0x2, 0x3, 0x1ff, 0xab9}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x4, 0x6, 0x7f, 0x2}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x8, 0xffffffffffffffff, 0x2, 0x5}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x101, 0x81, 0x20000007, 0x8, 0x2}}}]}, {0xd, 0x6, "4a2d990dd53c6218b3"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_csum={0x1e8, 0x2, 0x0, 0x0, {{0x9}, {0x100, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x7, 0x2, 0x6, 0x2}, 0x1c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7, 0x9, 0x7, 0x59c5, 0x8}, 0x62}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x6, 0x9, 0xffffffffffffffff, 0x6, 0x10001}, 0x19}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1000, 0x7f, 0x10000000, 0xf77, 0x2d6}, 0x3}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x20000, 0x9, 0x5, 0x8, 0xfffffffa}, 0x59}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x80000001, 0x5, 0x10000000, 0x9, 0x40000000}, 0x5}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1ff, 0x9, 0x1, 0x4b, 0xd173}, 0x6b}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7ff, 0x100, 0xffffffffffffffff, 0x9, 0x80000000}, 0x29}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffffffe, 0x2, 0x1, 0x8, 0x5}, 0x7f}}]}, {0xbf, 0x6, "8f006c3d2446ca17d185809e6f674d37c3318fa33ff2c3ef9b4cacae69c6a3f22e20dbcc652f519950dd37908318e00870029ebee66b9e2a9eef3fb73423fc6caa8b480a7f33a881cf79aaa7f3d7e3e43496e9a584325c55e7bc07c502945eef6f4e914c65e629f60da7e81fe413ff9eadc3a64878f2f551f66dfef2faababd6e15dd73314e266c6a95d7412f169ebe22d97b830096d8ae26a6f3313174274d616f53e33f79a0d88710d3b21760fd46e51fcaad07a148486026ac6"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x2dc}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket(0x2c, 0x4, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$ARPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000300)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x6, &(0x7f0000000040)={0x2, 0x0, 0x80})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x641, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x30)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'gretap0\x00', 0x0})
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="f800000016008502000000000000000020010000000000000000000000000002a600000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032"], 0xf8}}, 0x0)

1.804281477s ago: executing program 2 (id=2916):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x200}], 0x18}, 0x0)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000007a80)=@newtfilter={0xc48, 0x2c, 0x20, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0x3, 0xffff}, {0x1, 0x9}}, [@f_rsvp6={{0xa}, {0xc18, 0x2, [@TCA_RSVP_POLICE={0x80c, 0x5, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x81, 0x5, 0x2, 0x6, 0x4, 0xd20b, 0x4, 0x3da7, 0x8, 0xd1, 0x9, 0x7, 0x0, 0xfffffffd, 0x2, 0x1ff, 0x7, 0x8, 0x3, 0x6, 0x4, 0x5, 0x0, 0x8, 0x1, 0x9000, 0x1, 0x0, 0x3, 0x800, 0x4, 0xad2, 0x4, 0x7f, 0x8, 0xfffffff4, 0x7, 0xffffff00, 0x3e3, 0x1, 0x9, 0x438, 0x8, 0x7, 0x401, 0x9, 0x3, 0xa0, 0x3, 0x2, 0x3, 0x9, 0x3, 0x6, 0x6, 0xa, 0x66cc, 0xa691, 0x8, 0x0, 0x97, 0x800, 0x2385, 0x5, 0x9, 0x3, 0x6, 0x94, 0x8, 0x9, 0x1, 0x8a, 0x10000, 0x4e, 0x5c4, 0x18b9fea0, 0x8886, 0x8, 0x628ada12, 0x7f, 0xfffffffd, 0x2, 0x4e1, 0xb, 0xb, 0x200, 0x8, 0x8, 0x4, 0x0, 0x6, 0x7ff, 0x7fffffff, 0x8, 0x7fff, 0x6, 0x8, 0x0, 0x3, 0xfff, 0x2, 0x5, 0xc913, 0xc0b5, 0xd, 0xcac4, 0x100, 0x10001, 0x0, 0x7, 0x7fffffff, 0x0, 0x62, 0x3, 0x3, 0x8, 0x9, 0x5, 0x7, 0x62, 0xf, 0xb7e0, 0x80000000, 0xf366, 0x6, 0xfffffffc, 0xa31, 0x10, 0x5e, 0x8, 0x8, 0x200, 0x10001, 0xffffff2d, 0x7, 0x5, 0xe3, 0x6, 0x6, 0xd, 0x2, 0x40, 0x1ff, 0x9, 0x5, 0x9, 0x2, 0x4, 0x3580, 0x343, 0x77, 0x6, 0xfff, 0xd67, 0x7, 0x7, 0x9, 0x1, 0x684c, 0x8, 0x4, 0x10001, 0x5, 0x8, 0x6, 0x8, 0x2, 0x9, 0x3, 0x4, 0x5, 0x0, 0x3, 0x0, 0x100, 0x4e2, 0x10001, 0xfef, 0xf, 0x3, 0x0, 0x0, 0x1, 0x0, 0xf56, 0x0, 0x3, 0x0, 0xfffffffd, 0x3, 0x1, 0x1, 0xa0, 0x3, 0x8a, 0x0, 0x8, 0xfff, 0x7ff, 0x8, 0x9, 0xc6, 0x3, 0x5ec, 0x81, 0xfffffff9, 0x9, 0x8, 0x2, 0x7fffffff, 0x0, 0xffff7ae3, 0xffffffc0, 0x82, 0x8, 0x0, 0x80000000, 0x8, 0x10, 0x314, 0x3, 0x1, 0xffff, 0x0, 0xd4cc, 0x7fe00000, 0xb, 0x3, 0x6, 0xfffffffb, 0x401, 0xf, 0x7, 0x3, 0x9, 0x9, 0x8f, 0x81, 0x9, 0x4bd3, 0x513, 0x6, 0x2, 0x3, 0x4, 0x4794, 0x80, 0xd, 0x6, 0xffffffff, 0x8f0, 0x80000000, 0x1, 0xffffff01, 0xfc8]}, @TCA_POLICE_RATE={0x404, 0x2, [0x7f, 0x7, 0x3ff, 0x9, 0x10000, 0x1, 0x7, 0x4, 0x6, 0x6a6aeb36, 0x2, 0x3, 0x4, 0xffff0000, 0x2, 0x2, 0xb3a, 0x7, 0x4, 0xa8d, 0x7, 0x8, 0x10000, 0x4, 0x5, 0x7fffffff, 0x5, 0x100, 0xfffffff4, 0xab, 0x4, 0x0, 0x4, 0x7fff, 0x1, 0x401, 0x100, 0x9, 0x7ff, 0xfffffffc, 0x1, 0x7, 0x3, 0x6, 0x1, 0x6, 0xd, 0xf50d, 0x6, 0xfffffff9, 0x9, 0x5, 0x3ff, 0x4, 0x4, 0xfffffff0, 0x0, 0x399, 0x2, 0x6, 0xd7, 0x2, 0x8000, 0x4, 0x5, 0x7, 0xa000, 0x4, 0x7ff, 0x5, 0x3, 0x7, 0x1, 0x7, 0x101, 0xff, 0x9, 0x3219b389, 0x9, 0x7, 0x8e55, 0x81, 0x1, 0x6ab, 0x9, 0xff, 0x200, 0x7, 0x8, 0x5, 0x892d, 0x4, 0x70, 0xfffffffc, 0x400, 0x211, 0xb, 0x3, 0x6, 0xf, 0x8001, 0x88, 0x1, 0x2, 0x80000000, 0x3, 0xb, 0xb4fc, 0xff, 0x7fffffff, 0x0, 0x2, 0x2c42, 0x80, 0x2, 0x6, 0x7, 0xb, 0xe2, 0x80000000, 0xfff, 0x3, 0x10000, 0x7, 0x101, 0x1, 0x7, 0x9, 0x2, 0x5, 0x7, 0x6, 0x40, 0x0, 0xf693, 0x6, 0x4, 0x3, 0x1, 0x6, 0x80000001, 0x4, 0x4, 0x6, 0x1, 0xbcc, 0x1, 0xffffff80, 0x81, 0x5, 0x1b81, 0x80, 0x400000, 0xe386, 0x4, 0x9, 0x0, 0x6, 0x1, 0xf65b, 0x9, 0x1, 0x80, 0xadf7, 0x31, 0x200, 0x0, 0x1, 0x3, 0x80, 0x1, 0x0, 0x1, 0x9, 0x6, 0x1, 0xff, 0x100, 0x0, 0x5, 0xa, 0x200, 0xddb, 0x2, 0x1, 0x5, 0x1, 0x0, 0x1, 0x40, 0x400, 0x8, 0xc, 0x5b1a, 0x7ff, 0x100, 0x1c3, 0xa000, 0x9, 0x844b, 0x2, 0x5f, 0x39, 0x9, 0xf0000000, 0x7ff, 0xfffffff7, 0xb, 0x8, 0x1, 0x100, 0x2, 0x9f9, 0x9, 0x9e, 0x100, 0x23200000, 0x0, 0x2, 0x6, 0x2, 0x39, 0x2, 0x100, 0x0, 0x3, 0x5, 0x80, 0x8001, 0xa, 0x4, 0xfffffffe, 0xdf, 0x8, 0x3, 0x0, 0x6, 0x1db5e82a, 0xc4d, 0x641, 0x9f, 0xffffffff, 0xd, 0x2, 0x38, 0x417c, 0x3, 0xc, 0x3, 0x60, 0x80000001, 0x9, 0x5, 0x5, 0x1, 0x101]}]}, @TCA_RSVP_POLICE={0x408, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x4, 0xf8a8, 0x9, 0x0, 0x4, 0x6, 0x891, 0x1, 0xffffffff, 0x80000001, 0x401, 0x7, 0x5, 0x0, 0x569aad61, 0x8, 0x8, 0x7, 0x400, 0x2, 0x4, 0x9, 0x9, 0x3, 0x4, 0x9, 0x80000000, 0x80000001, 0xcfe0, 0x9, 0x0, 0x4, 0x2, 0x7, 0x8, 0x7, 0x3, 0x0, 0x7, 0x9, 0x5, 0x9, 0x2, 0x8, 0x9, 0x101, 0x8001, 0x67, 0x8, 0xfffffffc, 0x0, 0x7, 0x9, 0x3, 0x1, 0x6, 0x7, 0x7c, 0x8000, 0x8, 0x0, 0x4, 0x4, 0x1, 0x6, 0x101, 0xfffff884, 0x9, 0x6, 0xe9, 0x4656, 0x9, 0x9, 0x80000000, 0x4, 0x8, 0x400, 0x5, 0x2, 0x4, 0x2b7c, 0x8, 0x4, 0x6, 0x7, 0x1, 0x2, 0x0, 0x2, 0xfffffff7, 0x1, 0x4, 0x5, 0x0, 0xe26, 0x5, 0xfffffffc, 0x7, 0x101, 0x4, 0x389, 0xd, 0x5, 0x10001, 0x1, 0xd1bf, 0xc, 0x9, 0x2, 0x10, 0x2, 0x0, 0xfffffff9, 0x6be0, 0x5, 0x7, 0x5, 0x6, 0x3000000, 0x9, 0x7, 0xfffffffd, 0x0, 0x200, 0xc, 0x3, 0x69, 0x400, 0x79e, 0x200, 0x8, 0x9c, 0x1, 0x3, 0x9, 0x8, 0x200, 0x3ff, 0x0, 0x7, 0x78529202, 0x8, 0x2, 0x5, 0x0, 0x6, 0x1ff, 0x214, 0x0, 0x1, 0x408a, 0x101, 0x7, 0x8, 0x7, 0x3c, 0x7, 0x6, 0x40, 0x9, 0x200, 0x0, 0x855, 0xbb3, 0xfffffff8, 0xa, 0x627b, 0xaa, 0x6, 0x3, 0xfd, 0x80000000, 0x7ff800, 0x0, 0x7ff, 0x4, 0x200, 0xd72, 0x4, 0x5, 0xffff, 0x80000001, 0x70c, 0x5, 0xb, 0x7, 0x3, 0x4, 0x2, 0x10001, 0x1000, 0xe, 0x3d, 0x7, 0x5, 0x0, 0x2, 0x1, 0xfffffffd, 0xf64, 0x7, 0x2, 0xa, 0x8, 0x8e6d, 0x7, 0x4, 0x3, 0xfffffffd, 0x2, 0x0, 0xffff, 0x2, 0x7, 0x4, 0x6, 0x5, 0x1, 0xeb, 0x6, 0x1, 0x10000, 0x7ff, 0x4, 0x0, 0xb70, 0x1715981f, 0x4, 0xc095, 0x6, 0x0, 0x5, 0x50000, 0x40, 0x1, 0x1, 0x10000, 0x1, 0xffffa12d, 0xfffffffb, 0x5, 0xfffffff9, 0x0, 0x4, 0x82, 0x3, 0x9, 0x10001, 0x0, 0xffff, 0x10000, 0xffffffff, 0x1, 0xaa2e]}]}]}}]}, 0xc48}}, 0x0)
recvmmsg(r1, &(0x7f0000007a00)=[{{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, &(0x7f0000002b00)=[{&(0x7f0000001680)=""/4096, 0x1000}], 0x1}, 0xb}], 0x2, 0x60, 0x0)

1.668304288s ago: executing program 2 (id=2917):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000002c0)={{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}}, {0x20000010304, @broadcast}, 0xde, {0x2, 0x0, @multicast1=0xe000cc02}})

1.599121792s ago: executing program 0 (id=2920):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0, 0x0, 0x8}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x12, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000010000000000000000000000711217"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @cgroup_sock_addr=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2568, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x11, 0xa, 0x300)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

1.598653826s ago: executing program 4 (id=2922):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
getrlimit(0xd, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x0, &(0x7f0000000040)})
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES32], 0x38}}, 0x0)

1.598441281s ago: executing program 0 (id=2923):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
semget$private(0x0, 0x7, 0x8)
openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r3 = fsopen(&(0x7f0000000300)='befs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r4}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

1.169170964s ago: executing program 1 (id=2925):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x58000000, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0xe0100, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSMRU1(r1, 0x40047454, &(0x7f0000000280)=0x200000)

1.103926s ago: executing program 1 (id=2926):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000240)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964ded28f79c862e674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a9786cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b200fedea1c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25ade162ba3c91bb844aaf6fd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e57060", 0x1000}}, 0xf47)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0)
getsockopt$inet_int(r0, 0x10d, 0xa, 0x0, &(0x7f0000000240))

1.103746462s ago: executing program 1 (id=2927):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
userfaultfd(0x80001)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_COPY(r1, 0x3b83, &(0x7f0000000140)={0x28, 0x2, r2, r2, 0xe9, 0x401, 0x9ed5})
ioctl$IOMMU_IOAS_COPY(r1, 0x3b83, &(0x7f0000000180)={0x28, 0x2, r2, r2, 0x100000000, 0x6, 0x7})
r3 = syz_open_dev$sg(&(0x7f0000000000), 0xf9ba, 0x501)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f00000002c0)={0x0, 0x401, 0xae})
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IMADDTIMER(r4, 0x80044940, &(0x7f0000000000))

677.201891ms ago: executing program 2 (id=2928):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
accept4(r3, 0x0, 0x0, 0x0)
ioctl$SIOCRSSL2CALL(r3, 0x89e2, &(0x7f0000000000)=@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0})

547.772871ms ago: executing program 4 (id=2929):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x12, 0xd, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f00000002c0), &(0x7f00000001c0)=r0}, 0x20)

547.490257ms ago: executing program 4 (id=2930):
socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e23, 0x2, @local, 0x7}, 0x1c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e26, 0xfffffffc, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

454.209128ms ago: executing program 0 (id=2931):
socket$kcm(0x2, 0x1, 0x84)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@local})
r1 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x3}, &(0x7f0000000380)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x3, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000280)={{@local}, {@local}, 0x400, "787c2ce2fba15d4e9f8e96bc11e2ca247a20c3e26661b174fe1825253be9e8480cb4f3524914f59ba189c1429727ef39b4164f93bb821987b3b7f73495bc8e745304668e0e46798c7f5917ea8428d41cab5612336f04000000000000008e9c1c86a394feb64fb06f77dadbcb20fc62741432b7dca37007d68e98fe46135d6a1c5ed42102f58daa5211319db84aa9abac734be47c908dc3ffa3aa7b61ec16d3d1209fc618f6c4532ea582628502ac46d167db6d53d8f3184df68414e6b6ec0109664c570e155654e03d58dadd0e5a7bab42bbb4a9afdefc115eb1609e7b50dbd94b94ba09000000000000001c9e4a41d3e16af21d6c897a1121bc14de16e78d6d7f2ae79db44e302539fd926e0b91e0fc589e2fa19b218d0508b5ce3ad40d03936693ca5aa41ddc07cf492874569ab037e0530e38245b98131ae0c9afd871df5f51331938764f5a7dd96890edd467b2fbc335ed081729b5ea722a98b34d0dac6de995de4ee263c81b2567b3f87e0897857edd5d7e97d61fc67076eab4846010d4828cc879f95cddb69ff6438f2a109285c46d8224c36069d30c3c9cf4a6800ae224111136bd9c1e06c4bfc4685d7bb6a72345772b3ce9bf105490743dc4b700f24ce6b250b95e6c383fe44967a55d140baf0ec339e3815b29a2246cb5c953048c43266485bbd9d0caecf00e9501a4433b54930cba54e06607ada2f5d818e4804294fcf53058e58e0d33d4aa6dc943811056908fe9116e65cdddac1d2fb24d1eacee389af38b7e5a7056d0de50c6b49fb38388cf28c2d6dd3dbbab84ffbef4b0c02a77f018e8a9749a557909e6aa96185d268dad7744b094d8c6134b8defe26674d65f908f9c3a8c201f661fc26efe0eff248d3a473fe32a5b3643bfad8f186c2af3fbaa1d38560c1244c79a0e48893eefb792af281650f34f6c2d9a6c622aba234b63586713cb66179a0897d98ee5228569c32c1a682807c8db7eb197ccbbd6549db86a6a9aebbf5dc14060f22e2b07d6166f43c25ae0c88be7a4dc38e7ed08972a355b0e5d6fc43b8e5594fa6b36a36a44bb94b75eaff11dc17105f54beda54da2a1ea1acfab354745057dd2e7725f2c8450b19fdf37e19f6ce43449e9191f5a5beb4a1bc176f6130052e83acefd8ff18d592bb75f15f86c9113e4bd67ad420c33ae706cdc10060277b83ef30a50d4ac19c9a791b309377aa20a4743bbb799abc3ba58071b628c9ba8103bbfe389939e55296ec9b4f8d3a03aff30ce9aa0dd6e5158a672be8f3da8349ed4ad82f6ca67ee29e8b234840cf7846e604e5b8135abd94d71fe0a79180e75d4e193ea8df466c087b660fe984943751a9f6df8545699701d478c2b3daa949155770e74835bcd972de27afd20b02ce0e504c15b0237437200"}, 0x418, 0x7fffffff})

281.349914ms ago: executing program 0 (id=2932):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070f000000000000000007000000", @ANYRES32=r1, @ANYBLOB="7b0010c00a0002"], 0x28}}, 0x0)

281.096608ms ago: executing program 4 (id=2933):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

280.979582ms ago: executing program 0 (id=2934):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x78}}, 0x0)

195.893168ms ago: executing program 0 (id=2935):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$key(0xf, 0x3, 0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200)=@usbdevfs_driver={0x0, 0xfffffff8, 0x0})
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x81, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r1, &(0x7f00000004c0), &(0x7f0000000400)=@udp6=r2}, 0x3f)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000007c0)={r1, &(0x7f00000000c0), &(0x7f0000000780)=@udp6=r2}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

195.735227ms ago: executing program 4 (id=2936):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x2c}}, 0x0)

195.629807ms ago: executing program 4 (id=2937):
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r3, 0x7ab, 0x0)
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r3, 0x7a6, 0x0)
r4 = socket$inet(0x2, 0x1, 0x100)
syz_open_dev$vim2m(&(0x7f0000000000), 0x20000000206, 0x2)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

120.164799ms ago: executing program 1 (id=2938):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e5804", '\x00', "fffffffffffffffd"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "40bb18a335ef4dbf", "acb180ae165a1165aa63b101fcbf8c89", "36acc147", "07e7d297e4368e1e"}, 0x2)

119.836746ms ago: executing program 1 (id=2939):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x45833af92e4a39fd, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r1, 0x0, 0xea, 0x4c, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86", &(0x7f0000001c40)=""/76, 0x0, 0x0, 0x0, 0x4d, 0x0, &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653", 0x1, 0x0, 0x13}, 0x50)
getsockopt$CAN_RAW_RECV_OWN_MSGS(0xffffffffffffffff, 0x65, 0x4, 0x0, 0x0)
r2 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x9}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
socket$kcm(0xa, 0x2, 0x3a)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

0s ago: executing program 1 (id=2940):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

kernel console output (not intermixed with test programs):

3][T14223] CPU: 3 UID: 0 PID: 14223 Comm: syz.0.2321 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  486.415410][T14223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.415422][T14223] Call Trace:
[  486.415429][T14223]  <TASK>
[  486.415436][T14223]  dump_stack_lvl+0x16c/0x1f0
[  486.415466][T14223]  should_fail_ex+0x512/0x640
[  486.415490][T14223]  _copy_from_user+0x2e/0xd0
[  486.415512][T14223]  do_compat_fcntl64+0x3a4/0x700
[  486.415532][T14223]  ? __pfx_do_compat_fcntl64+0x10/0x10
[  486.415552][T14223]  ? fput+0x70/0xf0
[  486.415578][T14223]  ? ksys_write+0x1b9/0x240
[  486.415605][T14223]  ? rcu_is_watching+0x12/0xc0
[  486.415630][T14223]  __do_fast_syscall_32+0x73/0x120
[  486.415658][T14223]  do_fast_syscall_32+0x32/0x80
[  486.415684][T14223]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  486.415705][T14223] RIP: 0023:0xf711e579
[  486.415718][T14223] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  486.415732][T14223] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000037
[  486.415750][T14223] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000005
[  486.415761][T14223] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  486.415771][T14223] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  486.415782][T14223] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  486.415792][T14223] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  486.415814][T14223]  </TASK>
[  486.420752][ T6009] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[  486.914955][T14227] fuse: Bad value for 'fd'
[  486.983023][T14231] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  487.167100][T14234] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  491.732616][T14328] fuse: Unknown parameter 'user_i00000000000000000000'
[  494.011321][T14357] input: syz1 as /devices/virtual/input/input107
[  495.636362][ T5960] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  495.645436][ T5960] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  495.653066][ T5960] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  495.665894][ T5960] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  495.669312][ T5960] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  495.753532][T14379] lo speed is unknown, defaulting to 1000
[  495.872432][T14379] chnl_net:caif_netlink_parms(): no params data found
[  496.193729][T14379] bridge0: port 1(bridge_slave_0) entered blocking state
[  496.196407][T14379] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.199113][T14379] bridge_slave_0: entered allmulticast mode
[  496.202580][T14379] bridge_slave_0: entered promiscuous mode
[  496.208897][T14379] bridge0: port 2(bridge_slave_1) entered blocking state
[  496.211825][T14379] bridge0: port 2(bridge_slave_1) entered disabled state
[  496.214787][T14379] bridge_slave_1: entered allmulticast mode
[  496.219112][T14379] bridge_slave_1: entered promiscuous mode
[  496.269859][T14379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  496.277146][T14379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  496.337316][T14379] team0: Port device team_slave_0 added
[  496.341400][T14379] team0: Port device team_slave_1 added
[  496.440459][ T1137] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.455421][T14379] batman_adv: batadv0: Adding interface: batadv_slave_0
[  496.457878][T14379] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  496.466370][T14379] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  496.470848][T14379] batman_adv: batadv0: Adding interface: batadv_slave_1
[  496.473466][T14379] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  496.482433][T14379] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  496.525686][T14379] hsr_slave_0: entered promiscuous mode
[  496.528033][T14379] hsr_slave_1: entered promiscuous mode
[  496.530394][T14379] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  496.532883][T14379] Cannot create hsr debugfs directory
[  496.580945][ T1137] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.711889][ T1137] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.831366][ T1137] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  497.172131][T14404] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2358'.
[  497.749739][ T1137] bond0 (unregistering): Released all slaves
[  497.849562][   T68] Bluetooth: hci4: command tx timeout
[  497.884837][ T1137] bond1 (unregistering): Released all slaves
[  498.031156][ T1137] bond2 (unregistering): (slave veth3): Releasing active interface
[  498.035436][ T1137] bond2 (unregistering): Released all slaves
[  498.112333][ T1137] tipc: Left network mode
[  498.299152][ T1137] hsr_slave_0: left promiscuous mode
[  498.302831][ T1137] hsr_slave_1: left promiscuous mode
[  498.342393][ T1137] veth1_macvtap: left allmulticast mode
[  498.346641][ T1137] veth1_macvtap: left promiscuous mode
[  498.348747][ T1137] veth0_macvtap: left promiscuous mode
[  498.352350][ T1137] veth1_vlan: left promiscuous mode
[  498.354788][ T1137] veth0_vlan: left promiscuous mode
[  499.633224][T14435] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  499.951020][ T5997] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  500.072605][   T68] Bluetooth: hci4: command tx timeout
[  500.159252][ T5997] usb 6-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[  500.162219][ T5997] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.164813][ T5997] usb 6-1: Product: syz
[  500.166202][ T5997] usb 6-1: Manufacturer: syz
[  500.169541][ T5997] usb 6-1: SerialNumber: syz
[  500.172179][ T5997] usb 6-1: config 0 descriptor??
[  500.752954][    C2] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  500.843530][T14379] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  500.855361][T14379] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  500.868985][T14379] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  500.879664][T14379] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  501.020852][T14379] 8021q: adding VLAN 0 to HW filter on device bond0
[  501.033926][T14379] 8021q: adding VLAN 0 to HW filter on device team0
[  501.040520][ T1234] bridge0: port 1(bridge_slave_0) entered blocking state
[  501.043479][ T1234] bridge0: port 1(bridge_slave_0) entered forwarding state
[  501.055800][ T1234] bridge0: port 2(bridge_slave_1) entered blocking state
[  501.058759][ T1234] bridge0: port 2(bridge_slave_1) entered forwarding state
[  501.083461][T14379] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  501.219545][T14379] 8021q: adding VLAN 0 to HW filter on device batadv0
[  501.267957][T14379] veth0_vlan: entered promiscuous mode
[  501.278076][T14379] veth1_vlan: entered promiscuous mode
[  501.305137][T14379] veth0_macvtap: entered promiscuous mode
[  501.314179][T14379] veth1_macvtap: entered promiscuous mode
[  501.329633][T14379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  501.336436][T14379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  501.341161][T14379] batman_adv: batadv0: Interface activated: batadv_slave_0
[  501.347815][T14379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  501.351223][T14379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  501.356498][T14379] batman_adv: batadv0: Interface activated: batadv_slave_1
[  501.363204][T14379] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  501.366147][T14379] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  501.369077][T14379] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  501.372336][T14379] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  501.449623][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.452724][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.497418][   T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.500117][   T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.643352][T14470] bond0: (slave wlan1): Releasing backup interface
[  501.865252][    C2] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  502.143981][T14481] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2370'.
[  502.292830][   T68] Bluetooth: hci4: command tx timeout
[  502.322295][T14485] fuse: Unknown parameter 'user_i00000000000000000000'
[  502.621680][T14492] fuse: Unknown parameter 'user_i00000000000000000000'
[  502.845050][T14498] batman_adv: batadv0: Adding interface: ip6gretap1
[  502.847214][T14498] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  502.855569][T14498] batman_adv: batadv0: Interface activated: ip6gretap1
[  502.860703][ T5997] mos7840 6-1:0.0: required endpoints missing
[  502.921037][ T5997] usb 6-1: USB disconnect, device number 21
[  503.358891][T13188] syz_tun (unregistering): left allmulticast mode
[  503.363348][T13188] syz_tun (unregistering): left promiscuous mode
[  503.366742][T13188] bridge0: port 2(syz_tun) entered disabled state
[  503.407410][ T5960] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  503.425850][ T5960] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  503.432379][ T5960] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  503.441029][ T5960] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  503.448346][ T5960] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  503.487580][T14510] FAULT_INJECTION: forcing a failure.
[  503.487580][T14510] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  503.491104][T14505] lo speed is unknown, defaulting to 1000
[  503.528510][T14510] CPU: 3 UID: 0 PID: 14510 Comm: syz.2.2381 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  503.528546][T14510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  503.528554][T14510] Call Trace:
[  503.528560][T14510]  <TASK>
[  503.528565][T14510]  dump_stack_lvl+0x16c/0x1f0
[  503.528589][T14510]  should_fail_ex+0x512/0x640
[  503.528614][T14510]  should_fail_alloc_page+0xe7/0x130
[  503.528633][T14510]  prepare_alloc_pages+0x3c2/0x610
[  503.528657][T14510]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  503.528687][T14510]  ? bio_kmalloc+0x41/0x70
[  503.528710][T14510]  ? kasan_save_stack+0x33/0x60
[  503.528736][T14510]  ? kasan_save_track+0x14/0x30
[  503.528757][T14510]  ? __kasan_kmalloc+0xaa/0xb0
[  503.528779][T14510]  ? __kmalloc_noprof+0x223/0x510
[  503.528804][T14510]  ? bio_kmalloc+0x41/0x70
[  503.528821][T14510]  ? blk_rq_map_kern+0x39a/0x710
[  503.528873][T14510]  ? scsi_execute_cmd+0xc14/0xf40
[  503.528892][T14510]  ? sr_do_ioctl+0x219/0x840
[  503.528916][T14510]  ? sr_read_tocentry.isra.0+0x180/0x540
[  503.528940][T14510]  ? sr_audio_ioctl+0x282/0x2f0
[  503.528966][T14510]  ? cdrom_read_tocentry+0xb6/0x130
[  503.528986][T14510]  ? cdrom_ioctl+0x2ac6/0x3190
[  503.529011][T14510]  ? sr_block_ioctl+0x1b0/0x250
[  503.529033][T14510]  ? blkdev_compat_ptr_ioctl+0x9c/0xe0
[  503.529060][T14510]  ? compat_blkdev_ioctl+0x2eb/0x7a0
[  503.529103][T14510]  ? __do_compat_sys_ioctl+0x1cb/0x2c0
[  503.529127][T14510]  ? __do_fast_syscall_32+0x73/0x120
[  503.529156][T14510]  ? do_fast_syscall_32+0x32/0x80
[  503.529200][T14510]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  503.529247][T14510]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  503.529271][T14510]  ? policy_nodemask+0xea/0x4e0
[  503.529304][T14510]  alloc_pages_mpol+0x1fb/0x550
[  503.529324][T14510]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  503.529342][T14510]  ? trace_kmalloc+0x2b/0xd0
[  503.529363][T14510]  ? __kmalloc_noprof+0x242/0x510
[  503.529389][T14510]  ? __pfx___debug_object_init+0x10/0x10
[  503.529416][T14510]  ? __pfx_blk_mq_alloc_request+0x1/0x10
[  503.529445][T14510]  alloc_pages_noprof+0x131/0x390
[  503.529461][T14510]  blk_rq_map_kern+0x3f5/0x710
[  503.529493][T14510]  scsi_execute_cmd+0xc14/0xf40
[  503.529509][T14510]  ? scsi_block_when_processing_errors+0x2d0/0x440
[  503.529532][T14510]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  503.529556][T14510]  ? __pfx_scsi_execute_cmd+0x10/0x10
[  503.529583][T14510]  sr_do_ioctl+0x219/0x840
[  503.529617][T14510]  ? __pfx_sr_do_ioctl+0x10/0x10
[  503.529661][T14510]  sr_read_tocentry.isra.0+0x180/0x540
[  503.529688][T14510]  ? __pfx_sr_read_tocentry.isra.0+0x10/0x10
[  503.529727][T14510]  sr_audio_ioctl+0x282/0x2f0
[  503.529755][T14510]  ? __pfx_sr_audio_ioctl+0x10/0x10
[  503.529786][T14510]  ? find_held_lock+0x2b/0x80
[  503.529809][T14510]  ? __might_fault+0xe3/0x190
[  503.529837][T14510]  ? __might_fault+0xe3/0x190
[  503.529862][T14510]  ? __might_fault+0x13b/0x190
[  503.529896][T14510]  cdrom_read_tocentry+0xb6/0x130
[  503.529923][T14510]  cdrom_ioctl+0x2ac6/0x3190
[  503.529952][T14510]  ? __pfx_cdrom_ioctl+0x10/0x10
[  503.529980][T14510]  ? rpm_resume+0x80c/0x1310
[  503.530007][T14510]  ? rcu_is_watching+0x12/0xc0
[  503.530031][T14510]  ? rpm_resume+0x80c/0x1310
[  503.530056][T14510]  ? trace_rpm_return_int+0x196/0x220
[  503.530083][T14510]  ? rpm_resume+0x811/0x1310
[  503.530115][T14510]  ? __pfx_rpm_resume+0x10/0x10
[  503.530140][T14510]  ? do_raw_spin_lock+0x12c/0x2b0
[  503.530163][T14510]  ? find_held_lock+0x2b/0x80
[  503.530192][T14510]  ? lockdep_hardirqs_on+0x7c/0x110
[  503.530219][T14510]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  503.530246][T14510]  ? __pm_runtime_resume+0xc3/0x170
[  503.530279][T14510]  sr_block_ioctl+0x1b0/0x250
[  503.530310][T14510]  ? __pfx_sr_block_ioctl+0x10/0x10
[  503.530335][T14510]  blkdev_compat_ptr_ioctl+0x9c/0xe0
[  503.530365][T14510]  ? __pfx_blkdev_compat_ptr_ioctl+0x10/0x10
[  503.530394][T14510]  compat_blkdev_ioctl+0x2eb/0x7a0
[  503.530425][T14510]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  503.530462][T14510]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  503.530496][T14510]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  503.530522][T14510]  __do_fast_syscall_32+0x73/0x120
[  503.530551][T14510]  do_fast_syscall_32+0x32/0x80
[  503.530578][T14510]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  503.530601][T14510] RIP: 0023:0xf710e579
[  503.530617][T14510] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  503.530636][T14510] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  503.530656][T14510] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005306
[  503.530669][T14510] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  503.530681][T14510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  503.530692][T14510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  503.530704][T14510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  503.530730][T14510]  </TASK>
[  503.847072][T14505] chnl_net:caif_netlink_parms(): no params data found
[  504.007206][T14505] bridge0: port 1(bridge_slave_0) entered blocking state
[  504.010508][T14505] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.013643][T14505] bridge_slave_0: entered allmulticast mode
[  504.018127][T14505] bridge_slave_0: entered promiscuous mode
[  504.023496][T14505] bridge0: port 2(bridge_slave_1) entered blocking state
[  504.027193][T14505] bridge0: port 2(bridge_slave_1) entered disabled state
[  504.030258][T14505] bridge_slave_1: entered allmulticast mode
[  504.034051][T14505] bridge_slave_1: entered promiscuous mode
[  504.076977][T14523] netlink: 'syz.3.2384': attribute type 4 has an invalid length.
[  504.080265][T14523] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2384'.
[  504.084718][T14505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  504.093953][T14505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  504.174719][T14505] team0: Port device team_slave_0 added
[  504.181989][T14505] team0: Port device team_slave_1 added
[  504.189516][T14524] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2383'.
[  504.235252][T14505] batman_adv: batadv0: Adding interface: batadv_slave_0
[  504.238436][T14505] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  504.249392][T14505] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  504.256960][T14505] batman_adv: batadv0: Adding interface: batadv_slave_1
[  504.263926][T14505] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  504.276931][T14505] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  504.354255][T14505] hsr_slave_0: entered promiscuous mode
[  504.356772][T14505] hsr_slave_1: entered promiscuous mode
[  504.527932][   T68] Bluetooth: hci4: command tx timeout
[  504.699197][T14505] netdevsim netdevsim1 netdevsim0 (unregistering): left allmulticast mode
[  504.702374][T14505] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode
[  504.708021][T14505] bridge0: port 1(netdevsim0) entered disabled state
[  504.928619][T14505] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  504.935889][T14505] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  504.946382][T14505] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  504.950909][T14505] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  504.966385][T14505] bridge0: port 2(bridge_slave_1) entered blocking state
[  504.968746][T14505] bridge0: port 2(bridge_slave_1) entered forwarding state
[  504.971076][T14505] bridge0: port 1(bridge_slave_0) entered blocking state
[  504.973399][T14505] bridge0: port 1(bridge_slave_0) entered forwarding state
[  505.008408][T14505] 8021q: adding VLAN 0 to HW filter on device bond0
[  505.021925][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  505.026048][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  505.085440][T14535] input: syz1 as /devices/virtual/input/input108
[  505.121885][T14505] 8021q: adding VLAN 0 to HW filter on device team0
[  505.128557][ T1234] bridge0: port 1(bridge_slave_0) entered blocking state
[  505.131745][ T1234] bridge0: port 1(bridge_slave_0) entered forwarding state
[  505.142046][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  505.145130][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  505.307577][T14505] 8021q: adding VLAN 0 to HW filter on device batadv0
[  505.338369][T14505] veth0_vlan: entered promiscuous mode
[  505.344723][T14505] veth1_vlan: entered promiscuous mode
[  505.369426][T14505] veth0_macvtap: entered promiscuous mode
[  505.375690][T14505] veth1_macvtap: entered promiscuous mode
[  505.399557][T14505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  505.402844][T14505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  505.407404][T14505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  505.410602][T14505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  505.414857][T14505] batman_adv: batadv0: Interface activated: batadv_slave_0
[  505.421896][T14505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  505.425545][T14505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  505.429554][T14505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  505.432821][T14505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  505.437387][T14505] batman_adv: batadv0: Interface activated: batadv_slave_1
[  505.442082][T14505] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  505.445382][T14505] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  505.448238][T14505] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  505.451010][T14505] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  505.489863][   T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  505.492988][   T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  505.514674][ T1175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  505.517393][ T1175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  505.615429][T14546] pimreg: entered allmulticast mode
[  505.629379][   T68] Bluetooth: hci3: command tx timeout
[  505.959397][T14554] input: syz1 as /devices/virtual/input/input109
[  506.263760][T14556] fuse: Unknown parameter 'user_i00000000000000000000'
[  507.012718][ T5960] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  507.018604][ T5960] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  507.031336][ T5960] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  507.035674][ T5960] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  507.041407][ T5960] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  507.140593][T14571] lo speed is unknown, defaulting to 1000
[  507.277700][T14571] chnl_net:caif_netlink_parms(): no params data found
[  507.357120][T14584] fuse: Unknown parameter 'user_i00000000000000000000'
[  507.383851][T14571] bridge0: port 1(bridge_slave_0) entered blocking state
[  507.386229][T14571] bridge0: port 1(bridge_slave_0) entered disabled state
[  507.388405][T14571] bridge_slave_0: entered allmulticast mode
[  507.391969][T14571] bridge_slave_0: entered promiscuous mode
[  507.396486][T14571] bridge0: port 2(bridge_slave_1) entered blocking state
[  507.399362][T14571] bridge0: port 2(bridge_slave_1) entered disabled state
[  507.401779][T14571] bridge_slave_1: entered allmulticast mode
[  507.404569][T14571] bridge_slave_1: entered promiscuous mode
[  507.449884][T14571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  507.455867][T14571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  507.493531][T14571] team0: Port device team_slave_0 added
[  507.496972][T14571] team0: Port device team_slave_1 added
[  507.531999][T14571] batman_adv: batadv0: Adding interface: batadv_slave_0
[  507.538281][T14571] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.546010][T14571] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  507.550030][T14571] batman_adv: batadv0: Adding interface: batadv_slave_1
[  507.552031][T14571] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.563322][T14571] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  507.649003][T14571] hsr_slave_0: entered promiscuous mode
[  507.651918][T14571] hsr_slave_1: entered promiscuous mode
[  507.654442][T14571] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  507.658312][T14571] Cannot create hsr debugfs directory
[  507.858201][   T68] Bluetooth: hci3: command tx timeout
[  507.880509][T14571] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.015652][T14571] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.040897][T14596] fuse: Unknown parameter 'user_i00000000000000000000'
[  508.346690][T14571] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.406285][T14571] bridge0: port 3(netdevsim0) entered disabled state
[  508.440590][T14571] netdevsim netdevsim0 netdevsim0 (unregistering): left allmulticast mode
[  508.443690][T14571] netdevsim netdevsim0 netdevsim0 (unregistering): left promiscuous mode
[  508.448475][T14571] bridge0: port 3(netdevsim0) entered disabled state
[  508.476527][T14571] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.650179][T14571] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  508.654389][T14571] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  508.661216][T14571] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  508.665502][T14571] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  508.724688][T14571] 8021q: adding VLAN 0 to HW filter on device bond0
[  508.739160][T14571] 8021q: adding VLAN 0 to HW filter on device team0
[  508.747370][ T1175] bridge0: port 1(bridge_slave_0) entered blocking state
[  508.749860][ T1175] bridge0: port 1(bridge_slave_0) entered forwarding state
[  508.775760][ T1136] bridge0: port 2(bridge_slave_1) entered blocking state
[  508.778115][ T1136] bridge0: port 2(bridge_slave_1) entered forwarding state
[  508.793580][T14571] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  508.797388][T14571] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  508.890669][T14571] 8021q: adding VLAN 0 to HW filter on device batadv0
[  508.921546][T14571] veth0_vlan: entered promiscuous mode
[  508.933923][T14571] veth1_vlan: entered promiscuous mode
[  508.965524][T14571] veth0_macvtap: entered promiscuous mode
[  508.973040][T14571] veth1_macvtap: entered promiscuous mode
[  508.998210][T14571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  509.001778][T14571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.005072][T14571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  509.009483][T14571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.012605][T14571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  509.016379][T14571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.020585][T14571] batman_adv: batadv0: Interface activated: batadv_slave_0
[  509.026605][T14571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.030872][T14571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.034411][T14571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.037931][T14571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.041992][T14571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.045654][T14571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.049617][T14571] batman_adv: batadv0: Interface activated: batadv_slave_1
[  509.053859][T14609] fuse: Unknown parameter 'user_i00000000000000000000'
[  509.057631][T14571] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  509.060526][T14571] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  509.064699][T14571] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  509.067606][T14571] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  509.134733][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  509.145352][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  509.167820][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  509.178140][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  509.222791][   T68] Bluetooth: hci5: command tx timeout
[  509.462959][T14617] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2405'.
[  509.951825][T14634] input: syz1 as /devices/virtual/input/input110
[  510.078289][   T68] Bluetooth: hci3: command tx timeout
[  510.444519][T14640] fuse: Unknown parameter 'user_i00000000000000000000'
[  510.913081][T14654] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  510.915850][T14654] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  511.457982][   T68] Bluetooth: hci5: command tx timeout
[  512.013103][T14684] FAULT_INJECTION: forcing a failure.
[  512.013103][T14684] name failslab, interval 1, probability 0, space 0, times 0
[  512.019382][T14684] CPU: 2 UID: 0 PID: 14684 Comm: syz.1.2429 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  512.019400][T14684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  512.019408][T14684] Call Trace:
[  512.019412][T14684]  <TASK>
[  512.019417][T14684]  dump_stack_lvl+0x16c/0x1f0
[  512.019438][T14684]  should_fail_ex+0x512/0x640
[  512.019453][T14684]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  512.019472][T14684]  should_failslab+0xc2/0x120
[  512.019484][T14684]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  512.019501][T14684]  ? __pfx___page_table_check_zero+0x10/0x10
[  512.019533][T14684]  ? __alloc_skb+0x2b2/0x380
[  512.019551][T14684]  __alloc_skb+0x2b2/0x380
[  512.019565][T14684]  ? __pfx___alloc_skb+0x10/0x10
[  512.019580][T14684]  ? get_page_from_freelist+0x1193/0x39b0
[  512.019600][T14684]  alloc_skb_with_frags+0xe0/0x860
[  512.019621][T14684]  tls_decrypt_sg+0x5a5/0x2eb0
[  512.019637][T14684]  ? should_fail_alloc_page+0xee/0x130
[  512.019656][T14684]  ? __pfx_tls_strp_load_anchor_with_queue+0x10/0x10
[  512.019671][T14684]  ? __pfx_tls_decrypt_sg+0x10/0x10
[  512.019690][T14684]  ? tls_strp_msg_load+0x110/0x6d0
[  512.019704][T14684]  ? tls_rx_rec_wait+0x234/0xac0
[  512.019721][T14684]  tls_rx_one_record+0x12c/0x13d0
[  512.019739][T14684]  ? __pfx_tls_rx_one_record+0x10/0x10
[  512.019757][T14684]  ? __local_bh_enable_ip+0xa4/0x120
[  512.019775][T14684]  tls_sw_recvmsg+0x9d6/0x1d40
[  512.019800][T14684]  ? __pfx_tls_sw_recvmsg+0x10/0x10
[  512.019819][T14684]  ? aa_sk_perm+0x2f4/0xb10
[  512.019835][T14684]  ? __pfx_tls_sw_recvmsg+0x10/0x10
[  512.019850][T14684]  inet6_recvmsg+0x467/0x6a0
[  512.019864][T14684]  ? __fget_files+0x204/0x3c0
[  512.019881][T14684]  ? __pfx_inet6_recvmsg+0x10/0x10
[  512.019896][T14684]  ? __pfx_inet6_recvmsg+0x10/0x10
[  512.019911][T14684]  sock_recvmsg+0xfe/0x250
[  512.019929][T14684]  __sys_recvfrom+0x203/0x310
[  512.019943][T14684]  ? __pfx___sys_recvfrom+0x10/0x10
[  512.019968][T14684]  ? ksys_write+0x1b9/0x240
[  512.019983][T14684]  ? __pfx_ksys_write+0x10/0x10
[  512.019999][T14684]  __ia32_compat_sys_recvfrom+0xe4/0x1c0
[  512.020014][T14684]  ? lockdep_hardirqs_on+0x7c/0x110
[  512.020029][T14684]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  512.020046][T14684]  __do_fast_syscall_32+0x73/0x120
[  512.020063][T14684]  do_fast_syscall_32+0x32/0x80
[  512.020079][T14684]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  512.020093][T14684] RIP: 0023:0xf703e579
[  512.020102][T14684] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  512.020113][T14684] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000173
[  512.020123][T14684] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  512.020130][T14684] RDX: 0000000000000013 RSI: 0000000040000041 RDI: 0000000000000000
[  512.020136][T14684] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  512.020142][T14684] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  512.020148][T14684] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  512.020162][T14684]  </TASK>
[  512.136828][T14685] netlink: 'syz.3.2428': attribute type 1 has an invalid length.
[  512.157201][T14685] bond1 (unregistering): Released all slaves
[  512.166203][T14689] ������aaaaaaaaa: renamed from lo (while UP)
[  512.201007][T14686] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2428'.
[  512.216408][T14686] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2428'.
[  512.302758][   T68] Bluetooth: hci3: command tx timeout
[  513.538117][   T40] audit: type=1326 audit(134218740.035:14217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14707 comm="syz.2.2437" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf710e579 code=0x0
[  513.671293][ T5960] Bluetooth: hci5: command tx timeout
[  514.461058][T14724] FAULT_INJECTION: forcing a failure.
[  514.461058][T14724] name failslab, interval 1, probability 0, space 0, times 0
[  514.467429][T14724] CPU: 3 UID: 0 PID: 14724 Comm: syz.2.2443 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  514.467457][T14724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  514.467467][T14724] Call Trace:
[  514.467475][T14724]  <TASK>
[  514.467482][T14724]  dump_stack_lvl+0x16c/0x1f0
[  514.467510][T14724]  should_fail_ex+0x512/0x640
[  514.467529][T14724]  ? __kmalloc_noprof+0xbf/0x510
[  514.467554][T14724]  ? sk_prot_alloc+0x1a8/0x2a0
[  514.467576][T14724]  should_failslab+0xc2/0x120
[  514.467592][T14724]  __kmalloc_noprof+0xd2/0x510
[  514.467614][T14724]  ? do_raw_spin_lock+0x12c/0x2b0
[  514.467632][T14724]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  514.467652][T14724]  sk_prot_alloc+0x1a8/0x2a0
[  514.467678][T14724]  sk_alloc+0x36/0xc20
[  514.467698][T14724]  af_alg_accept+0xd1/0x610
[  514.467723][T14724]  do_accept+0x33b/0x530
[  514.467743][T14724]  ? __pfx_do_accept+0x10/0x10
[  514.467775][T14724]  __sys_accept4+0x100/0x1b0
[  514.467792][T14724]  ? __pfx___sys_accept4+0x10/0x10
[  514.467806][T14724]  ? arch_syscall_is_vdso_sigreturn+0x1bd/0x230
[  514.467825][T14724]  ? syscall_user_dispatch+0x78/0x140
[  514.467847][T14724]  __ia32_sys_accept4+0x94/0x100
[  514.467866][T14724]  __do_fast_syscall_32+0x73/0x120
[  514.467890][T14724]  do_fast_syscall_32+0x32/0x80
[  514.467913][T14724]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  514.467933][T14724] RIP: 0023:0xf710e579
[  514.467946][T14724] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  514.467962][T14724] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 000000000000016c
[  514.467977][T14724] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  514.467987][T14724] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  514.467996][T14724] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  514.468005][T14724] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  514.468014][T14724] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  514.468035][T14724]  </TASK>
[  514.559607][T14726] netlink: 'syz.3.2442': attribute type 5 has an invalid length.
[  515.646384][T14768] fuse: Unknown parameter 'user_i00000000000000000000'
[  515.712948][T14770] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  515.801441][T14773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2453'.
[  515.804517][T14773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2453'.
[  515.808112][T14773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2453'.
[  515.811509][T14773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2453'.
[  515.814618][T14773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2453'.
[  515.895598][ T5960] Bluetooth: hci5: command 0x0419 tx timeout
[  515.975067][T14766] overlayfs: upper fs does not support tmpfile.
[  516.346830][T14788] ref_ctr_offset mismatch. inode: 0x84 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8
[  516.387596][   T64] usb 8-1: new high-speed USB device number 40 using dummy_hcd
[  516.407025][T14791] dccp_invalid_packet: P.Data Offset(10) too large
[  516.411217][T14791] netlink: 'syz.1.2457': attribute type 1 has an invalid length.
[  516.413674][T14791] netlink: 240 bytes leftover after parsing attributes in process `syz.1.2457'.
[  516.547956][   T64] usb 8-1: Using ep0 maxpacket: 16
[  516.559380][   T64] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  516.562881][   T64] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  516.566296][   T64] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  516.580086][   T64] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  516.582984][   T64] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.589393][   T64] usb 8-1: config 0 descriptor??
[  516.669654][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  516.823020][T14802] fuse: Unknown parameter 'user_i00000000000000000000'
[  516.895245][T14805] fuse: Unknown parameter 'user_i00000000000000000000'
[  517.027861][   T64] input: HID 0955:7214 Haptics as /devices/virtual/input/input112
[  517.053416][   T64] shield 0003:0955:7214.000E: Registered Thunderstrike controller
[  517.072222][   T64] shield 0003:0955:7214.000E: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  517.223918][T14810] FAULT_INJECTION: forcing a failure.
[  517.223918][T14810] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  517.228111][T14810] CPU: 3 UID: 0 PID: 14810 Comm: syz.2.2465 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  517.228129][T14810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  517.228137][T14810] Call Trace:
[  517.228142][T14810]  <TASK>
[  517.228147][T14810]  dump_stack_lvl+0x16c/0x1f0
[  517.228170][T14810]  should_fail_ex+0x512/0x640
[  517.228185][T14810]  _copy_from_user+0x2e/0xd0
[  517.228200][T14810]  get_compat_msghdr+0xa7/0x170
[  517.228216][T14810]  ? __pfx_get_compat_msghdr+0x10/0x10
[  517.228231][T14810]  ? __lock_acquire+0x5ca/0x1ba0
[  517.228251][T14810]  ___sys_recvmsg+0x191/0x1a0
[  517.228266][T14810]  ? __pfx____sys_recvmsg+0x10/0x10
[  517.228288][T14810]  ? __pfx___might_resched+0x10/0x10
[  517.228307][T14810]  do_recvmmsg+0x568/0x740
[  517.228323][T14810]  ? __pfx_do_recvmmsg+0x10/0x10
[  517.228346][T14810]  ? __fget_files+0x20e/0x3c0
[  517.228364][T14810]  __sys_recvmmsg+0x21c/0x280
[  517.228379][T14810]  ? __pfx___sys_recvmmsg+0x10/0x10
[  517.228394][T14810]  ? __pfx_ksys_write+0x10/0x10
[  517.228412][T14810]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  517.228427][T14810]  ? lockdep_hardirqs_on+0x7c/0x110
[  517.228442][T14810]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  517.228458][T14810]  __do_fast_syscall_32+0x73/0x120
[  517.228476][T14810]  do_fast_syscall_32+0x32/0x80
[  517.228492][T14810]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  517.228505][T14810] RIP: 0023:0xf710e579
[  517.228514][T14810] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  517.228525][T14810] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  517.228536][T14810] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080003700
[  517.228543][T14810] RDX: 0000000000000600 RSI: 0000000000000000 RDI: 0000000000000000
[  517.228549][T14810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  517.228555][T14810] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  517.228561][T14810] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  517.228574][T14810]  </TASK>
[  517.307848][    T9] usb 8-1: USB disconnect, device number 40
[  517.333217][T14814] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2466'.
[  517.382103][   T64] shield 0003:0955:7214.000E: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  517.385480][   T64] shield 0003:0955:7214.000E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  517.393203][   T64] shield 0003:0955:7214.000E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  517.396865][   T64] shield 0003:0955:7214.000E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  517.538520][T14825] FAULT_INJECTION: forcing a failure.
[  517.538520][T14825] name failslab, interval 1, probability 0, space 0, times 0
[  517.544218][T14825] CPU: 1 UID: 0 PID: 14825 Comm: syz.0.2471 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  517.544237][T14825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  517.544245][T14825] Call Trace:
[  517.544251][T14825]  <TASK>
[  517.544257][T14825]  dump_stack_lvl+0x116/0x1f0
[  517.544279][T14825]  should_fail_ex+0x512/0x640
[  517.544295][T14825]  should_failslab+0xc2/0x120
[  517.544307][T14825]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  517.544325][T14825]  ? __send_signal_locked+0x159/0x12c0
[  517.544341][T14825]  __send_signal_locked+0x159/0x12c0
[  517.544356][T14825]  do_send_specific+0x1e8/0x370
[  517.544374][T14825]  ? __pfx_do_send_specific+0x10/0x10
[  517.544397][T14825]  ? __task_pid_nr_ns+0x186/0x500
[  517.544411][T14825]  __ia32_sys_tkill+0xf2/0x160
[  517.544428][T14825]  ? __pfx___ia32_sys_tkill+0x10/0x10
[  517.544446][T14825]  ? ksys_write+0x1b9/0x240
[  517.544464][T14825]  ? rcu_is_watching+0x12/0xc0
[  517.544479][T14825]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  517.544497][T14825]  __do_fast_syscall_32+0x73/0x120
[  517.544516][T14825]  do_fast_syscall_32+0x32/0x80
[  517.544532][T14825]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  517.544547][T14825] RIP: 0023:0xf7f48579
[  517.544557][T14825] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  517.544568][T14825] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 00000000000000ee
[  517.544579][T14825] RAX: ffffffffffffffda RBX: 000000000000002c RCX: 0000000000000012
[  517.544586][T14825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  517.544592][T14825] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  517.544598][T14825] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  517.544605][T14825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  517.544618][T14825]  </TASK>
[  517.606557][    C1] vkms_vblank_simulate: vblank timer overrun
[  517.647738][   T64] IPVS: starting estimator thread 0...
[  517.745723][T14832] IPVS: using max 45 ests per chain, 108000 per kthread
[  517.897820][    T9] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  518.069540][    T9] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  518.072932][    T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  518.076963][    T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  518.081022][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  518.085702][    T9] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  518.088775][    T9] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  518.091332][    T9] usb 6-1: Product: syz
[  518.092867][    T9] usb 6-1: Manufacturer: syz
[  518.102072][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  518.104025][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  518.106660][    T9] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  518.120142][   T68] Bluetooth: hci5: command 0x0419 tx timeout
[  518.391002][T14843] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2477'.
[  518.395512][T14843] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2477'.
[  518.564933][T14847] 9p: Unknown uid 00000000004294967295
[  518.709075][T14852] netlink: 'syz.1.2473': attribute type 1 has an invalid length.
[  518.719240][T14852] netlink: 208 bytes leftover after parsing attributes in process `syz.1.2473'.
[  520.886913][ T5960] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  520.903267][ T5960] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  520.907471][ T5960] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  520.910556][ T5960] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  520.913489][ T5960] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  520.949597][    T9] usb 6-1: USB disconnect, device number 22
[  520.958383][T14879] lo speed is unknown, defaulting to 1000
[  521.128485][T14879] chnl_net:caif_netlink_parms(): no params data found
[  521.262230][T14879] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.264726][T14879] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.267253][T14879] bridge_slave_0: entered allmulticast mode
[  521.270811][T14879] bridge_slave_0: entered promiscuous mode
[  521.274936][T14879] bridge0: port 2(bridge_slave_1) entered blocking state
[  521.277587][T14879] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.280035][T14879] bridge_slave_1: entered allmulticast mode
[  521.282847][T14879] bridge_slave_1: entered promiscuous mode
[  521.333211][T14879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  521.338708][T14879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  521.391031][T14879] team0: Port device team_slave_0 added
[  521.400431][T14879] team0: Port device team_slave_1 added
[  521.443278][T14879] batman_adv: batadv0: Adding interface: batadv_slave_0
[  521.445656][T14879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  521.459717][T14879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  521.464617][T14879] batman_adv: batadv0: Adding interface: batadv_slave_1
[  521.466918][T14879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  521.479808][T14879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  521.534398][T14903] fuse: Unknown parameter 'user_i00000000000000000000'
[  521.547364][T14879] hsr_slave_0: entered promiscuous mode
[  521.551731][T14879] hsr_slave_1: entered promiscuous mode
[  521.558520][T14879] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  521.560960][T14879] Cannot create hsr debugfs directory
[  521.724959][T14879] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.798311][T14879] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.893144][T14879] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.018882][T14879] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.188918][T14879] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  522.215058][T14879] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  522.262739][T14879] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  522.270171][T14879] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  522.403806][T14879] 8021q: adding VLAN 0 to HW filter on device bond0
[  522.461501][T14879] 8021q: adding VLAN 0 to HW filter on device team0
[  522.497603][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  522.500778][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  522.512827][T14536] bridge0: port 2(bridge_slave_1) entered blocking state
[  522.515256][T14536] bridge0: port 2(bridge_slave_1) entered forwarding state
[  522.632148][T14916] fuse: Unknown parameter 'user_i00000000000000000000'
[  522.705860][T14879] 8021q: adding VLAN 0 to HW filter on device batadv0
[  522.771647][T14879] veth0_vlan: entered promiscuous mode
[  522.789702][T14879] veth1_vlan: entered promiscuous mode
[  522.836837][T14879] veth0_macvtap: entered promiscuous mode
[  522.855563][T14879] veth1_macvtap: entered promiscuous mode
[  522.884496][T14879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.888543][T14879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.898505][T14879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.904613][T14879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.909779][T14879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.914698][T14879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.918630][T14879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.923002][T14879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.928473][T14879] batman_adv: batadv0: Interface activated: batadv_slave_0
[  522.943446][T14879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.947882][T14879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.951336][T14879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.957856][T14879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.963836][T14879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.969623][T14879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.973836][T14879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.980658][T14879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.987507][T14879] batman_adv: batadv0: Interface activated: batadv_slave_1
[  522.998472][T14879] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  523.001632][T14879] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  523.008227][T14879] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  523.016151][T14879] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  523.082643][   T68] Bluetooth: hci0: command tx timeout
[  523.123412][   T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  523.130883][   T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  523.185178][ T6581] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  523.188383][ T6581] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  523.285437][   T34] usb 8-1: new low-speed USB device number 41 using dummy_hcd
[  523.458686][   T34] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  523.461816][   T34] usb 8-1: config 0 has no interface number 0
[  523.464457][   T34] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  523.469385][   T34] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  523.473919][   T34] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  523.478106][   T34] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  523.482094][   T34] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  523.486626][   T34] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  523.498018][   T34] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  523.503787][   T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.519835][   T34] usb 8-1: config 0 descriptor??
[  523.527010][T14927] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  523.531446][T14927] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  523.542657][   T34] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  523.565731][T14935] fuse: Unknown parameter 'user_i00000000000000000000'
[  524.392966][T12247] usb 8-1: USB disconnect, device number 41
[  524.404148][T12247] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  524.460277][T14956] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  524.918482][T12247] IPVS: starting estimator thread 0...
[  525.007195][T14962] IPVS: using max 45 ests per chain, 108000 per kthread
[  525.318466][   T68] Bluetooth: hci0: command tx timeout
[  525.666827][T14977] rtc_cmos 00:05: Alarms can be up to one day in the future
[  525.691175][T14976] rtc_cmos 00:05: Alarms can be up to one day in the future
[  526.463006][   T24] rtc_cmos 00:05: Alarms can be up to one day in the future
[  526.580871][   T24] rtc_cmos 00:05: Alarms can be up to one day in the future
[  526.613272][   T24] rtc_cmos 00:05: Alarms can be up to one day in the future
[  526.616367][   T24] rtc_cmos 00:05: Alarms can be up to one day in the future
[  526.632434][   T24] rtc rtc0: __rtc_set_alarm: err=-22
[  527.531013][   T68] Bluetooth: hci0: command tx timeout
[  527.817778][ T6015] IPVS: starting estimator thread 0...
[  527.930946][T15020] IPVS: using max 47 ests per chain, 112800 per kthread
[  529.755114][   T68] Bluetooth: hci0: command tx timeout
[  529.855647][T15046] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  530.280677][T15048] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[  530.301717][T15048] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2533'.
[  531.539101][T15077] FAULT_INJECTION: forcing a failure.
[  531.539101][T15077] name failslab, interval 1, probability 0, space 0, times 0
[  531.543602][T15077] CPU: 3 UID: 0 PID: 15077 Comm: syz.1.2542 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  531.543622][T15077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  531.543629][T15077] Call Trace:
[  531.543645][T15077]  <TASK>
[  531.543652][T15077]  dump_stack_lvl+0x16c/0x1f0
[  531.543673][T15077]  should_fail_ex+0x512/0x640
[  531.543688][T15077]  ? fs_reclaim_acquire+0xae/0x150
[  531.543703][T15077]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  531.543719][T15077]  should_failslab+0xc2/0x120
[  531.543730][T15077]  __kmalloc_noprof+0xd2/0x510
[  531.543750][T15077]  tomoyo_realpath_from_path+0xc2/0x6e0
[  531.543767][T15077]  ? tomoyo_profile+0x47/0x60
[  531.543785][T15077]  tomoyo_path_number_perm+0x245/0x580
[  531.543797][T15077]  ? tomoyo_path_number_perm+0x237/0x580
[  531.543812][T15077]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  531.543830][T15077]  ? find_held_lock+0x2b/0x80
[  531.543867][T15077]  ? find_held_lock+0x2b/0x80
[  531.543884][T15077]  ? hook_file_ioctl_common+0x145/0x410
[  531.543904][T15077]  ? __fget_files+0x20e/0x3c0
[  531.543928][T15077]  security_file_ioctl_compat+0x9b/0x240
[  531.543949][T15077]  __do_compat_sys_ioctl+0x4e/0x2c0
[  531.543971][T15077]  __do_fast_syscall_32+0x73/0x120
[  531.543998][T15077]  do_fast_syscall_32+0x32/0x80
[  531.544020][T15077]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  531.544040][T15077] RIP: 0023:0xf703e579
[  531.544054][T15077] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  531.544071][T15077] RSP: 002b:00000000f500d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  531.544088][T15077] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c028aa05
[  531.544099][T15077] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  531.544110][T15077] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  531.544120][T15077] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  531.544130][T15077] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  531.544153][T15077]  </TASK>
[  531.544249][T15077] ERROR: Out of memory at tomoyo_realpath_from_path.
[  531.918970][T15085] fuse: Bad value for 'fd'
[  532.002085][T15088] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  532.690833][T15097] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2549'.
[  533.447682][T15112] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(14)
[  533.449844][T15112] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  533.453075][T15112] vhci_hcd vhci_hcd.0: Device attached
[  533.458084][T15116] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0
[  533.460731][   T46] vhci_hcd: stop threads
[  533.462096][   T46] vhci_hcd: release socket
[  533.463492][   T46] vhci_hcd: disconnect device
[  533.525754][T15119] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2554'.
[  535.369516][T12247] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  535.445037][T15138] fuse: Bad value for 'fd'
[  535.542820][T12247] usb 6-1: unable to read config index 0 descriptor/start: -61
[  535.545403][T12247] usb 6-1: can't read configurations, error -61
[  535.690298][T12247] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  535.853076][T12247] usb 6-1: unable to read config index 0 descriptor/start: -61
[  535.855868][T12247] usb 6-1: can't read configurations, error -61
[  535.861779][T12247] usb usb6-port1: attempt power cycle
[  536.388345][T15148] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2562'.
[  536.428469][T12247] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  536.463777][T12247] usb 6-1: unable to read config index 0 descriptor/start: -61
[  536.466199][T12247] usb 6-1: can't read configurations, error -61
[  536.599405][T12247] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  536.642542][T12247] usb 6-1: unable to read config index 0 descriptor/start: -61
[  536.645584][T12247] usb 6-1: can't read configurations, error -61
[  536.648269][T12247] usb usb6-port1: unable to enumerate USB device
[  537.168695][T15161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2564'.
[  539.272834][T14795] usb 8-1: new high-speed USB device number 42 using dummy_hcd
[  539.314480][T15203] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  539.454571][T14795] usb 8-1: Using ep0 maxpacket: 16
[  539.457670][T14795] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  539.461269][T14795] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  539.464254][T14795] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  539.468619][T14795] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  539.471617][T14795] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.475697][T14795] usb 8-1: config 0 descriptor??
[  539.861663][T15211] fuse: Bad value for 'fd'
[  539.913971][T14795] input: HID 0955:7214 Haptics as /devices/virtual/input/input114
[  539.940095][T14795] shield 0003:0955:7214.000F: Registered Thunderstrike controller
[  539.944804][T14795] shield 0003:0955:7214.000F: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  540.129305][   T64] shield 0003:0955:7214.000F: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  540.129432][ T6015] usb 8-1: USB disconnect, device number 42
[  540.135631][   T64] shield 0003:0955:7214.000F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  540.140049][   T64] shield 0003:0955:7214.000F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  540.143860][   T64] shield 0003:0955:7214.000F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  540.532155][T15221] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2583'.
[  540.587748][T15224] FAULT_INJECTION: forcing a failure.
[  540.587748][T15224] name failslab, interval 1, probability 0, space 0, times 0
[  540.593535][T15224] CPU: 2 UID: 0 PID: 15224 Comm: syz.0.2585 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  540.593564][T15224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  540.593576][T15224] Call Trace:
[  540.593583][T15224]  <TASK>
[  540.593590][T15224]  dump_stack_lvl+0x16c/0x1f0
[  540.593621][T15224]  should_fail_ex+0x512/0x640
[  540.593642][T15224]  ? fs_reclaim_acquire+0xae/0x150
[  540.593684][T15224]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  540.593708][T15224]  should_failslab+0xc2/0x120
[  540.593726][T15224]  __kmalloc_noprof+0xd2/0x510
[  540.593759][T15224]  tomoyo_realpath_from_path+0xc2/0x6e0
[  540.593787][T15224]  ? tomoyo_profile+0x47/0x60
[  540.593817][T15224]  tomoyo_path_number_perm+0x245/0x580
[  540.593837][T15224]  ? tomoyo_path_number_perm+0x237/0x580
[  540.593860][T15224]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  540.593883][T15224]  ? find_held_lock+0x2b/0x80
[  540.593930][T15224]  ? find_held_lock+0x2b/0x80
[  540.593951][T15224]  ? hook_file_ioctl_common+0x145/0x410
[  540.593976][T15224]  ? __fget_files+0x20e/0x3c0
[  540.594004][T15224]  security_file_ioctl_compat+0x9b/0x240
[  540.594029][T15224]  __do_compat_sys_ioctl+0x4e/0x2c0
[  540.594052][T15224]  __do_fast_syscall_32+0x73/0x120
[  540.594078][T15224]  do_fast_syscall_32+0x32/0x80
[  540.594100][T15224]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  540.594115][T15224] RIP: 0023:0xf7f48579
[  540.594124][T15224] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  540.594135][T15224] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  540.594147][T15224] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000004610
[  540.594154][T15224] RDX: 00000000800006c0 RSI: 0000000000000000 RDI: 0000000000000000
[  540.594160][T15224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  540.594166][T15224] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  540.594172][T15224] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  540.594185][T15224]  </TASK>
[  540.594779][T15224] ERROR: Out of memory at tomoyo_realpath_from_path.
[  540.818400][T15236] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2590'.
[  540.994684][T12247] usb 8-1: new high-speed USB device number 43 using dummy_hcd
[  541.165664][T12247] usb 8-1: Using ep0 maxpacket: 16
[  541.169248][T12247] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  541.172813][T12247] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  541.192307][T12247] usb 8-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  541.195490][T12247] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.198841][T12247] usb 8-1: Product: syz
[  541.200600][T12247] usb 8-1: Manufacturer: syz
[  541.202505][T12247] usb 8-1: SerialNumber: syz
[  541.206125][T12247] usb 8-1: config 0 descriptor??
[  541.426630][T15232] FAULT_INJECTION: forcing a failure.
[  541.426630][T15232] name failslab, interval 1, probability 0, space 0, times 0
[  541.426804][T15232] CPU: 1 UID: 0 PID: 15232 Comm: syz.3.2588 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  541.426830][T15232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  541.426838][T15232] Call Trace:
[  541.426842][T15232]  <TASK>
[  541.426847][T15232]  dump_stack_lvl+0x16c/0x1f0
[  541.426867][T15232]  should_fail_ex+0x512/0x640
[  541.426879][T15232]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  541.426897][T15232]  should_failslab+0xc2/0x120
[  541.426908][T15232]  __kmalloc_cache_noprof+0x6a/0x3e0
[  541.426928][T15232]  ? ww_mutex_lock+0x37/0x160
[  541.426945][T15232]  ? vkms_plane_duplicate_state+0x45/0x130
[  541.426960][T15232]  ? modeset_lock+0x114/0x6e0
[  541.426977][T15232]  vkms_plane_duplicate_state+0x45/0x130
[  541.426991][T15232]  drm_atomic_get_plane_state+0x20b/0x590
[  541.427005][T15232]  drm_client_modeset_commit_atomic+0x237/0x7e0
[  541.427021][T15232]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  541.427032][T15232]  ? trace_contention_end+0xdd/0x130
[  541.427052][T15232]  ? trace_contention_end+0xdd/0x130
[  541.427067][T15232]  drm_client_modeset_dpms+0x17e/0x210
[  541.427080][T15232]  drm_fb_helper_blank+0x19f/0x260
[  541.427096][T15232]  ? __pfx_drm_fb_helper_blank+0x10/0x10
[  541.427110][T15232]  fb_blank+0x104/0x190
[  541.427127][T15232]  ? __pfx_fb_blank+0x10/0x10
[  541.427144][T15232]  ? rcu_is_watching+0x12/0xc0
[  541.427162][T15232]  do_fb_ioctl+0x430/0x7e0
[  541.427179][T15232]  ? __pfx_do_fb_ioctl+0x10/0x10
[  541.427191][T15232]  ? lockdep_hardirqs_on+0x7c/0x110
[  541.427208][T15232]  ? find_held_lock+0x2b/0x80
[  541.427229][T15232]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  541.427256][T15232]  fb_compat_ioctl+0x55e/0x670
[  541.427269][T15232]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  541.427294][T15232]  ? hook_file_ioctl_common+0x145/0x410
[  541.427310][T15232]  ? __fget_files+0x20e/0x3c0
[  541.427329][T15232]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  541.427342][T15232]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  541.427358][T15232]  __do_fast_syscall_32+0x73/0x120
[  541.427376][T15232]  do_fast_syscall_32+0x32/0x80
[  541.427392][T15232]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  541.427407][T15232] RIP: 0023:0xf7f01579
[  541.427416][T15232] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  541.427427][T15232] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  541.427438][T15232] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000004611
[  541.427444][T15232] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  541.427451][T15232] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  541.427457][T15232] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  541.427463][T15232] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  541.427477][T15232]  </TASK>
[  541.486723][T12247] appledisplay 8-1:0.0: Error while getting initial brightness: -110
[  541.490703][T12247] appledisplay 8-1:0.0: probe with driver appledisplay failed with error -110
[  541.592067][T12247] usb 8-1: USB disconnect, device number 43
[  542.021267][   T34] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  542.192299][   T34] usb 6-1: Using ep0 maxpacket: 16
[  542.194326][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  542.194354][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  542.202601][   T34] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  542.202720][   T34] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  542.212064][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  542.214552][   T34] usb 6-1: config 0 descriptor??
[  542.654666][   T34] input: HID 0955:7214 Haptics as /devices/virtual/input/input115
[  542.667648][   T34] shield 0003:0955:7214.0010: Registered Thunderstrike controller
[  542.670474][   T34] shield 0003:0955:7214.0010: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[  542.871899][   T34] shield 0003:0955:7214.0010: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  542.872154][T12247] usb 6-1: USB disconnect, device number 27
[  542.875534][   T34] shield 0003:0955:7214.0010: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  542.882127][   T34] shield 0003:0955:7214.0010: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  542.886191][   T34] shield 0003:0955:7214.0010: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  543.442756][T15271] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  544.175433][T15285] fuse: Bad value for 'fd'
[  544.310109][T15288] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2606'.
[  546.228763][T15358] FAULT_INJECTION: forcing a failure.
[  546.228763][T15358] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  546.232900][T15358] CPU: 3 UID: 0 PID: 15358 Comm: syz.3.2619 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  546.232917][T15358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  546.232925][T15358] Call Trace:
[  546.232930][T15358]  <TASK>
[  546.232935][T15358]  dump_stack_lvl+0x16c/0x1f0
[  546.232956][T15358]  should_fail_ex+0x512/0x640
[  546.232971][T15358]  _copy_to_user+0x32/0xd0
[  546.232986][T15358]  simple_read_from_buffer+0xcb/0x170
[  546.233003][T15358]  proc_fail_nth_read+0x197/0x270
[  546.233019][T15358]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  546.233034][T15358]  ? rw_verify_area+0xcf/0x680
[  546.233047][T15358]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  546.233061][T15358]  vfs_read+0x1de/0xc70
[  546.233078][T15358]  ? __pfx___mutex_lock+0x10/0x10
[  546.233093][T15358]  ? __pfx_vfs_read+0x10/0x10
[  546.233112][T15358]  ? __fget_files+0x20e/0x3c0
[  546.233131][T15358]  ksys_read+0x12a/0x240
[  546.233146][T15358]  ? __pfx_ksys_read+0x10/0x10
[  546.233162][T15358]  ? rcu_is_watching+0x12/0xc0
[  546.233178][T15358]  __do_fast_syscall_32+0x73/0x120
[  546.233196][T15358]  do_fast_syscall_32+0x32/0x80
[  546.233212][T15358]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  546.233226][T15358] RIP: 0023:0xf7f01579
[  546.233236][T15358] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  546.233247][T15358] RSP: 002b:00000000f5026590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  546.233257][T15358] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5026620
[  546.233263][T15358] RDX: 000000000000000f RSI: 00000000f7392ff4 RDI: 0000000000000000
[  546.233270][T15358] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  546.233276][T15358] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  546.233282][T15358] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  546.233295][T15358]  </TASK>
[  546.324008][T15360] ufs: You didn't specify the type of your ufs filesystem
[  546.324008][T15360] 
[  546.324008][T15360] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  546.324008][T15360] 
[  546.324008][T15360] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  546.337122][T15360] ufs: ufs_fill_super(): bad magic number
[  547.407996][T15377] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  547.432422][ T6015] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  547.604258][ T6015] usb 7-1: Using ep0 maxpacket: 8
[  547.607533][ T6015] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  547.611002][ T6015] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  547.613914][ T6015] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.618643][ T6015] usb 7-1: config 0 descriptor??
[  547.766217][T15387] FAULT_INJECTION: forcing a failure.
[  547.766217][T15387] name failslab, interval 1, probability 0, space 0, times 0
[  547.771708][T15387] CPU: 3 UID: 0 PID: 15387 Comm: syz.0.2631 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  547.771725][T15387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  547.771732][T15387] Call Trace:
[  547.771737][T15387]  <TASK>
[  547.771742][T15387]  dump_stack_lvl+0x16c/0x1f0
[  547.771764][T15387]  should_fail_ex+0x512/0x640
[  547.771777][T15387]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  547.771796][T15387]  should_failslab+0xc2/0x120
[  547.771807][T15387]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  547.771829][T15387]  ? __d_alloc+0x31/0xaa0
[  547.771841][T15387]  __d_alloc+0x31/0xaa0
[  547.771852][T15387]  d_alloc+0x4a/0x1e0
[  547.771863][T15387]  lookup_one_qstr_excl+0x175/0x260
[  547.771875][T15387]  ? mnt_want_write+0x161/0x450
[  547.771891][T15387]  filename_create+0x1e7/0x4a0
[  547.771906][T15387]  ? __pfx_filename_create+0x10/0x10
[  547.771920][T15387]  ? find_held_lock+0x2b/0x80
[  547.771939][T15387]  do_mkdirat+0xaa/0x3e0
[  547.771955][T15387]  ? __pfx_do_mkdirat+0x10/0x10
[  547.771971][T15387]  ? getname_flags.part.0+0x1c5/0x550
[  547.771986][T15387]  __ia32_sys_mkdirat+0x82/0xb0
[  547.772003][T15387]  __do_fast_syscall_32+0x73/0x120
[  547.772027][T15387]  do_fast_syscall_32+0x32/0x80
[  547.772046][T15387]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  547.772060][T15387] RIP: 0023:0xf7f48579
[  547.772069][T15387] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  547.772080][T15387] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000128
[  547.772091][T15387] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000100
[  547.772098][T15387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  547.772104][T15387] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  547.772110][T15387] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  547.772116][T15387] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  547.772129][T15387]  </TASK>
[  547.886983][ T6015] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  547.899236][ T6015] usb 7-1: USB disconnect, device number 35
[  547.964600][T15389] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2627'.
[  549.291167][T15415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2639'.
[  549.424090][T15415] hsr_slave_1 (unregistering): left promiscuous mode
[  549.657066][T15429] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2642'.
[  550.362347][T15439] hsr0: entered promiscuous mode
[  550.362617][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.367169][T15440] hsr_slave_0: left promiscuous mode
[  550.369499][T15440] hsr_slave_1: left promiscuous mode
[  550.385204][T15440] hsr0 (unregistering): left promiscuous mode
[  550.492278][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.495197][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.498031][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.500970][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.504186][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.507098][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.510107][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.513078][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.516155][T15440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'.
[  550.575985][T15446] FAULT_INJECTION: forcing a failure.
[  550.575985][T15446] name failslab, interval 1, probability 0, space 0, times 0
[  550.582614][T15446] CPU: 0 UID: 0 PID: 15446 Comm: syz.2.2648 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  550.582634][T15446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  550.582642][T15446] Call Trace:
[  550.582647][T15446]  <TASK>
[  550.582652][T15446]  dump_stack_lvl+0x16c/0x1f0
[  550.582674][T15446]  should_fail_ex+0x512/0x640
[  550.582688][T15446]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  550.582705][T15446]  should_failslab+0xc2/0x120
[  550.582717][T15446]  __kmalloc_cache_noprof+0x6a/0x3e0
[  550.582731][T15446]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  550.582746][T15446]  ? lockdep_hardirqs_on+0x7c/0x110
[  550.582766][T15446]  ? __request_module+0x2ad/0x690
[  550.582780][T15446]  __request_module+0x2ad/0x690
[  550.582791][T15446]  ? __pfx___request_module+0x10/0x10
[  550.582802][T15446]  ? aa_get_newest_label+0x375/0x680
[  550.582814][T15446]  ? __pfx_aa_get_newest_label+0x10/0x10
[  550.582829][T15446]  ? apparmor_capable+0x114/0x1d0
[  550.582840][T15446]  ? dev_load+0x1de/0x240
[  550.582856][T15446]  dev_load+0x1ff/0x240
[  550.582868][T15446]  dev_ioctl+0x19c/0x10e0
[  550.582882][T15446]  sock_ioctl+0x5b3/0x6b0
[  550.582893][T15446]  ? __pfx_sock_ioctl+0x10/0x10
[  550.582903][T15446]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  550.582917][T15446]  ? unix_ioctl+0xf0/0x5e0
[  550.582933][T15446]  ? __pfx_unix_ioctl+0x10/0x10
[  550.582951][T15446]  compat_sock_ioctl+0x5ff/0x7c0
[  550.582963][T15446]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  550.582973][T15446]  ? hook_file_ioctl_common+0x145/0x410
[  550.582988][T15446]  ? __fget_files+0x20e/0x3c0
[  550.583009][T15446]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  550.583020][T15446]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  550.583035][T15446]  __do_fast_syscall_32+0x73/0x120
[  550.583053][T15446]  do_fast_syscall_32+0x32/0x80
[  550.583069][T15446]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  550.583082][T15446] RIP: 0023:0xf7f21579
[  550.583091][T15446] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  550.583102][T15446] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  550.583112][T15446] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000089f3
[  550.583119][T15446] RDX: 0000000080000240 RSI: 0000000000000000 RDI: 0000000000000000
[  550.583125][T15446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  550.583131][T15446] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  550.583137][T15446] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  550.583150][T15446]  </TASK>
[  550.851741][T15462] fuse: Bad value for 'fd'
[  551.121068][T15466] fuse: Bad value for 'fd'
[  551.526766][    C2] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  552.084468][    T9] usb 7-1: new low-speed USB device number 36 using dummy_hcd
[  552.246027][    T9] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  552.248781][    T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  552.251990][    T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  552.255110][    T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x8B is Bulk; changing to Interrupt
[  552.258815][    T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  552.262952][    T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  552.266226][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  552.272603][    T9] usbtmc 7-1:16.0: bulk endpoints not found
[  554.469171][   T29] usb 8-1: new high-speed USB device number 44 using dummy_hcd
[  554.650865][   T29] usb 8-1: Using ep0 maxpacket: 16
[  554.654664][   T29] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  554.659161][   T29] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  554.662791][   T29] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  554.668241][   T29] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  554.671762][   T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.678043][   T29] usb 8-1: config 0 descriptor??
[  555.062427][   T64] usb 7-1: USB disconnect, device number 36
[  555.115778][T15528] input: syz1 as /devices/virtual/input/input116
[  555.150186][   T29] input: HID 0955:7214 Haptics as /devices/virtual/input/input117
[  555.188290][   T29] shield 0003:0955:7214.0011: Registered Thunderstrike controller
[  555.191096][   T29] shield 0003:0955:7214.0011: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  555.351933][    T9] usb 8-1: USB disconnect, device number 44
[  555.375427][   T29] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  555.387784][   T29] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  555.393890][   T29] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  555.399594][   T29] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  556.368216][T15548] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  556.679299][T15556] fuse: Bad value for 'fd'
[  557.199357][    T9] usb 8-1: new high-speed USB device number 45 using dummy_hcd
[  557.367232][    T9] usb 8-1: Using ep0 maxpacket: 16
[  557.373427][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  557.378479][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  557.382580][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  557.387037][    T9] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  557.393353][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  557.397510][    T9] usb 8-1: config 0 descriptor??
[  557.837873][    T9] input: HID 0955:7214 Haptics as /devices/virtual/input/input118
[  557.862196][    T9] shield 0003:0955:7214.0012: Registered Thunderstrike controller
[  557.866093][    T9] shield 0003:0955:7214.0012: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  558.054555][   T64] usb 8-1: USB disconnect, device number 45
[  558.061195][ T6015] shield 0003:0955:7214.0012: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  558.065286][ T6015] shield 0003:0955:7214.0012: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  558.069279][ T6015] shield 0003:0955:7214.0012: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  558.073398][ T6015] shield 0003:0955:7214.0012: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  558.225509][T15576] __nla_validate_parse: 56 callbacks suppressed
[  558.225552][T15576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2688'.
[  558.887238][T15592] fuse: Bad value for 'fd'
[  559.837568][ T5959] usb 8-1: new high-speed USB device number 46 using dummy_hcd
[  559.875893][T15618] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2701'.
[  560.008704][ T5959] usb 8-1: Using ep0 maxpacket: 16
[  560.012559][ T5959] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  560.016192][ T5959] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  560.019282][ T5959] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  560.023090][ T5959] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  560.025898][ T5959] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.030028][ T5959] usb 8-1: config 0 descriptor??
[  560.316778][T15625] FAULT_INJECTION: forcing a failure.
[  560.316778][T15625] name failslab, interval 1, probability 0, space 0, times 0
[  560.322445][T15625] CPU: 1 UID: 0 PID: 15625 Comm: syz.2.2703 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  560.322471][T15625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  560.322483][T15625] Call Trace:
[  560.322503][T15625]  <TASK>
[  560.322512][T15625]  dump_stack_lvl+0x16c/0x1f0
[  560.322542][T15625]  should_fail_ex+0x512/0x640
[  560.322563][T15625]  ? fs_reclaim_acquire+0xae/0x150
[  560.322586][T15625]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  560.322609][T15625]  should_failslab+0xc2/0x120
[  560.322629][T15625]  __kmalloc_noprof+0xd2/0x510
[  560.322660][T15625]  tomoyo_realpath_from_path+0xc2/0x6e0
[  560.322686][T15625]  ? tomoyo_profile+0x47/0x60
[  560.322714][T15625]  tomoyo_path_number_perm+0x245/0x580
[  560.322733][T15625]  ? tomoyo_path_number_perm+0x237/0x580
[  560.322760][T15625]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  560.322781][T15625]  ? find_held_lock+0x2b/0x80
[  560.322826][T15625]  ? find_held_lock+0x2b/0x80
[  560.322846][T15625]  ? hook_file_ioctl_common+0x145/0x410
[  560.322869][T15625]  ? __fget_files+0x20e/0x3c0
[  560.322898][T15625]  security_file_ioctl_compat+0x9b/0x240
[  560.322922][T15625]  __do_compat_sys_ioctl+0x4e/0x2c0
[  560.322946][T15625]  __do_fast_syscall_32+0x73/0x120
[  560.322974][T15625]  do_fast_syscall_32+0x32/0x80
[  560.322998][T15625]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  560.323018][T15625] RIP: 0023:0xf7f21579
[  560.323032][T15625] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  560.323048][T15625] RSP: 002b:00000000f502555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  560.323065][T15625] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c028aa05
[  560.323076][T15625] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  560.323087][T15625] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  560.323096][T15625] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  560.323107][T15625] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  560.323130][T15625]  </TASK>
[  560.323174][T15625] ERROR: Out of memory at tomoyo_realpath_from_path.
[  560.479221][ T5959] input: HID 0955:7214 Haptics as /devices/virtual/input/input119
[  560.494477][ T5959] shield 0003:0955:7214.0013: Registered Thunderstrike controller
[  560.497304][ T5959] shield 0003:0955:7214.0013: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  560.695552][T12247] usb 8-1: USB disconnect, device number 46
[  560.698073][ T5959] shield 0003:0955:7214.0013: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  560.708915][ T5959] shield 0003:0955:7214.0013: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  560.712799][ T5959] shield 0003:0955:7214.0013: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  560.717857][ T5959] shield 0003:0955:7214.0013: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  561.102469][T15643] FAULT_INJECTION: forcing a failure.
[  561.102469][T15643] name failslab, interval 1, probability 0, space 0, times 0
[  561.107276][T15643] CPU: 3 UID: 0 PID: 15643 Comm: syz.0.2709 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  561.107293][T15643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  561.107300][T15643] Call Trace:
[  561.107305][T15643]  <TASK>
[  561.107309][T15643]  dump_stack_lvl+0x16c/0x1f0
[  561.107330][T15643]  should_fail_ex+0x512/0x640
[  561.107344][T15643]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  561.107362][T15643]  should_failslab+0xc2/0x120
[  561.107374][T15643]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  561.107391][T15643]  ? dup_fd+0x4e/0xb90
[  561.107408][T15643]  dup_fd+0x4e/0xb90
[  561.107423][T15643]  ? __pfx_audit_alloc+0x10/0x10
[  561.107438][T15643]  ? apparmor_task_alloc+0x2c2/0x3b0
[  561.107451][T15643]  copy_process+0x25c1/0x91a0
[  561.107467][T15643]  ? _kstrtoull+0x145/0x200
[  561.107483][T15643]  ? __pfx__kstrtoull+0x10/0x10
[  561.107506][T15643]  ? __pfx_copy_process+0x10/0x10
[  561.107525][T15643]  ? find_held_lock+0x2b/0x80
[  561.107546][T15643]  kernel_clone+0xfc/0x960
[  561.107562][T15643]  ? __pfx_kernel_clone+0x10/0x10
[  561.107582][T15643]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  561.107600][T15643]  __do_compat_sys_ia32_clone+0xcb/0x110
[  561.107619][T15643]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  561.107642][T15643]  ? ksys_write+0x1b9/0x240
[  561.107657][T15643]  ? __pfx_ksys_write+0x10/0x10
[  561.107672][T15643]  ? rcu_is_watching+0x12/0xc0
[  561.107688][T15643]  __do_fast_syscall_32+0x73/0x120
[  561.107706][T15643]  do_fast_syscall_32+0x32/0x80
[  561.107723][T15643]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  561.107738][T15643] RIP: 0023:0xf7f48579
[  561.107747][T15643] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  561.107758][T15643] RSP: 002b:00000000f504550c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  561.107769][T15643] RAX: ffffffffffffffda RBX: 0000000062000000 RCX: 0000000000000000
[  561.107776][T15643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  561.107782][T15643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  561.107788][T15643] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  561.107795][T15643] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  561.107807][T15643]  </TASK>
[  561.187337][    C3] vkms_vblank_simulate: vblank timer overrun
[  561.617110][T15656] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2713'.
[  562.575314][T14795] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  562.738266][T14795] usb 7-1: Using ep0 maxpacket: 16
[  562.749488][T14795] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.753931][T14795] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  562.760499][T14795] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  562.765054][T14795] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  562.768123][T14795] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.778973][T14795] usb 7-1: config 0 descriptor??
[  563.025221][T15682] syzkaller1: entered promiscuous mode
[  563.027108][T15682] syzkaller1: entered allmulticast mode
[  563.225308][T14795] input: HID 0955:7214 Haptics as /devices/virtual/input/input120
[  563.257339][T14795] shield 0003:0955:7214.0014: Registered Thunderstrike controller
[  563.261851][T14795] shield 0003:0955:7214.0014: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0
[  563.321302][T15693] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  563.438765][   T34] shield 0003:0955:7214.0014: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  563.439313][   T10] usb 7-1: USB disconnect, device number 37
[  563.447309][   T34] shield 0003:0955:7214.0014: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  563.455026][   T34] shield 0003:0955:7214.0014: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  563.461248][   T34] shield 0003:0955:7214.0014: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  563.719157][T15699] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2728'.
[  564.756725][   T34] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  564.931742][   T34] usb 6-1: Using ep0 maxpacket: 16
[  564.934980][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  564.939569][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  564.943064][   T34] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  564.947456][   T34] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  564.950633][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.958549][   T34] usb 6-1: config 0 descriptor??
[  565.215124][T15731] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  565.215124][T15731]    program syz.2.2738 not setting count and/or reply_len properly
[  565.414895][   T34] input: HID 0955:7214 Haptics as /devices/virtual/input/input121
[  565.439212][   T34] shield 0003:0955:7214.0015: Registered Thunderstrike controller
[  565.444473][   T34] shield 0003:0955:7214.0015: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[  565.624799][T14795] shield 0003:0955:7214.0015: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  565.634568][T14795] shield 0003:0955:7214.0015: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  565.638509][   T64] usb 6-1: USB disconnect, device number 28
[  565.641932][T14795] shield 0003:0955:7214.0015: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  565.648133][T14795] shield 0003:0955:7214.0015: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  565.700432][T15736] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  566.310946][T15750] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2745'.
[  566.625880][   T40] audit: type=1326 audit(547.674:14218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15759 comm="syz.3.2750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  566.632953][   T40] audit: type=1326 audit(547.674:14219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15759 comm="syz.3.2750" exe="/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  566.640597][   T40] audit: type=1326 audit(547.674:14220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15759 comm="syz.3.2750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  566.647786][   T40] audit: type=1326 audit(547.674:14221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15759 comm="syz.3.2750" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  566.656087][   T40] audit: type=1326 audit(547.674:14222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15759 comm="syz.3.2750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  566.680148][   T10] IPVS: starting estimator thread 0...
[  566.799507][T15765] IPVS: using max 28 ests per chain, 67200 per kthread
[  567.483685][   T64] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  567.667065][   T64] usb 6-1: Using ep0 maxpacket: 16
[  567.670887][   T64] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  567.675038][   T64] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  567.680400][   T64] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  567.684447][   T64] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  567.687323][   T64] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.692075][   T64] usb 6-1: config 0 descriptor??
[  567.746181][T15784] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2759'.
[  567.923079][T15787] netlink: 'syz.0.2760': attribute type 10 has an invalid length.
[  567.926261][T15787] FAULT_INJECTION: forcing a failure.
[  567.926261][T15787] name failslab, interval 1, probability 0, space 0, times 0
[  567.930178][T15787] CPU: 3 UID: 0 PID: 15787 Comm: syz.0.2760 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  567.930195][T15787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  567.930202][T15787] Call Trace:
[  567.930207][T15787]  <TASK>
[  567.930212][T15787]  dump_stack_lvl+0x16c/0x1f0
[  567.930245][T15787]  should_fail_ex+0x512/0x640
[  567.930261][T15787]  should_failslab+0xc2/0x120
[  567.930272][T15787]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  567.930291][T15787]  ? __alloc_skb+0x2b2/0x380
[  567.930307][T15787]  __alloc_skb+0x2b2/0x380
[  567.930320][T15787]  ? __pfx___alloc_skb+0x10/0x10
[  567.930335][T15787]  ? if_nlmsg_size+0x475/0xaf0
[  567.930352][T15787]  rtmsg_ifinfo_build_skb+0x81/0x280
[  567.930371][T15787]  rtmsg_ifinfo+0x9f/0x1a0
[  567.930390][T15787]  __dev_notify_flags+0x24c/0x2e0
[  567.930405][T15787]  ? __pfx___dev_notify_flags+0x10/0x10
[  567.930417][T15787]  ? __dev_change_flags+0x3d5/0x720
[  567.930432][T15787]  ? __pfx___dev_change_flags+0x10/0x10
[  567.930448][T15787]  ? __pfx_validate_linkmsg+0x10/0x10
[  567.930463][T15787]  netif_change_flags+0x108/0x160
[  567.930479][T15787]  do_setlink.constprop.0+0xddf/0x44b0
[  567.930497][T15787]  ? __lock_acquire+0xaa4/0x1ba0
[  567.930514][T15787]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  567.930533][T15787]  ? __mutex_trylock_common+0xe9/0x250
[  567.930545][T15787]  ? __pfx___mutex_trylock_common+0x10/0x10
[  567.930556][T15787]  ? __pfx___might_resched+0x10/0x10
[  567.930573][T15787]  ? rcu_is_watching+0x12/0xc0
[  567.930586][T15787]  ? trace_contention_end+0xdd/0x130
[  567.930597][T15787]  ? __mutex_lock+0x1ca/0xb90
[  567.930613][T15787]  ? rcu_is_watching+0x12/0xc0
[  567.930625][T15787]  ? rtnl_newlink+0x600/0x2000
[  567.930639][T15787]  ? trace_cap_capable+0x18d/0x200
[  567.930650][T15787]  ? __pfx___mutex_lock+0x10/0x10
[  567.930666][T15787]  ? apparmor_capable+0x114/0x1d0
[  567.930682][T15787]  ? netlink_ns_capable+0xfa/0x130
[  567.930699][T15787]  rtnl_newlink+0x1446/0x2000
[  567.930718][T15787]  ? __pfx_rtnl_newlink+0x10/0x10
[  567.930734][T15787]  ? kasan_quarantine_put+0x10a/0x240
[  567.930749][T15787]  ? lockdep_hardirqs_on+0x7c/0x110
[  567.930766][T15787]  ? kfree_skbmem+0x1a4/0x1f0
[  567.930778][T15787]  ? __lock_acquire+0x5ca/0x1ba0
[  567.930796][T15787]  ? rcu_is_watching+0x12/0xc0
[  567.930809][T15787]  ? trace_cap_capable+0x18d/0x200
[  567.930823][T15787]  ? find_held_lock+0x2b/0x80
[  567.930841][T15787]  ? __pfx_rtnl_newlink+0x10/0x10
[  567.930855][T15787]  ? __pfx_rtnl_newlink+0x10/0x10
[  567.930868][T15787]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  567.930884][T15787]  ? __pfx_rtnl_newlink+0x10/0x10
[  567.930899][T15787]  rtnetlink_rcv_msg+0x95b/0xe90
[  567.930915][T15787]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  567.930937][T15787]  netlink_rcv_skb+0x16a/0x440
[  567.930953][T15787]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  567.930968][T15787]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  567.930991][T15787]  ? netlink_deliver_tap+0x1ae/0xd30
[  567.931009][T15787]  netlink_unicast+0x53a/0x7f0
[  567.931026][T15787]  ? __pfx_netlink_unicast+0x10/0x10
[  567.931046][T15787]  netlink_sendmsg+0x8d1/0xdd0
[  567.931064][T15787]  ? __pfx_netlink_sendmsg+0x10/0x10
[  567.931081][T15787]  ? __import_iovec+0x1c8/0x660
[  567.931098][T15787]  ____sys_sendmsg+0xa95/0xc70
[  567.931110][T15787]  ? __pfx_____sys_sendmsg+0x10/0x10
[  567.931120][T15787]  ? get_compat_msghdr+0x11a/0x170
[  567.931139][T15787]  ___sys_sendmsg+0x134/0x1d0
[  567.931154][T15787]  ? __pfx____sys_sendmsg+0x10/0x10
[  567.931186][T15787]  __sys_sendmsg+0x16d/0x220
[  567.931200][T15787]  ? __pfx___sys_sendmsg+0x10/0x10
[  567.931218][T15787]  ? rcu_is_watching+0x12/0xc0
[  567.931232][T15787]  ? rcu_is_watching+0x12/0xc0
[  567.931247][T15787]  __do_fast_syscall_32+0x73/0x120
[  567.931264][T15787]  do_fast_syscall_32+0x32/0x80
[  567.931280][T15787]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  567.931294][T15787] RIP: 0023:0xf7f48579
[  567.931303][T15787] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  567.931314][T15787] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  567.931325][T15787] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  567.931332][T15787] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  567.931337][T15787] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  567.931343][T15787] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  567.931349][T15787] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  567.931362][T15787]  </TASK>
[  568.070140][    C3] vkms_vblank_simulate: vblank timer overrun
[  568.077562][T15787] 8021q: adding VLAN 0 to HW filter on device batadv0
[  568.081216][T15787] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  568.129388][   T64] input: HID 0955:7214 Haptics as /devices/virtual/input/input122
[  568.155272][   T64] shield 0003:0955:7214.0016: Registered Thunderstrike controller
[  568.158864][   T64] shield 0003:0955:7214.0016: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[  568.384122][T15793] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2761'.
[  568.390280][T14795] shield 0003:0955:7214.0016: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  568.393921][   T64] usb 6-1: USB disconnect, device number 29
[  568.396875][T14795] shield 0003:0955:7214.0016: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  568.404498][T14795] shield 0003:0955:7214.0016: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  568.409602][T14795] shield 0003:0955:7214.0016: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  569.447843][T15817] syz_tun: entered allmulticast mode
[  569.461105][T15817] lo: entered allmulticast mode
[  569.478102][T15816] syz_tun: left allmulticast mode
[  569.479738][T15816] lo: left allmulticast mode
[  570.221623][   T68] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  570.226075][   T68] Bluetooth: hci0: Injecting HCI hardware error event
[  570.230938][   T68] Bluetooth: hci0: hardware error 0x00
[  570.525458][T15838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2774'.
[  570.874322][T15851] FAULT_INJECTION: forcing a failure.
[  570.874322][T15851] name failslab, interval 1, probability 0, space 0, times 0
[  570.878498][T15851] CPU: 3 UID: 0 PID: 15851 Comm: syz.3.2778 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  570.878514][T15851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  570.878522][T15851] Call Trace:
[  570.878527][T15851]  <TASK>
[  570.878533][T15851]  dump_stack_lvl+0x16c/0x1f0
[  570.878554][T15851]  should_fail_ex+0x512/0x640
[  570.878567][T15851]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  570.878585][T15851]  should_failslab+0xc2/0x120
[  570.878597][T15851]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  570.878614][T15851]  ? __alloc_skb+0x2b2/0x380
[  570.878630][T15851]  __alloc_skb+0x2b2/0x380
[  570.878643][T15851]  ? __pfx___alloc_skb+0x10/0x10
[  570.878658][T15851]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  570.878678][T15851]  netlink_alloc_large_skb+0x69/0x130
[  570.878695][T15851]  netlink_sendmsg+0x6a1/0xdd0
[  570.878712][T15851]  ? __pfx_netlink_sendmsg+0x10/0x10
[  570.878729][T15851]  ? __import_iovec+0x1c8/0x660
[  570.878746][T15851]  ____sys_sendmsg+0xa95/0xc70
[  570.878758][T15851]  ? __pfx_____sys_sendmsg+0x10/0x10
[  570.878767][T15851]  ? get_compat_msghdr+0x11a/0x170
[  570.878787][T15851]  ___sys_sendmsg+0x134/0x1d0
[  570.878803][T15851]  ? __pfx____sys_sendmsg+0x10/0x10
[  570.878837][T15851]  __sys_sendmsg+0x16d/0x220
[  570.878851][T15851]  ? __pfx___sys_sendmsg+0x10/0x10
[  570.878871][T15851]  ? rcu_is_watching+0x12/0xc0
[  570.878886][T15851]  __do_fast_syscall_32+0x73/0x120
[  570.878904][T15851]  do_fast_syscall_32+0x32/0x80
[  570.878920][T15851]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  570.878935][T15851] RIP: 0023:0xf7f01579
[  570.878944][T15851] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  570.878955][T15851] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  570.878967][T15851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  570.878973][T15851] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  570.878980][T15851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  570.878986][T15851] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  570.878993][T15851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  570.879005][T15851]  </TASK>
[  570.977026][    C3] vkms_vblank_simulate: vblank timer overrun
[  571.208483][T15855] "syz.3.2780" (15855) uses obsolete ecb(arc4) skcipher
[  572.445945][   T68] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  572.736292][ T5960] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  572.741867][ T5960] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  572.746504][ T5960] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  572.751657][ T5960] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  572.755072][ T5960] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  572.823937][T15893] lo speed is unknown, defaulting to 1000
[  572.930211][T15893] chnl_net:caif_netlink_parms(): no params data found
[  573.023463][T15893] bridge0: port 1(bridge_slave_0) entered blocking state
[  573.025864][T15893] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.028978][T15893] bridge_slave_0: entered allmulticast mode
[  573.032076][T15893] bridge_slave_0: entered promiscuous mode
[  573.036380][T15893] bridge0: port 2(bridge_slave_1) entered blocking state
[  573.038797][T15893] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.041247][T15893] bridge_slave_1: entered allmulticast mode
[  573.044309][T15893] bridge_slave_1: entered promiscuous mode
[  573.083737][T15893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  573.090897][T15893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  573.163606][T15893] team0: Port device team_slave_0 added
[  573.173428][T15893] team0: Port device team_slave_1 added
[  573.210441][T15893] batman_adv: batadv0: Adding interface: batadv_slave_0
[  573.212733][T15893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  573.222891][T15893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  573.229054][T15893] batman_adv: batadv0: Adding interface: batadv_slave_1
[  573.231683][T15893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  573.241974][T15893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  573.310702][T15893] hsr_slave_0: entered promiscuous mode
[  573.313156][T15893] hsr_slave_1: entered promiscuous mode
[  573.315305][T15893] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  573.317873][T15893] Cannot create hsr debugfs directory
[  573.471456][T15893] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  573.486707][T15893] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  573.492375][T15893] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  573.497484][T15893] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  573.545765][T15893] 8021q: adding VLAN 0 to HW filter on device bond0
[  573.588590][T15893] 8021q: adding VLAN 0 to HW filter on device team0
[  573.604915][ T6575] bridge0: port 1(bridge_slave_0) entered blocking state
[  573.607165][ T6575] bridge0: port 1(bridge_slave_0) entered forwarding state
[  573.614375][T14536] bridge0: port 2(bridge_slave_1) entered blocking state
[  573.616651][T14536] bridge0: port 2(bridge_slave_1) entered forwarding state
[  573.884555][T15893] 8021q: adding VLAN 0 to HW filter on device batadv0
[  574.345752][T15893] veth0_vlan: entered promiscuous mode
[  574.367623][T15893] veth1_vlan: entered promiscuous mode
[  574.405719][T15893] veth0_macvtap: entered promiscuous mode
[  574.418622][T15893] veth1_macvtap: entered promiscuous mode
[  574.453077][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  574.457226][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.461139][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  574.465414][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.470206][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  574.474320][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.478281][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  574.482419][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.489778][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  574.489797][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.490736][T15893] batman_adv: batadv0: Interface activated: batadv_slave_0
[  574.494867][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  574.494881][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.494888][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  574.494895][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.494901][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  574.494909][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.494914][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  574.494922][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.494928][T15893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  574.494935][T15893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.495883][T15893] batman_adv: batadv0: Interface activated: batadv_slave_1
[  574.498803][T15893] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  574.553282][T15893] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  574.556591][T15893] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  574.559753][T15893] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  574.627459][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  574.629974][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  574.673237][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  574.676671][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  575.013274][   T68] Bluetooth: hci2: command tx timeout
[  575.374276][ T6009] IPVS: starting estimator thread 0...
[  575.493536][T15956] IPVS: using max 46 ests per chain, 110400 per kthread
[  576.997546][T16005] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2819'.
[  577.236726][   T68] Bluetooth: hci2: command tx timeout
[  577.510773][   T40] audit: type=1326 audit(557.857:14223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16011 comm="syz.4.2821" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x0
[  577.884974][T16020] FAULT_INJECTION: forcing a failure.
[  577.884974][T16020] name failslab, interval 1, probability 0, space 0, times 0
[  577.891548][T16020] CPU: 2 UID: 0 PID: 16020 Comm: syz.0.2823 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  577.891576][T16020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  577.891587][T16020] Call Trace:
[  577.891595][T16020]  <TASK>
[  577.891603][T16020]  dump_stack_lvl+0x16c/0x1f0
[  577.891632][T16020]  should_fail_ex+0x512/0x640
[  577.891652][T16020]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  577.891682][T16020]  should_failslab+0xc2/0x120
[  577.891700][T16020]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  577.891725][T16020]  ? __alloc_skb+0x2b2/0x380
[  577.891747][T16020]  ? bpf_lsm_capable+0x9/0x10
[  577.891775][T16020]  __alloc_skb+0x2b2/0x380
[  577.891796][T16020]  ? __pfx___alloc_skb+0x10/0x10
[  577.891823][T16020]  ? genl_rcv_msg+0x540/0x800
[  577.891839][T16020]  ? genl_rcv_msg+0x4bb/0x800
[  577.891863][T16020]  netlink_ack+0x15d/0xb80
[  577.891888][T16020]  ? __lock_acquire+0xaa4/0x1ba0
[  577.891922][T16020]  netlink_rcv_skb+0x347/0x440
[  577.891946][T16020]  ? __pfx_genl_rcv_msg+0x10/0x10
[  577.891963][T16020]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  577.892000][T16020]  ? __pfx_down_read+0x10/0x10
[  577.892018][T16020]  ? netlink_deliver_tap+0x1ae/0xd30
[  577.892045][T16020]  genl_rcv+0x28/0x40
[  577.892069][T16020]  netlink_unicast+0x53a/0x7f0
[  577.892098][T16020]  ? __pfx_netlink_unicast+0x10/0x10
[  577.892129][T16020]  netlink_sendmsg+0x8d1/0xdd0
[  577.892185][T16020]  ? __pfx_netlink_sendmsg+0x10/0x10
[  577.892214][T16020]  ? __import_iovec+0x1c8/0x660
[  577.892242][T16020]  ____sys_sendmsg+0xa95/0xc70
[  577.892262][T16020]  ? __pfx_____sys_sendmsg+0x10/0x10
[  577.892277][T16020]  ? get_compat_msghdr+0x11a/0x170
[  577.892306][T16020]  ___sys_sendmsg+0x134/0x1d0
[  577.892327][T16020]  ? __pfx____sys_sendmsg+0x10/0x10
[  577.892381][T16020]  __sys_sendmsg+0x16d/0x220
[  577.892404][T16020]  ? __pfx___sys_sendmsg+0x10/0x10
[  577.892435][T16020]  ? rcu_is_watching+0x12/0xc0
[  577.892460][T16020]  __do_fast_syscall_32+0x73/0x120
[  577.892486][T16020]  do_fast_syscall_32+0x32/0x80
[  577.892509][T16020]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  577.892528][T16020] RIP: 0023:0xf7f48579
[  577.892542][T16020] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  577.892558][T16020] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  577.892574][T16020] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  577.892584][T16020] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  577.892594][T16020] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  577.892604][T16020] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  577.892613][T16020] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  577.892636][T16020]  </TASK>
[  578.007592][    C2] vkms_vblank_simulate: vblank timer overrun
[  578.049710][   T40] audit: type=1800 audit(558.353:14224): pid=16022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2825" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  579.478965][   T68] Bluetooth: hci2: command tx timeout
[  579.754998][T16066] bridge_slave_0: left allmulticast mode
[  579.758798][T16066] bridge_slave_0: left promiscuous mode
[  579.761656][T16066] bridge0: port 1(bridge_slave_0) entered disabled state
[  579.813662][T16066] bridge_slave_1: left allmulticast mode
[  579.821273][T16066] bridge_slave_1: left promiscuous mode
[  579.826769][T16066] bridge0: port 2(bridge_slave_1) entered disabled state
[  579.856194][T16066] bond0: (slave bond_slave_0): Releasing backup interface
[  579.888128][T16066] bond0: (slave bond_slave_1): Releasing backup interface
[  579.953923][T16066] team0: Port device team_slave_0 removed
[  580.010161][T16066] team0: Port device team_slave_1 removed
[  580.013652][T16066] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  580.022782][T16066] batman_adv: batadv0: Removing interface: batadv_slave_0
[  580.029889][T16066] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  580.033700][T16066] batman_adv: batadv0: Removing interface: batadv_slave_1
[  580.043655][T16067] team0: Mode changed to "broadcast"
[  580.272655][T16071] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  581.126246][T16087] nfs: Unknown parameter '/dev/kvm'
[  581.686626][   T68] Bluetooth: hci2: command tx timeout
[  581.970008][T16098] fuse: Bad value for 'fd'
[  582.274685][T16101] geneve1: entered promiscuous mode
[  584.863564][T14536] Bluetooth: hci4: Frame reassembly failed (-84)
[  585.411063][T16147] netlink: 'syz.0.2859': attribute type 10 has an invalid length.
[  585.596908][T16150] fuse: Unknown parameter 'group_i00000000000000000000'
[  586.937634][T16159] FAULT_INJECTION: forcing a failure.
[  586.937634][T16159] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  586.942034][T16159] CPU: 3 UID: 0 PID: 16159 Comm: syz.0.2862 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  586.942051][T16159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  586.942059][T16159] Call Trace:
[  586.942064][T16159]  <TASK>
[  586.942070][T16159]  dump_stack_lvl+0x16c/0x1f0
[  586.942093][T16159]  should_fail_ex+0x512/0x640
[  586.942115][T16159]  _copy_to_user+0x32/0xd0
[  586.942136][T16159]  simple_read_from_buffer+0xcb/0x170
[  586.942160][T16159]  proc_fail_nth_read+0x197/0x270
[  586.942183][T16159]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  586.942220][T16159]  ? rw_verify_area+0xcf/0x680
[  586.942233][T16159]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  586.942248][T16159]  vfs_read+0x1de/0xc70
[  586.942265][T16159]  ? __pfx___mutex_lock+0x10/0x10
[  586.942282][T16159]  ? __pfx_vfs_read+0x10/0x10
[  586.942300][T16159]  ? __fget_files+0x20e/0x3c0
[  586.942320][T16159]  ksys_read+0x12a/0x240
[  586.942335][T16159]  ? __pfx_ksys_read+0x10/0x10
[  586.942348][T16159]  ? rcu_is_watching+0x12/0xc0
[  586.942365][T16159]  ? rcu_is_watching+0x12/0xc0
[  586.942379][T16159]  __do_fast_syscall_32+0x73/0x120
[  586.942397][T16159]  do_fast_syscall_32+0x32/0x80
[  586.942413][T16159]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  586.942427][T16159] RIP: 0023:0xf7f48579
[  586.942437][T16159] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  586.942448][T16159] RSP: 002b:00000000f5066590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  586.942460][T16159] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5066620
[  586.942468][T16159] RDX: 000000000000000f RSI: 00000000f73d2ff4 RDI: 0000000000000000
[  586.942474][T16159] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  586.942481][T16159] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  586.942490][T16159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  586.942510][T16159]  </TASK>
[  587.075186][ T5960] Bluetooth: hci4: command 0x1003 tx timeout
[  587.078587][   T68] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  587.235072][T16171] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2865'.
[  587.320828][T16176] dlm: non-version read from control device 36
[  588.602838][T16199] lo speed is unknown, defaulting to 1000
[  588.920884][T16205] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  589.366098][T16211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2876'.
[  589.377569][T16211] libceph: resolve '
[  589.377569][T16211] -&���f�Y�ǝ�a���2i�
[  589.377569][T16211] .���?��&�*��&' (ret=-3): failed
[  589.383271][T16214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2876'.
[  589.383284][T16213] libceph: resolve '
[  589.383284][T16213] -&���f�Y�ǝ�a���2i�
[  589.383284][T16213] .���?��&�*��&' (ret=-3): failed
[  589.536984][T16219] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2878'.
[  589.554232][T16219] lo speed is unknown, defaulting to 1000
[  591.080954][T16234] bridge0: port 1(vlan2) entered blocking state
[  591.083174][T16234] bridge0: port 1(vlan2) entered disabled state
[  591.085826][T16234] vlan2: entered allmulticast mode
[  591.087615][T16234] bridge0: entered allmulticast mode
[  591.090646][T16234] vlan2: left allmulticast mode
[  591.092301][T16234] bridge0: left allmulticast mode
[  592.055723][ T6581] Bluetooth: hci4: Frame reassembly failed (-84)
[  592.061507][ T6581] Bluetooth: hci4: Frame reassembly failed (-84)
[  592.064284][ T1234] Bluetooth: hci4: Frame reassembly failed (-84)
[  592.897034][ T1136] Bluetooth: hci6: Frame reassembly failed (-84)
[  594.261776][ T5968] Bluetooth: hci4: command 0x1003 tx timeout
[  594.262050][   T68] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  594.779298][T16303] fuse: Unknown parameter 'group_id00000000000000000000'
[  595.042563][ T5960] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  596.467629][T16330] FAULT_INJECTION: forcing a failure.
[  596.467629][T16330] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  596.471952][T16330] CPU: 1 UID: 0 PID: 16330 Comm: syz.2.2905 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  596.471980][T16330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  596.472005][T16330] Call Trace:
[  596.472012][T16330]  <TASK>
[  596.472017][T16330]  dump_stack_lvl+0x16c/0x1f0
[  596.472043][T16330]  should_fail_ex+0x512/0x640
[  596.472058][T16330]  _copy_from_user+0x2e/0xd0
[  596.472073][T16330]  kstrtouint_from_user+0xd6/0x1d0
[  596.472094][T16330]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  596.472114][T16330]  ? __lock_acquire+0xaa4/0x1ba0
[  596.472145][T16330]  proc_fail_nth_write+0x83/0x250
[  596.472161][T16330]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  596.472180][T16330]  vfs_write+0x25c/0x1180
[  596.472194][T16330]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  596.472211][T16330]  ? __pfx___mutex_lock+0x10/0x10
[  596.472227][T16330]  ? __pfx_vfs_write+0x10/0x10
[  596.472245][T16330]  ? __fget_files+0x20e/0x3c0
[  596.472265][T16330]  ksys_write+0x12a/0x240
[  596.472279][T16330]  ? __pfx_ksys_write+0x10/0x10
[  596.472295][T16330]  ? rcu_is_watching+0x12/0xc0
[  596.472310][T16330]  __do_fast_syscall_32+0x73/0x120
[  596.472328][T16330]  do_fast_syscall_32+0x32/0x80
[  596.472344][T16330]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  596.472358][T16330] RIP: 0023:0xf7f21579
[  596.472368][T16330] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  596.472379][T16330] RSP: 002b:00000000f5004590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  596.472390][T16330] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5004620
[  596.472397][T16330] RDX: 0000000000000001 RSI: 00000000f73b2ff4 RDI: 0000000000000000
[  596.472403][T16330] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  596.472409][T16330] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  596.472415][T16330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  596.472433][T16330]  </TASK>
[  598.782083][T16350] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2907'.
[  599.754065][T16422] program syz.1.2927 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  600.547198][T16472] netlink: 'syz.4.2933': attribute type 1 has an invalid length.
[  600.552568][T16472] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2933'.
[  600.852073][T16493] 
[  600.852860][T16493] ======================================================
[  600.855035][T16493] WARNING: possible circular locking dependency detected
[  600.857189][T16493] 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 Not tainted
[  600.860524][T16493] ------------------------------------------------------
[  600.863452][T16493] syz.4.2937/16493 is trying to acquire lock:
[  600.865812][T16493] ffff888056240aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x2d/0x9f0
[  600.869808][T16493] 
[  600.869808][T16493] but task is already holding lock:
[  600.872595][T16493] ffff888056240258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x47/0x520
[  600.875974][T16493] 
[  600.875974][T16493] which lock already depends on the new lock.
[  600.875974][T16493] 
[  600.879901][T16493] 
[  600.879901][T16493] the existing dependency chain (in reverse order) is:
[  600.882992][T16493] 
[  600.882992][T16493] -> #2 (sk_lock-AF_INET){+.+.}-{0:0}:
[  600.885965][T16493]        lock_sock_nested+0x41/0xf0
[  600.888159][T16493]        sockopt_lock_sock+0x54/0x70
[  600.890251][T16493]        do_ip_setsockopt+0xfe/0x3240
[  600.892297][T16493]        ip_setsockopt+0x59/0xf0
[  600.894217][T16493]        tcp_setsockopt+0xa4/0x100
[  600.896155][T16493]        do_sock_setsockopt+0x221/0x470
[  600.898318][T16493]        __sys_setsockopt+0x1a0/0x230
[  600.900289][T16493]        __ia32_sys_setsockopt+0xbc/0x160
[  600.902470][T16493]        __do_fast_syscall_32+0x73/0x120
[  600.904679][T16493]        do_fast_syscall_32+0x32/0x80
[  600.906739][T16493]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  600.909376][T16493] 
[  600.909376][T16493] -> #1 (rtnl_mutex){+.+.}-{4:4}:
[  600.912175][T16493]        __mutex_lock+0x199/0xb90
[  600.914042][T16493]        start_sync_thread+0x120/0x28b0
[  600.915841][T16493]        do_ip_vs_set_ctl+0x451/0x11d0
[  600.917581][T16493]        nf_setsockopt+0x8a/0xf0
[  600.919167][T16493]        ip_setsockopt+0xcb/0xf0
[  600.920706][T16493]        tcp_setsockopt+0xa4/0x100
[  600.922605][T16493]        smc_setsockopt+0x1b3/0xa00
[  600.924690][T16493]        do_sock_setsockopt+0x221/0x470
[  600.926864][T16493]        __sys_setsockopt+0x1a0/0x230
[  600.928928][T16493]        __ia32_sys_setsockopt+0xbc/0x160
[  600.931102][T16493]        __do_fast_syscall_32+0x73/0x120
[  600.933266][T16493]        do_fast_syscall_32+0x32/0x80
[  600.934894][T16493]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  600.937046][T16493] 
[  600.937046][T16493] -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  600.939875][T16493]        __lock_acquire+0x1173/0x1ba0
[  600.941690][T16493]        lock_acquire+0x179/0x350
[  600.943400][T16493]        __mutex_lock+0x199/0xb90
[  600.945113][T16493]        smc_switch_to_fallback+0x2d/0x9f0
[  600.946918][T16493]        smc_sendmsg+0x13d/0x520
[  600.948507][T16493]        __sys_sendto+0x495/0x510
[  600.950063][T16493]        __ia32_sys_sendto+0xdd/0x1b0
[  600.951721][T16493]        __do_fast_syscall_32+0x73/0x120
[  600.953496][T16493]        do_fast_syscall_32+0x32/0x80
[  600.955214][T16493]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  600.957324][T16493] 
[  600.957324][T16493] other info that might help us debug this:
[  600.957324][T16493] 
[  600.960386][T16493] Chain exists of:
[  600.960386][T16493]   &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET
[  600.960386][T16493] 
[  600.964535][T16493]  Possible unsafe locking scenario:
[  600.964535][T16493] 
[  600.966848][T16493]        CPU0                    CPU1
[  600.968515][T16493]        ----                    ----
[  600.970162][T16493]   lock(sk_lock-AF_INET);
[  600.971527][T16493]                                lock(rtnl_mutex);
[  600.973531][T16493]                                lock(sk_lock-AF_INET);
[  600.975644][T16493]   lock(&smc->clcsock_release_lock);
[  600.977380][T16493] 
[  600.977380][T16493]  *** DEADLOCK ***
[  600.977380][T16493] 
[  600.979880][T16493] 1 lock held by syz.4.2937/16493:
[  600.981548][T16493]  #0: ffff888056240258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x47/0x520
[  600.984602][T16493] 
[  600.984602][T16493] stack backtrace:
[  600.986550][T16493] CPU: 2 UID: 0 PID: 16493 Comm: syz.4.2937 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  600.986569][T16493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  600.986578][T16493] Call Trace:
[  600.986585][T16493]  <TASK>
[  600.986591][T16493]  dump_stack_lvl+0x116/0x1f0
[  600.986613][T16493]  print_circular_bug+0x275/0x350
[  600.986633][T16493]  check_noncircular+0x14c/0x170
[  600.986654][T16493]  __lock_acquire+0x1173/0x1ba0
[  600.986676][T16493]  lock_acquire+0x179/0x350
[  600.986688][T16493]  ? smc_switch_to_fallback+0x2d/0x9f0
[  600.986700][T16493]  ? __pfx___might_resched+0x10/0x10
[  600.986717][T16493]  ? register_lock_class+0x41/0x4c0
[  600.986728][T16493]  __mutex_lock+0x199/0xb90
[  600.986745][T16493]  ? smc_switch_to_fallback+0x2d/0x9f0
[  600.986756][T16493]  ? __lock_acquire+0xaa4/0x1ba0
[  600.986773][T16493]  ? smc_switch_to_fallback+0x2d/0x9f0
[  600.986784][T16493]  ? __pfx___mutex_lock+0x10/0x10
[  600.986801][T16493]  ? do_raw_spin_lock+0x12c/0x2b0
[  600.986814][T16493]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  600.986828][T16493]  ? smc_switch_to_fallback+0x2d/0x9f0
[  600.986839][T16493]  ? __local_bh_enable_ip+0xa4/0x120
[  600.986853][T16493]  smc_switch_to_fallback+0x2d/0x9f0
[  600.986865][T16493]  smc_sendmsg+0x13d/0x520
[  600.986877][T16493]  __sys_sendto+0x495/0x510
[  600.986891][T16493]  ? __pfx___sys_sendto+0x10/0x10
[  600.986905][T16493]  ? __sys_bind+0x176/0x260
[  600.986919][T16493]  ? xfd_validate_state+0x5d/0x180
[  600.986932][T16493]  ? rcu_is_watching+0x12/0xc0
[  600.986946][T16493]  __ia32_sys_sendto+0xdd/0x1b0
[  600.986959][T16493]  ? lockdep_hardirqs_on+0x7c/0x110
[  600.986974][T16493]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  600.986991][T16493]  __do_fast_syscall_32+0x73/0x120
[  600.987009][T16493]  do_fast_syscall_32+0x32/0x80
[  600.987025][T16493]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  600.987039][T16493] RIP: 0023:0xf7ff5579
[  600.987049][T16493] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  600.987061][T16493] RSP: 002b:00000000f50d455c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  600.987072][T16493] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000000
[  600.987079][T16493] RDX: 0000000000000000 RSI: 00000000200007fd RDI: 0000000080e68000
[  600.987086][T16493] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  600.987092][T16493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  600.987099][T16493] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  600.987109][T16493]  </TASK>
[  601.093651][T16493] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)

VM DIAGNOSIS:
22:29:48  Registers:
info registers vcpu 0

CPU#0
RAX=0000016d066a1548 RBX=ffff88802b2235c0 RCX=00000000000006e0 RDX=000000000000016d
RSI=ffff88802b2235c0 RDI=000000000003012d RBP=000000000003012d RSP=ffffc90000007ec8
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=ffffc90000007ff8
R12=0000000000000000 R13=0000000000000000 R14=0000000000000019 R15=ffff88802b227840
RIP=ffffffff81675415 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000507d4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=ffff8880133b1aa0 RCX=ffffffff897e79c2 RDX=1ffff11002676355
RSI=0000000000000000 RDI=000000000001c9c3 RBP=ffff88806b16fb00 RSP=ffffc90000590b70
R8 =0000000000000006 R9 =000000000001c9c3 R10=0000000000000000 R11=ffffffff9ace6858
R12=000000000001c9c3 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81bb3770 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880978b9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008001d000 CR3=00000000507d4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854bc9a5 RDI=ffffffff9ae12b40 RBP=ffffffff9ae12b00 RSP=ffffc900039ef478
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ae12b00 R15=ffffffff854bc940
RIP=ffffffff854bc9cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880979b9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080e68000 CR3=00000000507d4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000805fac RBX=0000000000000003 RCX=ffffffff8b702439 RDX=ffffed10056a65be
RSI=ffffffff8bf45080 RDI=ffffffff8191a751 RBP=ffffed1003b5a000 RSP=ffffc9000048fdf8
R8 =0000000000000000 R9 =ffffed10056a65bd R10=ffff88802b532deb R11=0000000000000001
R12=0000000000000003 R13=ffff88801dad0000 R14=ffffffff90868010 R15=0000000000000000
RIP=ffffffff8b700ccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ab9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ff859000 CR3=0000000068e4c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000