last executing test programs:

4.966764847s ago: executing program 2 (id=1781):
r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, &(0x7f00000001c0)="8f951c30c0aeb66f9d41efab96a82f5e5b663d64b19cb9b2fa287e8db3db622b3537918be517d47afe802281d83595ad563ed101f0f3330b031b106c5619f54b5b7b1928ff6443e3", 0x48)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0xfffffc}, 0x10)
write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000901000a000000034000030000000008001d0001000000", 0x24)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x48c})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r4 = userfaultfd(0x80001)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81e8943c, &(0x7f0000000240)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r5=>0x0})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r2, 0xc400941d, &(0x7f00000004c0)={<r6=>0x0, 0xe, 0x9, 0x1})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r1, 0x5000943f, &(0x7f00000008c0)={{r4}, r5, 0x0, @inherit={0x50, &(0x7f00000018c0)={0x1, 0x1, 0x5, 0x0, {0x22, 0x9, 0x3, 0x800000000002, 0x6}, [0x9]}}, @devid=r6})
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa07, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})
ioctl$EVIOCSKEYCODE_V2(r0, 0x80104592, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x0, "00207d2000000000201b14700c1e0ac74f000000001280000000000900"})

4.955868167s ago: executing program 2 (id=1782):
socket$inet_dccp(0x2, 0x6, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
syz_open_dev$video4linux(&(0x7f0000000040), 0x8895, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
userfaultfd(0x1)
socket$nl_route(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$sndpcmc(&(0x7f0000000200), 0x1, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x5000000}, 0x0, &(0x7f0000000380)={0x3ff}, 0x0, 0x0)

4.856975758s ago: executing program 2 (id=1783):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="000100001a0001000000000000000000fe880000000000000000000000000001ffffffff00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000662b0000002001000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000014000e00ff010000000000000000000000000001"], 0x100}}, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r2, 0x2283, &(0x7f0000000380)=0x3)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
clock_getres(0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c000000000000000000000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b007f000001e000000200000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000000000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000001c00000000000000000000004700000044aa00210a2101"], 0x230}, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000248053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="340000001000390400"/20, @ANYRES32=r5, @ANYBLOB="00000000000000000c002b80080004"], 0x34}}, 0x0)
read$FUSE(r3, &(0x7f0000000440)={0x2020}, 0x2020)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000005100000008000300", @ANYRES32=r8, @ANYBLOB="0a00060008021100000100ff05008a0003"], 0x30}}, 0x0)
r9 = fcntl$dupfd(r2, 0x0, r2)
write$sndseq(r9, &(0x7f0000000100)=[{0x0, 0x0, 0x0, 0x0, @time={0x0, 0x95}}, {0x0, 0x0, 0x0, 0x0, @time}], 0x38)
r10 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r10, 0xc0405602, &(0x7f0000000040)={0x4f, 0xa, 0x0, "3258c546dacccfae1e008faa00000000f4ff4000"})
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374"], 0x78}, 0x1, 0x0, 0x0, 0x810}, 0x40095)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r11}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

4.774630611s ago: executing program 2 (id=1784):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=<r1=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB='8', @ANYRESHEX=r0, @ANYRESDEC=r1], 0x38}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000180)=ANY=[], 0x118)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x4)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, 0x0)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000000c0)=0x2, 0x4)
r5 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13f10}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x6})
r8 = eventfd(0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r5, 0x7, &(0x7f0000000380)=r8, 0x1)
io_uring_enter(r5, 0x54, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0xa0}, [@ldst={0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="cea2bb3188ff8552df2502000000ca553ebac6492769529aaa2e4a8c5f85860f83f678acb56f6631d3a3865656784fd848117ace804451017ecebcb24e9c3778d03ac68d9e1b26f760a9f93c7da1cdddbe2bea713cd5f01475e469f4fba17a6f3cd14ea6a4b501c2"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x20040081)
sendmsg$NL80211_CMD_FRAME(r12, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r11, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r10, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

4.644731298s ago: executing program 2 (id=1785):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x80, &(0x7f0000000000)="0000001809000000", 0x8)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
socket$tipc(0x1e, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x0, 0x0)
fanotify_mark(r3, 0x105, 0x40001032, r2, 0x0)
r4 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
write$FUSE_INTERRUPT(r4, &(0x7f0000000180)={0x10}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'veth0_vlan\x00', @random="010000201000"})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = io_uring_setup(0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b36"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x3, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x5, 0x35}}, &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r7, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x12c4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x0, &(0x7f0000000040), 0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
recvmsg$can_bcm(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000080)=""/137, 0x89}, {&(0x7f0000000180)=""/106, 0x6a}, {&(0x7f0000000240)=""/13, 0xd}, {&(0x7f0000000300)=""/193, 0xc1}, {&(0x7f0000000400)=""/170, 0xaa}, {&(0x7f00000004c0)=""/202, 0xca}, {&(0x7f00000005c0)=""/201, 0xc9}], 0x7, &(0x7f0000000700)=""/141, 0x8d}, 0x10040)
umount2(&(0x7f0000000280)='./file0\x00', 0xe)

3.219438026s ago: executing program 3 (id=1794):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1df67, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r1, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00'})
r6 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x110, r6, 0xbd65d000)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000440)={0x0, 0x0, 0x80}, &(0x7f0000000380)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
creat(&(0x7f0000000040)='./file0\x00', 0x0)
io_uring_enter(r7, 0x3f70, 0x0, 0x0, 0x0, 0x0)

3.036073297s ago: executing program 0 (id=1795):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1df67, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r1, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00'})
r6 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x110, r6, 0xbd65d000)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000440)={0x0, 0x0, 0x80}, &(0x7f0000000380)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
creat(&(0x7f0000000040)='./file0\x00', 0x0)
io_uring_enter(r7, 0x3f70, 0x0, 0x0, 0x0, 0x0)

2.376372976s ago: executing program 1 (id=1797):
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(0x0, 0x5fe0e4ae585b90bb)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x78)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="040e44000304"], 0x47)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, r1)
sendmsg$NFC_CMD_DEV_UP(r1, 0x0, 0x0)

2.326666984s ago: executing program 3 (id=1798):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r0, &(0x7f0000013c00)={0x0, 0x0, &(0x7f0000013bc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001b14010000000000000000000800030001fc0000080001000000000008003f"], 0x28}}, 0x0)
r1 = socket(0x2, 0x3, 0xa)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x89)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, 0x0, &(0x7f00000000c0))
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000240)=0x45d8, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000180)=0x5, 0x4)
r3 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = syz_open_dev$radio(0x0, 0x3, 0x2)
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc04c560f, &(0x7f0000000340)=@multiplanar_overlay={0xac66, 0x43335ad05eaf740b, 0x4, 0x2, 0x4, {0x0, 0x2710}, {0x2, 0x8, 0x5, 0x3, 0x4, 0x5, "30aeb506"}, 0x9, 0x3, {0x0}, 0xfffeffff})
r7 = syz_io_uring_setup(0x239, &(0x7f0000000540)={0x0, 0xffffffff, 0x400, 0x0, 0x2000}, &(0x7f0000000080)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r7, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1})
ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0185648, 0x0)
r10 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mount(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)='sysv\x00', 0x1005b, 0x0)
lseek(r10, 0x6, 0x1)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x2, 0x0, @multicast2}, 0x10)

2.128737544s ago: executing program 0 (id=1799):
socket(0x840000000002, 0x3, 0x100)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f913", 0x11}], 0x1}, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[], 0x34}}, 0x0) (fail_nth: 1)

1.925063385s ago: executing program 0 (id=1800):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x80801, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'macvlan0\x00'})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="3103f000edf9ffff000008000e0008000300", @ANYRES32], 0x1c}}, 0x0)
r3 = creat(0x0, 0x0)
r4 = socket(0x8000000010, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x31, &(0x7f0000000040)=0x8000, 0x4)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x6a, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004500005c0000000000119078000000000000000000004e200048907803000000000000006d4dfdeb17f7bbfe143803bec2ce783e04cd32308cdd8ddec71cb8adfce542a4bc5a026c208f1071d818fd25cf0938d0c45787e4aa384e3d0eb21ea41cc128364c"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
write(r4, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9463cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r7 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a40)=@newqdisc={0xb0, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x80, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x24, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x1ff}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x696a}]}]}]}}]}, 0xb0}}, 0x0)
r10 = socket(0x840000000002, 0x3, 0x100)
syz_emit_ethernet(0x4a, &(0x7f0000000200)=ANY=[@ANYRES8=r3, @ANYRES32=0x41424344, @ANYRES32=0x0, @ANYRES32=r0], 0x0)
r11 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
lseek(r11, 0x0, 0x0)
connect$inet(r10, &(0x7f0000000080)={0x2, 0x4e21, @loopback}, 0x10)
sendmmsg$inet(r10, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)

1.701633221s ago: executing program 1 (id=1801):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x1000000, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x3c, 0x1e, 0xa, 0x105, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc0}}, 0x0)

1.606382359s ago: executing program 1 (id=1802):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000884}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}}, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(0x0, 0x6, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = io_uring_setup(0x6db7, &(0x7f0000000180))
r2 = syz_io_uring_setup(0x353b, &(0x7f0000000100)={0x0, 0x0, 0x2}, &(0x7f0000000180), &(0x7f0000000380))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r2, 0x13, &(0x7f0000001200), 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, 0x0, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='rxrpc_local\x00', r3}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='rxrpc_local\x00', r4}, 0x10)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r5, &(0x7f0000000400)=@in6={0x21, 0x0, 0x2, 0x1c, {0x2, 0x0, 0x1100, @private1}}, 0x24)
syz_open_dev$vcsu(&(0x7f0000000300), 0x3, 0x410082)
close_range(r1, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x6, 0xcd, 0xe8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002300)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000002380), 0x806, r6}, 0x38)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000800)={r6, &(0x7f0000000a00), 0x20000000, 0x2}, 0x20)
socket(0x8, 0x3, 0x81)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r6, &(0x7f0000000080), &(0x7f0000000140)=@tcp6}, 0x1c)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140), 0x0)

1.48547565s ago: executing program 2 (id=1803):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
syz_open_pts(r0, 0x801)
ioctl$KDENABIO(0xffffffffffffffff, 0x4b36)
syz_emit_vhci(0x0, 0x21)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={<r2=>0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @private0}]}, &(0x7f0000000000)=0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>r2}, &(0x7f0000000040)=0x20)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x74, &(0x7f0000000a40)={r3, 0x0, 0x30}, &(0x7f0000000a80)=0x18)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = fsopen(&(0x7f0000000040)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000140)='source\x00\xb5\x838\x8d\xbd\xdf\xfe\x9a\xf2RM\xb6\xe0\xf9\xac\xa2\x06\x1cD\xe7C\xa5<\xd1=\x93\xf7\xf7Sn\xcb\xd5\xa7\xc9@D\x81\xff\xaar\xc8\xa9\x13\b\x9a\x8bF\v\x8a\x93F\x00\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f00000001c0)='.\n#)|.\x02\xd8\b\xb2f\xcd\x04\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112s\x88\x06\x13o\xd6w\xbf\xfa\xd5?\xa3\'\xca%\xd0\x8fKAq\x89f\xbb\x9dC\xd6\xea\xa8\xc2z\xbfe\xadSb3L)Hy\xfao\b\xa4\xb6\xff\xff\xff\xff\xff\xff\xff\xf7\xc7\xa4\xdcY\x9aM\x90\xa4\x05\xa8\xec\xf3\xa4h\x11\x19\x87E$\n://\xf3\x96\xaf\x1c8\b\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe495/\x00d\xd2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf0\xb7\x1e\xf7Ys#m\xd40\xceP\xdc\x15FI>\x01\xfa\x15\x93\x9a&\xb4):\xc7?\x8d\x8e\x02\xc6\xf61\xbd\xbcBq\xba\xc6\x8e\x89\x15UTaf\xfc\x89\xab\x19\xd7\x82\x16\x94m\x0e\xb7$\x8c\xd76K\xdc\xd1;\\QPh@$\x06F\x81\xc9\xf8\xf8H\xb2\x85\xa8Cl\xa6\xcd\xb5\xf0\xd0\x1f\'\xc30]\xad7\x1eZA7\x89\xf5\x81b\r\xc1\x7f[\x84y\xac\x12\xaa\xa2-t\x16>V\xfc\xbf\xdb\xe4\x9a\x9eE^\x90oe\xc0\xd9\xc68\x0f\xd4\xcdKC\xadp\xba\xaa\xab\'\x1cRO\x89\x17i\x88\"\x8dQI\xed\x1d\xe1v\xe6&\xd3\x14\xe92\xca\x9dBe\\\x8f\xff\x9b\xc7Sd!\xf8(Z\xd42\xa2\xcdjjBP\xae3\xbd\xec\x8a\x8f:\xeb1\x1cK\xf2\x04s\b\xcb\xa9\x17\x8529\xd7`\v\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf1\xa4C\x81\xc8iy\xc4\xf7\x7f\x90\xf80\x18jT\xd45\xde\b\x88\xc9Xw\xe9\xf4\xa4\x94Q\x03s/\xac\xd4\xb7o\x99\xf5\xdb\xf9\x99,+\b\x17\xe4\xf4r}\xda\xf5\x12\x16\xb6g\x00\'(\x02[\xef\x03\x90W% \xe6b\xa2\\\x86\xac\xdax\x997AOJ=\x1f\x00\xe1/\n\xael\x15\xcfR\v\x0e\xbc!\xe8\x1cV-`\xf0$\xa6a \x93PV\x8dm@\x9c', 0x0)

1.4539687s ago: executing program 3 (id=1804):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000000)=0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r0, @ANYRES8=r0], &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r3, 0x40043314)

1.388864828s ago: executing program 3 (id=1805):
socket$l2tp(0x2, 0x2, 0x73)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000001b40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f6fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe508185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c6be0ed9257851ed916219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c5b901dbd7387f49e0b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000053046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25132a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a068c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238e3fee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e89884cb73f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182060e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000008835196ed0c6a1c1d4c140e5ff0000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fcd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d372e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36d3cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f200d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c5100000000000000000000000000028bfaaf1dce7970ae04e33a3d130761c0c0a53997716ebfa0e03c0acdb52e4af877a339d154fea243453e69bc89bb18fc501cf3a623bb871047060234ebc21155d0dc6efa64749afb63a0f8a9c28f62861e826ddf243bd9dda895a9b24d38641856dc058040a418e15139c0b13d52258254eacf045386abe27e8756c29758330146da2e25822afd92467974f70fa71a971517be63845c1eeb1a7a39a8e01750a67925746ffbc35c0046a1d660ebe5967bbc0496d0c9ba9758f9fcf46ecbd2e07523af5e56ff1d8eee549ecc92b0d13ad2edb0149b25debe70d227afb1ad45991bfb63f7cf6a8b5bcabf504d7fe21df0a23e8615055df856d88b7379a4c4499d01221d10c286c10b12ff5c89903806eab61c18721be6edc3d0fdbe2448f130b87b375f0de009ac38fd159a9f54771388f54b50caf5caf896ceb214b298b524c6cfeca9e0343038c68de8856772de2c498e191b9da24cc2a4b722c88a0fd2cca32ea9445e06549d1b5e9c1c90f4de9ce818694c1ced8354729bbec6a828876dae455e24f0f40490aaf80825d0fcdd8620b43da6b7f94c82aac9b256a469312aff3411ac73a377f01f7329a8027d9b47212c2ae9f2038152d0e99b4622a6eb35ba206e43cfbb50ef80b84a1854208c8414b309eb8a3408050772e161beac866e7247b3dc245c9ea14965f2a1a4a97c8baa5a4dd9f8904d47"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
ioctl$NBD_DO_IT(0xffffffffffffffff, 0xab03)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r0}, 0x10)
process_vm_readv(0x0, &(0x7f0000000180)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0) (fail_nth: 63)

1.361394498s ago: executing program 0 (id=1806):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', <r2=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x68, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x4c, 0x8, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x20, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}]}, 0x68}}, 0x8000000)

1.266388423s ago: executing program 1 (id=1807):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x20)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x200000f, 0x11, r0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x4000)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))
pselect6(0x40, &(0x7f00000000c0)={0x9, 0x0, 0x0, 0x0, 0x20}, 0x0, 0x0, 0x0, 0x0)

1.265760485s ago: executing program 0 (id=1808):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x1, 0x8, 0x100c, 0x501, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = fcntl$getown(r0, 0x9)
syz_open_procfs(r1, &(0x7f0000000000)='attr/exec\x00')
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000100)=<r3=>0x0)
capset(&(0x7f0000000140)={0x0, r3}, &(0x7f0000000180)={0x4, 0x80, 0x56b0, 0x800, 0xf, 0x300000})
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00')
read(r4, &(0x7f0000001a00)=""/177, 0xb1)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r6 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f000001b640)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40, @void, @value}, 0x94)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000010c0)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000002, 0x10012, r7, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
ioctl$sock_bt_hci(r8, 0x800448d2, &(0x7f0000000080))
ioctl$VIDIOC_S_CROP(r6, 0x4014563c, &(0x7f0000000340)={0xc})
r9 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r9, 0xc05c6104, &(0x7f00000001c0)={'\x00', 0x0, 0x5, 0x9, 0x0, 0x6, "471d85001ff300", '\x00', "e1aa6045", 'b_dn', ["c81de44b0091fb7ce7442d42", "6d5eb3eec70d84000c00b4bd", "3433ff7f3300", "e996c9c4d21135876ea2fff7"]})

1.216745035s ago: executing program 3 (id=1809):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1df67, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r1, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x2c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0xd, 0xc}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xa}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000094}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x110, r7, 0xbd65d000)
syz_io_uring_setup(0x10d, &(0x7f0000000440), &(0x7f0000000380)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xb, 0x0, 0xffffffffffffffff, 0x0, 0x0})
r10 = creat(0x0, 0x0)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r10, 0x941c, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$dsp(0xffffffffffffffff, 0x0, 0x0)

1.088018857s ago: executing program 1 (id=1810):
rseq(0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = getpid()
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB='trans=virtio,noextend,access=any,cache=fscache,version=9p2000.u'])
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
r2 = getpgrp(r1)
syz_io_uring_submit(0x0, 0x0, 0x0)
tkill(r2, 0x3c)
r3 = syz_io_uring_setup(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1000}, 0x0, &(0x7f0000000440))
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0)
memfd_create(0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x4, 0x0)
r4 = dup3(r0, r0, 0x0)
io_setup(0x1, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='svcrdma_sq_post_err\x00', r4}, 0xffffffffffffff07)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030023000b63d25a80648c2594f90124fc60100c030000040009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
unshare(0x68060200)

170.885218ms ago: executing program 3 (id=1811):
rseq(0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = getpid()
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB='trans=virtio,noextend,access=any,cache=fscache,version=9p2000.u'])
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
r2 = getpgrp(r1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd, 0x0, 0x20000000, 0x8020, 0x0, 0x0, {0x2}})
tkill(r2, 0x3c)
r3 = syz_io_uring_setup(0x0, 0x0, 0x0, &(0x7f0000000440))
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0)
memfd_create(0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x4, 0x0)
r4 = dup3(r0, r0, 0x0)
io_setup(0x1, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='svcrdma_sq_post_err\x00', r4}, 0xffffffffffffff07)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030023000b63d25a80648c2594f90124fc60100c030000040009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
unshare(0x68060200)

153.101947ms ago: executing program 0 (id=1812):
rseq(0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = getpid()
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB='trans=virtio,noextend,access=any,cache=fscache,version=9p2000.u'])
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
r2 = getpgrp(r1)
syz_io_uring_submit(0x0, 0x0, 0x0)
tkill(r2, 0x3c)
r3 = syz_io_uring_setup(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1000}, 0x0, &(0x7f0000000440))
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0)
memfd_create(0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x4, 0x0)
r4 = dup3(r0, r0, 0x0)
io_setup(0x1, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='svcrdma_sq_post_err\x00', r4}, 0xffffffffffffff07)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030023000b63d25a80648c2594f90124fc60100c030000040009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
unshare(0x68060200)

0s ago: executing program 1 (id=1813):
socket(0x840000000002, 0x3, 0x100)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f913", 0x11}], 0x1}, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f00000006c0)=0x16)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x49, 0x0, 0x0)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x40, 0x0)
mount(&(0x7f0000000180)=@nullb, 0x0, &(0x7f00000000c0)='reiserfs\x00', 0x0, &(0x7f0000000100)='&@,,')
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0186405, &(0x7f0000000040)={0x2, 0x3, {<r2=>0x0}, {0xffffffffffffffff}, 0x636c, 0x9})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/route\x00')
read$msr(r4, &(0x7f0000000040)=""/59, 0xffb5)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000000000)=""/31, 0x1f}], 0x1, 0x0, 0x8)
socket$netlink(0x10, 0x3, 0x9)
read$msr(r4, &(0x7f0000000080)=""/202, 0xca)
pipe(&(0x7f00000002c0)={<r5=>0xffffffffffffffff})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
splice(r5, 0x0, r6, 0x0, 0x4ffe6, 0x0)
unshare(0x68060280)
sched_setaffinity(r2, 0x8, &(0x7f0000000140)=0x1000)
fcntl$dupfd(r0, 0x0, r0)
dup(0xffffffffffffffff)
syz_open_dev$loop(0x0, 0x3ff, 0x0)

kernel console output (not intermixed with test programs):

0716] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1220'.
[  235.809608][T10720] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1222'.
[  235.813335][T10720] bridge_slave_1: left allmulticast mode
[  235.815586][T10720] bridge_slave_1: left promiscuous mode
[  235.818982][T10720] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.833382][T10720] bridge_slave_0: left allmulticast mode
[  235.834944][T10720] bridge_slave_0: left promiscuous mode
[  235.836687][T10720] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.524838][T10737] autofs: Bad value for 'fd'
[  236.545133][T10741] vlan2: entered allmulticast mode
[  236.546905][T10741] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  236.554948][T10741] mac80211_hwsim hwsim5 wlan1: left allmulticast mode
[  236.857524][T10752] netlink: 134744 bytes leftover after parsing attributes in process `syz.2.1232'.
[  237.206671][T10761] netlink: 'syz.2.1234': attribute type 3 has an invalid length.
[  237.209151][T10761] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1234'.
[  237.529178][T10776] autofs: Unknown parameter '0x0000000000000000'
[  238.473970][ T1068] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  238.476069][ T1068] ata1: failed to read log page 10h (errno=-5)
[  238.477893][ T1068] ata1.00: exception Emask 0x1 SAct 0x2000 SErr 0x0 action 0x0
[  238.479915][ T1068] ata1.00: irq_stat 0x40000000
[  238.481257][ T1068] ata1.00: failed command: WRITE FPDMA QUEUED
[  238.483163][ T1068] ata1.00: cmd 61/18:68:22:0b:10/00:00:00:00:00/40 tag 13 ncq dma 12288 out
[  238.483163][ T1068]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  238.489030][ T1068] ata1.00: status: { DRDY }
[  238.490332][ T1068] ata1.00: error: { ABRT }
[  238.492178][ T1068] ata1.00: configured for UDMA/100
[  238.497183][ T1068] ata1: EH complete
[  238.737061][T10816] autofs: Unknown parameter '0x0000000000000000'
[  238.797455][T10817] netlink: 'syz.3.1256': attribute type 3 has an invalid length.
[  238.799589][T10817] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1256'.
[  239.625729][T10839] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1266'.
[  239.833037][T10849] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1268'.
[  239.883508][   T39] audit: type=1326 audit(1728193125.163:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.1.1266" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x0
[  239.967472][T10857] FAULT_INJECTION: forcing a failure.
[  239.967472][T10857] name failslab, interval 1, probability 0, space 0, times 0
[  239.971658][T10857] CPU: 0 UID: 0 PID: 10857 Comm: syz.3.1270 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  239.974514][T10857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.977304][T10857] Call Trace:
[  239.978179][T10857]  <TASK>
[  239.978968][T10857]  dump_stack_lvl+0x16c/0x1f0
[  239.980218][T10857]  should_fail_ex+0x497/0x5b0
[  239.981476][T10857]  ? fs_reclaim_acquire+0xae/0x160
[  239.982814][T10857]  should_failslab+0xc2/0x120
[  239.984043][T10857]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  239.985456][T10857]  ? __kernfs_new_node+0xd3/0x890
[  239.986772][T10857]  __kernfs_new_node+0xd3/0x890
[  239.988047][T10857]  ? __pfx___kernfs_new_node+0x10/0x10
[  239.989576][T10857]  ? __pfx_lock_release+0x10/0x10
[  239.990912][T10857]  ? kernfs_add_one+0x39d/0x520
[  239.992218][T10857]  ? up_write+0x1b2/0x520
[  239.993365][T10857]  kernfs_new_node+0x186/0x240
[  239.994646][T10857]  __kernfs_create_file+0x53/0x350
[  239.995994][T10857]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  239.997429][T10857]  internal_create_group+0x565/0xe50
[  239.998818][T10857]  ? __pfx_internal_create_group+0x10/0x10
[  240.000353][T10857]  ? kernfs_create_link+0x1bd/0x240
[  240.001721][T10857]  internal_create_groups+0x9d/0x150
[  240.003322][T10857]  device_add+0x6d3/0x1a70
[  240.004508][T10857]  ? __pfx_device_add+0x10/0x10
[  240.005798][T10857]  ? __init_waitqueue_head+0xca/0x150
[  240.007210][T10857]  netdev_register_kobject+0x187/0x3f0
[  240.008635][T10857]  register_netdevice+0x1473/0x1e20
[  240.010026][T10857]  ? __pfx_register_netdevice+0x10/0x10
[  240.011467][T10857]  register_vlan_dev+0x372/0x940
[  240.012768][T10857]  vlan_newlink+0x40e/0x6a0
[  240.013961][T10857]  ? __pfx_vlan_newlink+0x10/0x10
[  240.015276][T10857]  __rtnl_newlink+0x119c/0x1920
[  240.016573][T10857]  ? __pfx___rtnl_newlink+0x10/0x10
[  240.017950][T10857]  rtnl_newlink+0x67/0xa0
[  240.019097][T10857]  ? __pfx_rtnl_newlink+0x10/0x10
[  240.020419][T10857]  rtnetlink_rcv_msg+0x3c7/0xea0
[  240.021718][T10857]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  240.023145][T10857]  ? __pfx___dev_queue_xmit+0x10/0x10
[  240.024579][T10857]  netlink_rcv_skb+0x165/0x410
[  240.025866][T10857]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  240.027295][T10857]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  240.028677][T10857]  ? netlink_deliver_tap+0x1ae/0xcf0
[  240.030071][T10857]  netlink_unicast+0x53c/0x7f0
[  240.031334][T10857]  ? __pfx_netlink_unicast+0x10/0x10
[  240.032728][T10857]  ? __phys_addr_symbol+0x30/0x80
[  240.034056][T10857]  ? __check_object_size+0x488/0x710
[  240.035444][T10857]  netlink_sendmsg+0x8b8/0xd70
[  240.036727][T10857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  240.038126][T10857]  ? lock_acquire+0x2f/0xb0
[  240.039325][T10857]  ____sys_sendmsg+0x9ae/0xb40
[  240.040587][T10857]  ? __pfx_____sys_sendmsg+0x10/0x10
[  240.041979][T10857]  ? get_compat_msghdr+0x11b/0x170
[  240.043316][T10857]  ? __pfx___lock_acquire+0x10/0x10
[  240.044675][T10857]  ___sys_sendmsg+0x135/0x1e0
[  240.045924][T10857]  ? __pfx____sys_sendmsg+0x10/0x10
[  240.047285][T10857]  ? lock_acquire+0x2f/0xb0
[  240.048476][T10857]  ? __fget_files+0x40/0x3f0
[  240.049698][T10857]  ? fdget+0x176/0x210
[  240.050770][T10857]  __sys_sendmsg+0x117/0x1f0
[  240.051982][T10857]  ? __pfx___sys_sendmsg+0x10/0x10
[  240.053318][T10857]  ? __fget_files+0x244/0x3f0
[  240.054627][T10857]  __do_fast_syscall_32+0x73/0x120
[  240.055966][T10857]  do_fast_syscall_32+0x32/0x80
[  240.057261][T10857]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  240.058908][T10857] RIP: 0023:0xf7f61579
[  240.059979][T10857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  240.064928][T10857] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  240.067077][T10857] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000300
[  240.069123][T10857] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  240.071184][T10857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  240.073239][T10857] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  240.075289][T10857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  240.077351][T10857]  </TASK>
[  240.108516][   T39] audit: type=1326 audit(1728193125.383:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10846 comm="syz.0.1268" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  240.114844][T10864] autofs: Unknown parameter '0x0000000000000000'
[  240.828723][T10878] netlink: 'syz.3.1275': attribute type 3 has an invalid length.
[  240.831244][T10878] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1275'.
[  241.681424][T10887] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.1279'.
[  241.726775][T10891] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1282'.
[  241.822471][T10894] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.1281'.
[  241.969412][   T39] audit: type=1326 audit(1728193127.243:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10890 comm="syz.1.1282" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x0
[  242.367358][T10908] FAULT_INJECTION: forcing a failure.
[  242.367358][T10908] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.371654][T10908] CPU: 2 UID: 0 PID: 10908 Comm: syz.0.1285 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  242.375120][T10908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.378619][T10908] Call Trace:
[  242.379718][T10908]  <TASK>
[  242.380725][T10908]  dump_stack_lvl+0x16c/0x1f0
[  242.382269][T10908]  should_fail_ex+0x497/0x5b0
[  242.383834][T10908]  _copy_from_user+0x30/0xf0
[  242.385388][T10908]  move_addr_to_kernel+0x68/0x160
[  242.387114][T10908]  __sys_bind+0xc4/0x220
[  242.388502][T10908]  ? __pfx___sys_bind+0x10/0x10
[  242.390111][T10908]  ? __fget_files+0x244/0x3f0
[  242.391661][T10908]  ? __pfx_ksys_write+0x10/0x10
[  242.393228][T10908]  __ia32_sys_bind+0x71/0xb0
[  242.394735][T10908]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  242.396831][T10908]  __do_fast_syscall_32+0x73/0x120
[  242.398511][T10908]  do_fast_syscall_32+0x32/0x80
[  242.400246][T10908]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.402347][T10908] RIP: 0023:0xf73fe579
[  242.403700][T10908] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.410057][T10908] RSP: 002b:00000000f56c556c EFLAGS: 00000296 ORIG_RAX: 0000000000000169
[  242.412817][T10908] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000400
[  242.415361][T10908] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000000
[  242.417962][T10908] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  242.420333][T10908] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  242.422863][T10908] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.425136][T10908]  </TASK>
[  242.681522][T10914] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1287'.
[  242.977582][T10925] netlink: 'syz.3.1290': attribute type 3 has an invalid length.
[  242.979962][T10925] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1290'.
[  243.794955][T10932] autofs: Unknown parameter '0x0000000000000000'
[  244.038105][T10938] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1294'.
[  244.385464][   T39] audit: type=1326 audit(1728193129.663:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10937 comm="syz.3.1294" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x0
[  244.668691][T10950] hsr0: entered allmulticast mode
[  244.670405][T10950] hsr_slave_0: entered allmulticast mode
[  244.672286][T10950] hsr_slave_1: entered allmulticast mode
[  245.146120][T10967] autofs: Unknown parameter '0x0000000000000000'
[  245.205291][T10968] netlink: 'syz.2.1302': attribute type 3 has an invalid length.
[  245.207337][T10968] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1302'.
[  246.151973][T11005] autofs: Unknown parameter 'fd0x0000000000000000'
[  247.600269][T11031] overlayfs: overlapping lowerdir path
[  247.609886][T11031] netlink: 'syz.2.1322': attribute type 3 has an invalid length.
[  247.612035][T11031] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1322'.
[  248.102808][T11034] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1323'.
[  248.336703][T11036] autofs: Unknown parameter 'fd0x0000000000000000'
[  248.390033][   T39] audit: type=1326 audit(1728193133.663:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11033 comm="syz.3.1323" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x0
[  248.491862][T11044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1326'.
[  248.496949][T11044] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1326'.
[  248.941038][T11052] FAULT_INJECTION: forcing a failure.
[  248.941038][T11052] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.953335][T11052] CPU: 1 UID: 0 PID: 11052 Comm: syz.0.1329 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  248.956166][T11052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.959001][T11052] Call Trace:
[  248.959902][T11052]  <TASK>
[  248.960702][T11052]  dump_stack_lvl+0x16c/0x1f0
[  248.961962][T11052]  should_fail_ex+0x497/0x5b0
[  248.963223][T11052]  _copy_from_user+0x30/0xf0
[  248.964487][T11052]  get_compat_msghdr+0xa8/0x170
[  248.965794][T11052]  ? __pfx_get_compat_msghdr+0x10/0x10
[  248.967236][T11052]  ? __pfx___lock_acquire+0x10/0x10
[  248.968655][T11052]  ___sys_sendmsg+0x1b0/0x1e0
[  248.969906][T11052]  ? __pfx____sys_sendmsg+0x10/0x10
[  248.971289][T11052]  ? lock_acquire+0x2f/0xb0
[  248.972505][T11052]  ? __fget_files+0x40/0x3f0
[  248.973746][T11052]  ? __pfx___might_resched+0x10/0x10
[  248.975306][T11052]  ? fdget+0x176/0x210
[  248.976403][T11052]  __sys_sendmmsg+0x2a5/0x450
[  248.977671][T11052]  ? __pfx___sys_sendmmsg+0x10/0x10
[  248.979051][T11052]  ? vfs_write+0x14d/0x1140
[  248.980266][T11052]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  248.981879][T11052]  ? fput+0x30/0x390
[  248.982926][T11052]  ? ksys_write+0x1ad/0x260
[  248.984133][T11052]  ? __pfx_ksys_write+0x10/0x10
[  248.985438][T11052]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  248.986926][T11052]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  248.988671][T11052]  __do_fast_syscall_32+0x73/0x120
[  248.990030][T11052]  do_fast_syscall_32+0x32/0x80
[  248.991319][T11052]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  248.992998][T11052] RIP: 0023:0xf73fe579
[  248.994084][T11052] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  248.999135][T11052] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  249.001334][T11052] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[  249.003421][T11052] RDX: 000000000400020d RSI: 0000000000000000 RDI: 0000000000000000
[  249.005510][T11052] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  249.007596][T11052] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  249.009682][T11052] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  249.011770][T11052]  </TASK>
[  249.139074][T11065] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1334'.
[  249.148036][T11065] FAULT_INJECTION: forcing a failure.
[  249.148036][T11065] name failslab, interval 1, probability 0, space 0, times 0
[  249.152012][T11065] CPU: 0 UID: 0 PID: 11065 Comm: syz.1.1334 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  249.155059][T11065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  249.157890][T11065] Call Trace:
[  249.158787][T11065]  <TASK>
[  249.159577][T11065]  dump_stack_lvl+0x16c/0x1f0
[  249.160837][T11065]  should_fail_ex+0x497/0x5b0
[  249.162084][T11065]  ? fs_reclaim_acquire+0xae/0x160
[  249.163439][T11065]  should_failslab+0xc2/0x120
[  249.164707][T11065]  kmem_cache_alloc_lru_noprof+0x72/0x2f0
[  249.166213][T11065]  ? __d_alloc+0x35/0x8c0
[  249.167361][T11065]  __d_alloc+0x35/0x8c0
[  249.168466][T11065]  d_alloc+0x4a/0x1e0
[  249.169533][T11065]  d_alloc_parallel+0xe9/0x12b0
[  249.170830][T11065]  ? __pfx_d_alloc_parallel+0x10/0x10
[  249.172242][T11065]  ? lockdep_init_map_type+0x16d/0x7d0
[  249.173686][T11065]  ? lockdep_init_map_type+0x16d/0x7d0
[  249.175123][T11065]  __lookup_slow+0x194/0x460
[  249.176369][T11065]  ? __pfx___lookup_slow+0x10/0x10
[  249.177730][T11065]  ? __pfx_lock_release+0x10/0x10
[  249.179073][T11065]  ? d_lookup+0xe9/0x180
[  249.180201][T11065]  lookup_one_len+0x181/0x1b0
[  249.181460][T11065]  ? __pfx_lookup_one_len+0x10/0x10
[  249.182841][T11065]  ? mntput+0x10/0x90
[  249.183907][T11065]  start_creating.part.0+0x12f/0x3a0
[  249.185313][T11065]  __debugfs_create_file+0xa5/0x660
[  249.186687][T11065]  cfg80211_debugfs_rdev_add+0x5c/0xe0
[  249.188117][T11065]  wiphy_register+0x2257/0x2d30
[  249.189422][T11065]  ? __pfx_wiphy_register+0x10/0x10
[  249.190802][T11065]  ieee80211_register_hw+0x2959/0x3fb0
[  249.192245][T11065]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  249.193826][T11065]  ? rcu_is_watching+0x12/0xc0
[  249.195088][T11065]  ? trace_hrtimer_init+0x19d/0x220
[  249.196452][T11065]  ? __hrtimer_init+0x106/0x2c0
[  249.197743][T11065]  mac80211_hwsim_new_radio+0x2c47/0x56c0
[  249.199241][T11065]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  249.200742][T11065]  hwsim_new_radio_nl+0xb42/0x12b0
[  249.201951][T11065]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  249.203366][T11065]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  249.205298][T11065]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  249.207212][T11065]  genl_family_rcv_msg_doit+0x202/0x2f0
[  249.208650][T11065]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  249.210293][T11065]  ? bpf_lsm_capable+0x9/0x10
[  249.211453][T11065]  ? security_capable+0x7e/0x260
[  249.212716][T11065]  ? ns_capable+0xd7/0x110
[  249.213890][T11065]  genl_rcv_msg+0x565/0x800
[  249.214967][T11065]  ? __pfx_genl_rcv_msg+0x10/0x10
[  249.216270][T11065]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  249.217761][T11065]  netlink_rcv_skb+0x165/0x410
[  249.218998][T11065]  ? __pfx_genl_rcv_msg+0x10/0x10
[  249.220339][T11065]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  249.221799][T11065]  ? down_read+0xc9/0x330
[  249.222957][T11065]  ? __pfx_down_read+0x10/0x10
[  249.224095][T11065]  ? netlink_deliver_tap+0x1ae/0xcf0
[  249.225386][T11065]  genl_rcv+0x28/0x40
[  249.226448][T11065]  netlink_unicast+0x53c/0x7f0
[  249.227722][T11065]  ? __pfx_netlink_unicast+0x10/0x10
[  249.229121][T11065]  ? __phys_addr_symbol+0x30/0x80
[  249.230455][T11065]  ? __check_object_size+0x488/0x710
[  249.231855][T11065]  netlink_sendmsg+0x8b8/0xd70
[  249.233129][T11065]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.234518][T11065]  ? lock_acquire+0x2f/0xb0
[  249.235725][T11065]  ____sys_sendmsg+0x9ae/0xb40
[  249.237005][T11065]  ? __pfx_____sys_sendmsg+0x10/0x10
[  249.238394][T11065]  ? get_compat_msghdr+0x11b/0x170
[  249.239748][T11065]  ? __pfx___lock_acquire+0x10/0x10
[  249.241133][T11065]  ___sys_sendmsg+0x135/0x1e0
[  249.242386][T11065]  ? __pfx____sys_sendmsg+0x10/0x10
[  249.243769][T11065]  ? lock_acquire+0x2f/0xb0
[  249.244978][T11065]  ? __fget_files+0x40/0x3f0
[  249.246203][T11065]  ? fdget+0x176/0x210
[  249.247289][T11065]  __sys_sendmsg+0x117/0x1f0
[  249.248624][T11065]  ? __pfx___sys_sendmsg+0x10/0x10
[  249.250047][T11065]  ? __fget_files+0x244/0x3f0
[  249.251304][T11065]  __do_fast_syscall_32+0x73/0x120
[  249.252669][T11065]  do_fast_syscall_32+0x32/0x80
[  249.253964][T11065]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  249.255623][T11065] RIP: 0023:0xf7f67579
[  249.256721][T11065] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  249.261734][T11065] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  249.263907][T11065] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  249.264030][T11067] overlayfs: overlapping lowerdir path
[  249.265973][T11065] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  249.270014][T11065] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  249.272096][T11065] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  249.274180][T11065] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  249.276194][T11065]  </TASK>
[  249.294126][T11066] netlink: 'syz.0.1333': attribute type 3 has an invalid length.
[  249.296847][T11066] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1333'.
[  249.338542][T11071] autofs: Unknown parameter 'fd0x0000000000000000'
[  249.686840][T11082] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1340'.
[  250.115544][T11084] FAULT_INJECTION: forcing a failure.
[  250.115544][T11084] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.125264][T11084] CPU: 0 UID: 0 PID: 11084 Comm: syz.2.1342 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  250.128092][T11084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  250.131110][T11084] Call Trace:
[  250.132004][T11084]  <TASK>
[  250.132800][T11084]  dump_stack_lvl+0x16c/0x1f0
[  250.134034][T11084]  should_fail_ex+0x497/0x5b0
[  250.135224][T11084]  _copy_from_user+0x30/0xf0
[  250.136452][T11084]  get_compat_msghdr+0xa8/0x170
[  250.137741][T11084]  ? __pfx_get_compat_msghdr+0x10/0x10
[  250.139160][T11084]  ___sys_recvmsg+0x193/0x1a0
[  250.140425][T11084]  ? __pfx____sys_recvmsg+0x10/0x10
[  250.141808][T11084]  ? lock_acquire+0x2f/0xb0
[  250.143009][T11084]  ? __fget_files+0x40/0x3f0
[  250.144225][T11084]  ? __pfx___might_resched+0x10/0x10
[  250.145622][T11084]  ? fdget+0x176/0x210
[  250.146696][T11084]  do_recvmmsg+0x51a/0x750
[  250.147878][T11084]  ? __pfx_do_recvmmsg+0x10/0x10
[  250.149188][T11084]  ? __pfx_lock_release+0x10/0x10
[  250.150543][T11084]  ? vfs_write+0x14d/0x1140
[  250.151782][T11084]  ? __fget_files+0x244/0x3f0
[  250.153028][T11084]  __sys_recvmmsg+0x21e/0x280
[  250.154307][T11084]  ? __pfx___sys_recvmmsg+0x10/0x10
[  250.155705][T11084]  ? __pfx_ksys_write+0x10/0x10
[  250.157076][T11084]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  250.158721][T11084]  ? lockdep_hardirqs_on+0x7c/0x110
[  250.160093][T11084]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  250.161821][T11084]  __do_fast_syscall_32+0x73/0x120
[  250.163167][T11084]  do_fast_syscall_32+0x32/0x80
[  250.164450][T11084]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  250.166117][T11084] RIP: 0023:0xf7f57579
[  250.167174][T11084] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  250.172161][T11084] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  250.174336][T11084] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200055c0
[  250.176361][T11084] RDX: 000000000400023c RSI: 0000000000000302 RDI: 0000000000000000
[  250.178385][T11084] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  250.180457][T11084] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  250.182450][T11084] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  250.184520][T11084]  </TASK>
[  250.413733][T11098] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1345'.
[  250.460487][T11107] 0�X��D: entered promiscuous mode
[  250.462992][T11107] erspan0: entered promiscuous mode
[  250.465293][T11107] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  250.467981][T11107] Cannot create hsr debugfs directory
[  250.482884][   T39] audit: type=1326 audit(1728193135.753:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11081 comm="syz.3.1340" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x0
[  250.581779][T11116] libceph: resolve '.
[  250.581779][T11116] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  250.581779][T11116] ' (ret=-3): failed
[  250.700859][T11118] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1349'.
[  250.705524][T11118] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  251.405238][   T39] audit: type=1326 audit(1728193136.683:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11114 comm="syz.0.1349" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7fc00000
[  251.422973][T11130] openvswitch: netlink: Message has 4 unknown bytes.
[  251.718157][T11144] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.1357'.
[  251.721568][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.724116][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.726048][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.727953][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.729911][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.731909][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.735316][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.737300][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.739290][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.741246][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.743170][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.745500][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.747435][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.749483][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.751413][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.753642][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.755678][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.757692][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.760775][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.762748][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.766642][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.768595][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.770670][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.772750][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.775661][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.777645][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.779613][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.781591][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.783922][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.786799][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.788834][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.790788][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.792826][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.794968][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.796996][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.798936][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.800907][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.802909][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.805080][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.807193][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.809208][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.811301][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.813627][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  251.822357][   T25] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  252.468090][   T39] audit: type=1326 audit(1728193137.743:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11147 comm="syz.2.1359" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x0
[  252.838059][T11178] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  252.858592][T11178] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  252.912213][T11182] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.1370'.
[  253.810143][   T39] audit: type=1326 audit(1728193139.083:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11195 comm="syz.2.1375" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x0
[  253.870774][T11202] input: syz0 as /devices/virtual/input/input14
[  254.365400][T11209] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.1379'.
[  254.373927][T11209] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1379'.
[  254.815658][T11221] netlink: zone id is out of range
[  254.817176][T11221] netlink: zone id is out of range
[  254.818661][T11221] netlink: zone id is out of range
[  254.821168][T11221] netlink: zone id is out of range
[  254.822873][T11221] netlink: zone id is out of range
[  254.894492][T11221] netlink: zone id is out of range
[  254.925433][T11221] netlink: set zone limit has 4 unknown bytes
[  255.016042][ T1374] ieee802154 phy0 wpan0: encryption failed: -22
[  255.228465][T11238] FAULT_INJECTION: forcing a failure.
[  255.228465][T11238] name failslab, interval 1, probability 0, space 0, times 0
[  255.231771][T11238] CPU: 3 UID: 0 PID: 11238 Comm: syz.0.1388 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  255.234571][T11238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.237369][T11238] Call Trace:
[  255.238254][T11238]  <TASK>
[  255.239038][T11238]  dump_stack_lvl+0x16c/0x1f0
[  255.240291][T11238]  should_fail_ex+0x497/0x5b0
[  255.241563][T11238]  ? fs_reclaim_acquire+0xae/0x160
[  255.242920][T11238]  should_failslab+0xc2/0x120
[  255.244322][T11238]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  255.245850][T11238]  ? __kernfs_new_node+0xd3/0x890
[  255.247181][T11238]  __kernfs_new_node+0xd3/0x890
[  255.248475][T11238]  ? __pfx___kernfs_new_node+0x10/0x10
[  255.249919][T11238]  ? __pfx_lock_release+0x10/0x10
[  255.251257][T11238]  ? kernfs_add_one+0x39d/0x520
[  255.252548][T11238]  ? up_write+0x1b2/0x520
[  255.253696][T11238]  kernfs_new_node+0x186/0x240
[  255.255083][T11238]  __kernfs_create_file+0x53/0x350
[  255.256462][T11238]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  255.257920][T11238]  internal_create_group+0x565/0xe50
[  255.259334][T11238]  ? __pfx_internal_create_group+0x10/0x10
[  255.260891][T11238]  ? kernfs_create_link+0x1bd/0x240
[  255.262271][T11238]  internal_create_groups+0x9d/0x150
[  255.263717][T11238]  device_add+0x6d3/0x1a70
[  255.264927][T11238]  ? __pfx_device_add+0x10/0x10
[  255.266230][T11238]  ? __init_waitqueue_head+0xca/0x150
[  255.267675][T11238]  netdev_register_kobject+0x187/0x3f0
[  255.269136][T11238]  register_netdevice+0x1473/0x1e20
[  255.270533][T11238]  ? __pfx_register_netdevice+0x10/0x10
[  255.271996][T11238]  ? alloc_netdev_mqs+0xf2a/0x12a0
[  255.273366][T11238]  ? validate_linkmsg+0x6d2/0x9a0
[  255.274718][T11238]  br_dev_newlink+0x27/0x110
[  255.275955][T11238]  ? __pfx_br_dev_newlink+0x10/0x10
[  255.277355][T11238]  __rtnl_newlink+0x119c/0x1920
[  255.278654][T11238]  ? __pfx___rtnl_newlink+0x10/0x10
[  255.280039][T11238]  rtnl_newlink+0x67/0xa0
[  255.281196][T11238]  ? __pfx_rtnl_newlink+0x10/0x10
[  255.282526][T11238]  rtnetlink_rcv_msg+0x3c7/0xea0
[  255.283857][T11238]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  255.285295][T11238]  ? __pfx___dev_queue_xmit+0x10/0x10
[  255.286708][T11238]  netlink_rcv_skb+0x165/0x410
[  255.287976][T11238]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  255.289419][T11238]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  255.290819][T11238]  ? netlink_deliver_tap+0x1ae/0xcf0
[  255.292205][T11238]  netlink_unicast+0x53c/0x7f0
[  255.293484][T11238]  ? __pfx_netlink_unicast+0x10/0x10
[  255.294884][T11238]  ? __phys_addr_symbol+0x30/0x80
[  255.296221][T11238]  ? __check_object_size+0x488/0x710
[  255.297642][T11238]  netlink_sendmsg+0x8b8/0xd70
[  255.298912][T11238]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.300308][T11238]  ? lock_acquire+0x2f/0xb0
[  255.301521][T11238]  ____sys_sendmsg+0x9ae/0xb40
[  255.302794][T11238]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.304189][T11238]  ? get_compat_msghdr+0x11b/0x170
[  255.305555][T11238]  ? __pfx___lock_acquire+0x10/0x10
[  255.306938][T11238]  ___sys_sendmsg+0x135/0x1e0
[  255.308192][T11238]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.309585][T11238]  ? lock_acquire+0x2f/0xb0
[  255.310786][T11238]  ? __fget_files+0x40/0x3f0
[  255.312008][T11238]  ? fdget+0x176/0x210
[  255.313090][T11238]  __sys_sendmsg+0x117/0x1f0
[  255.314386][T11238]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.315742][T11238]  ? __fget_files+0x244/0x3f0
[  255.317011][T11238]  __do_fast_syscall_32+0x73/0x120
[  255.318360][T11238]  do_fast_syscall_32+0x32/0x80
[  255.319654][T11238]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.321328][T11238] RIP: 0023:0xf73fe579
[  255.322420][T11238] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  255.327411][T11238] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  255.329606][T11238] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[  255.331690][T11238] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  255.333805][T11238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.335885][T11238] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  255.337984][T11238] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.340076][T11238]  </TASK>
[  255.988661][T11250] overlayfs: overlapping lowerdir path
[  256.007024][T11250] netlink: 'syz.1.1391': attribute type 3 has an invalid length.
[  256.009517][T11250] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1391'.
[  256.075621][   T39] audit: type=1326 audit(1728193141.333:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11245 comm="syz.2.1390" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x0
[  256.567356][T11257] overlayfs: overlapping lowerdir path
[  256.664859][T11257] netlink: 'syz.3.1392': attribute type 3 has an invalid length.
[  256.668527][T11257] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1392'.
[  257.674365][T11286] overlayfs: overlapping lowerdir path
[  257.699064][T11285] sp0: Synchronizing with TNC
[  257.699116][T11286] netlink: 'syz.0.1399': attribute type 3 has an invalid length.
[  257.702924][T11286] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1399'.
[  257.784731][T11285] mkiss: ax0: crc mode is auto.
[  258.516592][   T39] audit: type=1326 audit(1728193143.793:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11279 comm="syz.3.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7fc00000
[  258.823829][T11312] nbd0: detected capacity change from 0 to 22
[  258.836840][T11309] block nbd0: shutting down sockets
[  258.845119][    C1] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.847491][    C1] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.853453][  T830] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.856952][  T830] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.859830][ T5344] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.863364][ T5344] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.866114][ T5344] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.870582][ T5344] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.875304][ T5344] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.877879][ T5344] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.880264][ T5344] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.882811][ T5344] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.886332][ T5344] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.888902][ T5344] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.899906][ T5344] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.902563][ T5344] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.905281][ T5344] ldm_validate_partition_table(): Disk read failed.
[  258.910500][ T5344] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.915512][ T5344] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.920204][ T5344] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  258.923715][ T5344] Buffer I/O error on dev nbd0, logical block 0, async page read
[  258.926872][ T5344] Dev nbd0: unable to read RDB block 0
[  258.932923][ T5344]  nbd0: unable to read partition table
[  258.943104][ T5344] nbd0: partition table beyond EOD, truncated
[  258.948169][T11309] ldm_validate_partition_table(): Disk read failed.
[  258.950488][T11309] Dev nbd0: unable to read RDB block 0
[  258.952645][T11309]  nbd0: unable to read partition table
[  258.958636][T11309] nbd0: partition table beyond EOD, truncated
[  258.985073][ T5344] ldm_validate_partition_table(): Disk read failed.
[  258.990648][ T5344] Dev nbd0: unable to read RDB block 0
[  258.994978][ T5344]  nbd0: unable to read partition table
[  258.999160][ T5344] nbd0: partition table beyond EOD, truncated
[  260.043599][    T9] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  260.253496][    T9] usb 8-1: device descriptor read/64, error -71
[  260.504078][    T9] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  260.576561][T11347] netlink: 5312 bytes leftover after parsing attributes in process `syz.2.1417'.
[  260.701461][    T9] usb 8-1: device descriptor read/64, error -71
[  260.717368][   T39] audit: type=1326 audit(1728193145.993:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11355 comm="syz.2.1419" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x0
[  260.792865][T11365] random: crng reseeded on system resumption
[  260.814483][    T9] usb usb8-port1: attempt power cycle
[  260.883956][T11368] overlayfs: overlapping lowerdir path
[  260.897141][T11368] netlink: 'syz.0.1422': attribute type 3 has an invalid length.
[  260.899292][T11368] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1422'.
[  261.163632][    T9] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  261.185322][    T9] usb 8-1: device descriptor read/8, error -71
[  261.439225][    T9] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  261.474037][    T9] usb 8-1: device descriptor read/8, error -71
[  261.554888][T11376] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1425'.
[  261.557440][T11376] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1425'.
[  261.570699][T11374] mkiss: ax0: crc mode is auto.
[  261.586496][    T9] usb usb8-port1: unable to enumerate USB device
[  261.615971][T11379] netlink: 'syz.1.1426': attribute type 10 has an invalid length.
[  261.730187][T11383] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1427'.
[  261.876295][T11392] netlink: 134744 bytes leftover after parsing attributes in process `syz.2.1430'.
[  263.069289][   T39] audit: type=1326 audit(1728193148.343:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11395 comm="syz.0.1433" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  263.242130][T11422] FAULT_INJECTION: forcing a failure.
[  263.242130][T11422] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.245650][T11422] CPU: 3 UID: 0 PID: 11422 Comm: syz.0.1438 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  263.248585][T11422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  263.251271][T11422] Call Trace:
[  263.252121][T11422]  <TASK>
[  263.252908][T11422]  dump_stack_lvl+0x16c/0x1f0
[  263.254156][T11422]  should_fail_ex+0x497/0x5b0
[  263.255406][T11422]  _copy_to_user+0x30/0xc0
[  263.256598][T11422]  do_pages_stat+0x5c1/0x820
[  263.257832][T11422]  ? __pfx_do_pages_stat+0x10/0x10
[  263.259185][T11422]  ? cpuset_mems_allowed+0x1d9/0x480
[  263.260591][T11422]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  263.262129][T11422]  ? lockdep_hardirqs_on+0x7c/0x110
[  263.263525][T11422]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  263.265075][T11422]  kernel_move_pages+0x10a4/0x15a0
[  263.266428][T11422]  ? __mutex_unlock_slowpath+0x164/0x650
[  263.267899][T11422]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  263.269483][T11422]  ? __pfx_kernel_move_pages+0x10/0x10
[  263.270918][T11422]  ? __fget_files+0x244/0x3f0
[  263.272071][T11422]  ? fput+0x30/0x390
[  263.273109][T11422]  ? ksys_write+0x1ad/0x260
[  263.274307][T11422]  ? __pfx_ksys_write+0x10/0x10
[  263.275593][T11422]  __ia32_sys_move_pages+0xdd/0x1b0
[  263.276973][T11422]  ? lockdep_hardirqs_on+0x7c/0x110
[  263.278344][T11422]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  263.280056][T11422]  __do_fast_syscall_32+0x73/0x120
[  263.281418][T11422]  do_fast_syscall_32+0x32/0x80
[  263.282696][T11422]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  263.284355][T11422] RIP: 0023:0xf73fe579
[  263.285436][T11422] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  263.290427][T11422] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 000000000000013d
[  263.292579][T11422] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000001efe
[  263.294513][T11422] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000040
[  263.296436][T11422] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  263.298406][T11422] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  263.300490][T11422] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  263.302586][T11422]  </TASK>
[  263.574941][T11434] 9pnet: Unknown protocol version 9
[  263.582870][T11434] overlayfs: overlapping lowerdir path
[  263.588032][T11435] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.1442'.
[  263.618449][T11434] netlink: 'syz.2.1441': attribute type 3 has an invalid length.
[  263.621459][T11434] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1441'.
[  264.105874][T11444] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1445'.
[  264.329798][   T39] audit: type=1326 audit(1728193149.603:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11443 comm="syz.3.1445" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x0
[  264.357705][T11452] binder: 11451:11452 ioctl c0306201 20000140 returned -14
[  264.436023][T11459] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1451'.
[  265.117198][T11468] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1453'.
[  265.323555][T11471] IPVS: rr: TCP 172.20.20.170:0 - no destination available
[  265.350915][T11471] vivid-000: =================  START STATUS  =================
[  265.353253][T11471] vivid-000: Test Pattern: 75% Colorbar
[  265.354948][T11471] vivid-000: Fill Percentage of Frame: 100
[  265.356468][T11471] vivid-000: Horizontal Movement: No Movement
[  265.357942][T11471] vivid-000: Vertical Movement: No Movement
[  265.359434][T11471] vivid-000: OSD Text Mode: All
[  265.360675][T11471] vivid-000: Show Border: false
[  265.363374][T11471] vivid-000: Show Square: false
[  265.364684][T11471] vivid-000: Sensor Flipped Horizontally: false
[  265.366330][T11471] vivid-000: Sensor Flipped Vertically: false
[  265.367957][T11471] vivid-000: Insert SAV Code in Image: false
[  265.369556][T11471] vivid-000: Insert EAV Code in Image: false
[  265.371194][T11471] vivid-000: Insert Video Guard Band: false
[  265.372842][T11471] vivid-000: Reduced Framerate: false
[  265.374373][T11471] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  265.376397][T11471] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  265.378472][T11471] vivid-000: Enable Capture Cropping: true grabbed
[  265.380164][T11471] vivid-000: Enable Capture Composing: true grabbed
[  265.381876][T11471] vivid-000: Enable Capture Scaler: true grabbed
[  265.383632][T11471] vivid-000: Timestamp Source: End of Frame
[  265.385187][T11471] vivid-000: Colorspace: sRGB
[  265.386399][T11471] vivid-000: Transfer Function: Default
[  265.387852][T11471] vivid-000: Y'CbCr Encoding: Default
[  265.389359][T11471] vivid-000: HSV Encoding: Hue 0-179
[  265.390736][T11471] vivid-000: Quantization: Default
[  265.392053][T11471] vivid-000: Apply Alpha To Red Only: false
[  265.393815][T11471] vivid-000: Standard Aspect Ratio: 4x3
[  265.395304][T11471] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  265.397314][T11471] vivid-000: DV Timings: 640x480p59 inactive
[  265.398930][T11471] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  265.401751][T11471] vivid-000: Maximum EDID Blocks: 2
[  265.403200][T11471] vivid-000: Limited RGB Range (16-235): false
[  265.404899][T11471] vivid-000: Rx RGB Quantization Range: Automatic
[  265.406619][T11471] vivid-000: Power Present: 0x00000001
[  265.408026][T11471] tpg source WxH: 320x180 (Y'CbCr)
[  265.409366][T11471] tpg field: 1
[  265.410274][T11471] tpg crop: 320x180@0x0
[  265.411370][T11471] tpg compose: 320x180@0x0
[  265.412557][T11471] tpg colorspace: 8
[  265.413674][T11471] tpg transfer function: 0/2
[  265.414935][T11471] tpg Y'CbCr encoding: 0/1
[  265.416148][T11471] tpg quantization: 0/2
[  265.417314][T11471] tpg RGB range: 0/2
[  265.418404][T11471] vivid-000: ==================  END STATUS  ==================
[  266.099734][T11481] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.1456'.
[  266.132969][T11483] kvm: kvm [11482]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000005c) = 0x0
[  266.150042][T11483] syzkaller0: entered promiscuous mode
[  266.151556][T11483] syzkaller0: entered allmulticast mode
[  266.496094][T11491] input: syz0 as /devices/virtual/input/input15
[  266.999044][T11494] 9pnet: Unknown protocol version 9
[  267.019252][T11494] overlayfs: overlapping lowerdir path
[  267.760453][T11494] netlink: 'syz.0.1461': attribute type 3 has an invalid length.
[  267.767994][T11494] __nla_validate_parse: 1 callbacks suppressed
[  267.768183][T11494] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1461'.
[  267.953890][T11504] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1465'.
[  268.153574][    T9] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  268.326594][    T9] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  268.329154][    T9] usb 6-1: config 1 has an invalid interface descriptor of length 8, skipping
[  268.331634][    T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  268.334476][    T9] usb 6-1: config 1 has 0 interfaces, different from the descriptor's value: 66
[  268.343946][    T9] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  268.346511][    T9] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  268.348755][    T9] usb 6-1: Product: syz
[  268.350569][    T9] usb 6-1: Manufacturer: syz
[  268.572811][  T980] usb 6-1: USB disconnect, device number 10
[  268.912164][T11526] =======================================================
[  268.912164][T11526] WARNING: The mand mount option has been deprecated and
[  268.912164][T11526]          and is ignored by this kernel. Remove the mand
[  268.912164][T11526]          option from the mount to silence this warning.
[  268.912164][T11526] =======================================================
[  269.132431][T11536] FAULT_INJECTION: forcing a failure.
[  269.132431][T11536] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.136797][T11536] CPU: 2 UID: 0 PID: 11536 Comm: syz.0.1473 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  269.139579][T11536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.142340][T11536] Call Trace:
[  269.143214][T11536]  <TASK>
[  269.143993][T11536]  dump_stack_lvl+0x16c/0x1f0
[  269.145239][T11536]  should_fail_ex+0x497/0x5b0
[  269.146477][T11536]  _copy_from_user+0x30/0xf0
[  269.147690][T11536]  get_compat_msghdr+0xa8/0x170
[  269.148971][T11536]  ? __pfx_get_compat_msghdr+0x10/0x10
[  269.150404][T11536]  ? find_held_lock+0x2d/0x110
[  269.151655][T11536]  ___sys_recvmsg+0x193/0x1a0
[  269.152900][T11536]  ? __pfx____sys_recvmsg+0x10/0x10
[  269.154257][T11536]  ? lock_acquire+0x2f/0xb0
[  269.155447][T11536]  ? __fget_files+0x40/0x3f0
[  269.156675][T11536]  ? __pfx___might_resched+0x10/0x10
[  269.158046][T11536]  ? fdget+0x176/0x210
[  269.159115][T11536]  do_recvmmsg+0x51a/0x750
[  269.160287][T11536]  ? __pfx_do_recvmmsg+0x10/0x10
[  269.161592][T11536]  ? __pfx_lock_release+0x10/0x10
[  269.162880][T11536]  ? vfs_write+0x14d/0x1140
[  269.164075][T11536]  ? __fget_files+0x244/0x3f0
[  269.165318][T11536]  __sys_recvmmsg+0x21e/0x280
[  269.166541][T11536]  ? __pfx___sys_recvmmsg+0x10/0x10
[  269.168152][T11536]  ? __pfx_ksys_write+0x10/0x10
[  269.169480][T11536]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  269.171143][T11536]  ? lockdep_hardirqs_on+0x7c/0x110
[  269.172515][T11536]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  269.174235][T11536]  __do_fast_syscall_32+0x73/0x120
[  269.175587][T11536]  do_fast_syscall_32+0x32/0x80
[  269.176900][T11536]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  269.178572][T11536] RIP: 0023:0xf73fe579
[  269.179656][T11536] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  269.184659][T11536] RSP: 002b:00000000f56c556c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  269.186819][T11536] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020008880
[  269.188881][T11536] RDX: 000000000000045b RSI: 0000000044000102 RDI: 0000000000000000
[  269.191469][T11536] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  269.194166][T11536] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  269.196904][T11536] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  269.199617][T11536]  </TASK>
[  269.515875][T11545] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1477'.
[  271.703155][T11581] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1487'.
[  272.093356][   T39] audit: type=1326 audit(1728193157.363:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11580 comm="syz.1.1487" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x0
[  272.716739][T11598] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.1491'.
[  273.098886][T11602] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1492'.
[  273.330499][T11611] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=536871680 (1073743360 ns) > initial count (152 ns). Using initial count to start timer.
[  273.451559][T11614] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1497'.
[  273.606713][   T39] audit: type=1326 audit(1728193158.883:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11613 comm="syz.0.1497" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  274.390257][T11633] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1501'.
[  274.408181][T11633] sp0: Synchronizing with TNC
[  275.046353][T11643] mmap: syz.0.1502 (11643) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  275.512991][T11650] FAULT_INJECTION: forcing a failure.
[  275.512991][T11650] name failslab, interval 1, probability 0, space 0, times 0
[  275.518794][T11650] CPU: 3 UID: 0 PID: 11650 Comm: syz.3.1505 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  275.518822][T11650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  275.518833][T11650] Call Trace:
[  275.518840][T11650]  <TASK>
[  275.518847][T11650]  dump_stack_lvl+0x16c/0x1f0
[  275.518875][T11650]  should_fail_ex+0x497/0x5b0
[  275.518904][T11650]  should_failslab+0xc2/0x120
[  275.518929][T11650]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  275.518951][T11650]  ? skb_clone+0x190/0x3f0
[  275.518979][T11650]  skb_clone+0x190/0x3f0
[  275.518999][T11650]  netlink_deliver_tap+0xb26/0xcf0
[  275.519025][T11650]  netlink_unicast+0x5e1/0x7f0
[  275.519046][T11650]  ? __pfx_netlink_unicast+0x10/0x10
[  275.519066][T11650]  ? __phys_addr_symbol+0x30/0x80
[  275.519086][T11650]  ? __check_object_size+0x488/0x710
[  275.519107][T11650]  netlink_sendmsg+0x8b8/0xd70
[  275.519131][T11650]  ? __pfx_netlink_sendmsg+0x10/0x10
[  275.519152][T11650]  ? lock_acquire+0x2f/0xb0
[  275.519182][T11650]  ____sys_sendmsg+0x9ae/0xb40
[  275.519202][T11650]  ? __pfx_____sys_sendmsg+0x10/0x10
[  275.519217][T11650]  ? get_compat_msghdr+0x11b/0x170
[  275.519240][T11650]  ? __pfx___lock_acquire+0x10/0x10
[  275.519268][T11650]  ___sys_sendmsg+0x135/0x1e0
[  275.519295][T11650]  ? __pfx____sys_sendmsg+0x10/0x10
[  275.519323][T11650]  ? lock_acquire+0x2f/0xb0
[  275.519346][T11650]  ? __fget_files+0x40/0x3f0
[  275.519373][T11650]  ? fdget+0x176/0x210
[  275.555990][T11650]  __sys_sendmsg+0x117/0x1f0
[  275.556017][T11650]  ? __pfx___sys_sendmsg+0x10/0x10
[  275.556031][T11650]  ? __fget_files+0x244/0x3f0
[  275.556051][T11650]  __do_fast_syscall_32+0x73/0x120
[  275.556068][T11650]  do_fast_syscall_32+0x32/0x80
[  275.556097][T11650]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  275.556113][T11650] RIP: 0023:0xf7f61579
[  275.556123][T11650] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  275.556133][T11650] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  275.556145][T11650] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000200
[  275.556153][T11650] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  275.556159][T11650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  275.556165][T11650] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  275.556172][T11650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  275.556185][T11650]  </TASK>
[  275.936205][T11663] netlink: 'syz.2.1509': attribute type 4 has an invalid length.
[  276.083748][T11667] fuse: Bad value for 'fd'
[  276.199080][T11672] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1511'.
[  276.304302][T11676] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1513'.
[  276.392456][   T39] audit: type=1326 audit(1728193417.661:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11671 comm="syz.1.1511" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x0
[  277.013765][T11687] 9pnet: Unknown protocol version 9
[  277.021495][T11687] overlayfs: overlapping lowerdir path
[  277.048196][T11687] netlink: 'syz.2.1515': attribute type 3 has an invalid length.
[  277.050370][T11687] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1515'.
[  278.050821][T11696] FAULT_INJECTION: forcing a failure.
[  278.050821][T11696] name failslab, interval 1, probability 0, space 0, times 0
[  278.054244][T11696] CPU: 1 UID: 0 PID: 11696 Comm: syz.2.1518 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  278.057050][T11696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  278.059842][T11696] Call Trace:
[  278.060741][T11696]  <TASK>
[  278.061528][T11696]  dump_stack_lvl+0x16c/0x1f0
[  278.062783][T11696]  should_fail_ex+0x497/0x5b0
[  278.064029][T11696]  ? fs_reclaim_acquire+0xae/0x160
[  278.065384][T11696]  should_failslab+0xc2/0x120
[  278.066640][T11696]  __kmalloc_cache_noprof+0x6b/0x310
[  278.068056][T11696]  ? io_queue_sqe_fallback+0x276/0xaa0
[  278.069488][T11696]  io_queue_sqe_fallback+0x276/0xaa0
[  278.070875][T11696]  io_submit_sqes+0x1544/0x2530
[  278.072162][T11696]  __do_sys_io_uring_enter+0xc0f/0x1170
[  278.073658][T11696]  ? __fget_files+0x244/0x3f0
[  278.074925][T11696]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  278.076524][T11696]  ? fput+0x30/0x390
[  278.077559][T11696]  ? ksys_write+0x1ad/0x260
[  278.078750][T11696]  ? __pfx_ksys_write+0x10/0x10
[  278.080028][T11696]  __do_fast_syscall_32+0x73/0x120
[  278.081355][T11696]  do_fast_syscall_32+0x32/0x80
[  278.082637][T11696]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  278.084338][T11696] RIP: 0023:0xf7f57579
[  278.085460][T11696] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  278.090527][T11696] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  278.092693][T11696] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000000047f6
[  278.094793][T11696] RDX: 00000000000095ac RSI: 0000000000000000 RDI: 0000000000000000
[  278.096867][T11696] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  278.098920][T11696] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  278.101004][T11696] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  278.103069][T11696]  </TASK>
[  279.328737][T11724] FAULT_INJECTION: forcing a failure.
[  279.328737][T11724] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.332412][T11724] CPU: 2 UID: 0 PID: 11724 Comm: syz.3.1527 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  279.335294][T11724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  279.337947][T11724] Call Trace:
[  279.338787][T11724]  <TASK>
[  279.339527][T11724]  dump_stack_lvl+0x16c/0x1f0
[  279.340683][T11724]  should_fail_ex+0x497/0x5b0
[  279.341834][T11724]  _copy_from_user+0x30/0xf0
[  279.342944][T11724]  get_compat_msghdr+0xa8/0x170
[  279.344188][T11724]  ? __pfx_get_compat_msghdr+0x10/0x10
[  279.345634][T11724]  ? find_held_lock+0x2d/0x110
[  279.346893][T11724]  ___sys_recvmsg+0x193/0x1a0
[  279.348138][T11724]  ? __pfx____sys_recvmsg+0x10/0x10
[  279.349522][T11724]  ? lock_acquire+0x2f/0xb0
[  279.350710][T11724]  ? __fget_files+0x40/0x3f0
[  279.351932][T11724]  ? __pfx___might_resched+0x10/0x10
[  279.353321][T11724]  ? fdget+0x176/0x210
[  279.354392][T11724]  do_recvmmsg+0x51a/0x750
[  279.355561][T11724]  ? __pfx_do_recvmmsg+0x10/0x10
[  279.356832][T11724]  ? __pfx_lock_release+0x10/0x10
[  279.358227][T11724]  ? vfs_write+0x14d/0x1140
[  279.359399][T11724]  ? __fget_files+0x244/0x3f0
[  279.360614][T11724]  __sys_recvmmsg+0x21e/0x280
[  279.361823][T11724]  ? __pfx___sys_recvmmsg+0x10/0x10
[  279.363173][T11724]  ? __pfx_ksys_write+0x10/0x10
[  279.364402][T11724]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  279.366025][T11724]  ? lockdep_hardirqs_on+0x7c/0x110
[  279.367409][T11724]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  279.369125][T11724]  __do_fast_syscall_32+0x73/0x120
[  279.370466][T11724]  do_fast_syscall_32+0x32/0x80
[  279.371735][T11724]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  279.373380][T11724] RIP: 0023:0xf7f61579
[  279.374456][T11724] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  279.379408][T11724] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  279.381564][T11724] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000840
[  279.383635][T11724] RDX: 0000000000000414 RSI: 0000000000000000 RDI: 0000000000000000
[  279.385641][T11724] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  279.387675][T11724] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  279.389694][T11724] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  279.391744][T11724]  </TASK>
[  279.408585][T11727] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1528'.
[  279.516200][T11730] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  279.611918][T11733] tipc: Started in network mode
[  279.613825][T11733] tipc: Node identity 1, cluster identity 4711
[  279.616415][T11733] tipc: Node number set to 1
[  280.299350][T11741] FAULT_INJECTION: forcing a failure.
[  280.299350][T11741] name failslab, interval 1, probability 0, space 0, times 0
[  280.314219][T11741] CPU: 3 UID: 0 PID: 11741 Comm: syz.2.1533 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  280.317419][T11741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  280.320514][T11741] Call Trace:
[  280.321539][T11741]  <TASK>
[  280.322430][T11741]  dump_stack_lvl+0x16c/0x1f0
[  280.323847][T11741]  should_fail_ex+0x497/0x5b0
[  280.325141][T11741]  ? fs_reclaim_acquire+0xae/0x160
[  280.326294][T11741]  should_failslab+0xc2/0x120
[  280.327370][T11741]  __kmalloc_noprof+0xcb/0x410
[  280.328495][T11741]  io_alloc_async_data+0x9d/0x150
[  280.329636][T11741]  io_prep_rw+0x30d/0xb70
[  280.330619][T11741]  io_submit_sqes+0x8aa/0x2530
[  280.331729][T11741]  __do_sys_io_uring_enter+0xc0f/0x1170
[  280.332996][T11741]  ? __fget_files+0x244/0x3f0
[  280.334013][T11741]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  280.335332][T11741]  ? fput+0x30/0x390
[  280.336217][T11741]  ? ksys_write+0x1ad/0x260
[  280.337212][T11741]  ? __pfx_ksys_write+0x10/0x10
[  280.338333][T11741]  __do_fast_syscall_32+0x73/0x120
[  280.339527][T11741]  do_fast_syscall_32+0x32/0x80
[  280.340682][T11741]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  280.342170][T11741] RIP: 0023:0xf7f57579
[  280.343133][T11741] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  280.347475][T11741] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  280.349349][T11741] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000005951
[  280.351141][T11741] RDX: 0000000000007a89 RSI: 0000000000000000 RDI: 0000000000000000
[  280.352987][T11741] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  280.354831][T11741] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  280.356803][T11741] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  280.358652][T11741]  </TASK>
[  281.771736][T11767] 9pnet: Unknown protocol version 9p2000.
[  281.780991][T11767] overlayfs: overlapping lowerdir path
[  281.805249][T11767] netlink: 'syz.3.1537': attribute type 3 has an invalid length.
[  281.808437][T11767] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1537'.
[  282.399897][T11778] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1540'.
[  282.999082][   T39] audit: type=1326 audit(1728193424.271:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11777 comm="syz.1.1540" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x0
[  283.068570][T11795] 9pnet: Unknown protocol version 9p200
[  283.108456][T11795] overlayfs: overlapping lowerdir path
[  283.142716][T11797] FAULT_INJECTION: forcing a failure.
[  283.142716][T11797] name failslab, interval 1, probability 0, space 0, times 0
[  283.146319][T11797] CPU: 2 UID: 0 PID: 11797 Comm: syz.0.1544 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  283.149129][T11797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  283.151967][T11797] Call Trace:
[  283.152866][T11797]  <TASK>
[  283.153661][T11797]  dump_stack_lvl+0x16c/0x1f0
[  283.154912][T11797]  should_fail_ex+0x497/0x5b0
[  283.156185][T11797]  ? fs_reclaim_acquire+0xae/0x160
[  283.157552][T11797]  should_failslab+0xc2/0x120
[  283.158802][T11797]  __kmalloc_node_noprof+0xd1/0x440
[  283.160198][T11797]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  283.161640][T11797]  __kvmalloc_node_noprof+0xad/0x1a0
[  283.163173][T11797]  check_cfg+0xb4/0x840
[  283.164289][T11797]  ? check_subprogs+0x57c/0x7d0
[  283.165634][T11797]  bpf_check+0x73ac/0xc7c0
[  283.166833][T11797]  ? __pfx_bpf_check+0x10/0x10
[  283.168114][T11797]  ? find_held_lock+0x2d/0x110
[  283.169418][T11797]  ? ktime_get_with_offset+0x13a/0x240
[  283.170860][T11797]  ? trace_lock_acquire+0x14a/0x1d0
[  283.172238][T11797]  ? ktime_get_with_offset+0x13a/0x240
[  283.173688][T11797]  ? timekeeping_debug_get_ns+0x3e0/0x5b0
[  283.175197][T11797]  ? lockdep_hardirqs_on+0x7c/0x110
[  283.176604][T11797]  ? bpf_obj_name_cpy+0x156/0x1b0
[  283.177931][T11797]  bpf_prog_load+0xe3f/0x2670
[  283.179175][T11797]  ? __pfx_bpf_prog_load+0x10/0x10
[  283.180519][T11797]  ? find_held_lock+0x2d/0x110
[  283.181789][T11797]  __sys_bpf+0x4c8c/0x5780
[  283.182965][T11797]  ? ksys_write+0x21e/0x260
[  283.184151][T11797]  ? __pfx___sys_bpf+0x10/0x10
[  283.185435][T11797]  ? vfs_write+0x14d/0x1140
[  283.186629][T11797]  ? __mutex_unlock_slowpath+0x164/0x650
[  283.188110][T11797]  ? fput+0x30/0x390
[  283.189143][T11797]  ? ksys_write+0x1ad/0x260
[  283.190335][T11797]  ? __pfx_ksys_write+0x10/0x10
[  283.191620][T11797]  __ia32_sys_bpf+0x76/0xe0
[  283.192817][T11797]  __do_fast_syscall_32+0x73/0x120
[  283.194164][T11797]  do_fast_syscall_32+0x32/0x80
[  283.195454][T11797]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  283.197135][T11797] RIP: 0023:0xf73fe579
[  283.198230][T11797] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  283.203221][T11797] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  283.205391][T11797] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000840
[  283.207451][T11797] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  283.209476][T11797] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  283.211547][T11797] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  283.213625][T11797] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  283.215702][T11797]  </TASK>
[  283.246516][T11795] netlink: 'syz.3.1543': attribute type 3 has an invalid length.
[  283.249734][T11795] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1543'.
[  283.490132][T11802] bridge0: port 3(batadv0) entered blocking state
[  283.492765][T11802] bridge0: port 3(batadv0) entered disabled state
[  283.495257][T11802] batadv0: entered allmulticast mode
[  283.497766][T11802] batadv0: entered promiscuous mode
[  283.499712][T11802] bridge0: port 3(batadv0) entered blocking state
[  283.501802][T11802] bridge0: port 3(batadv0) entered forwarding state
[  283.557636][T11804] 9pnet_fd: Insufficient options for proto=fd
[  283.570483][T11804] dvmrp1: entered allmulticast mode
[  283.696292][T11809] 9pnet_fd: Insufficient options for proto=fd
[  283.700541][T11809] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1550'.
[  283.706765][T11809] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1550'.
[  283.709799][T11809] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  283.743539][ T5694] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  283.748464][ T5694] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  284.150811][ T4783] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  284.156196][ T4783] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  284.158761][ T4783] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  284.162304][ T4783] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  284.162367][T11825] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1556'.
[  284.165304][ T4783] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  284.170306][ T4783] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  284.306114][T11822] chnl_net:caif_netlink_parms(): no params data found
[  284.382583][   T39] audit: type=1326 audit(1728193425.651:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11824 comm="syz.1.1556" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x0
[  284.491763][T11822] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.502019][T11822] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.507784][T11822] bridge_slave_0: entered allmulticast mode
[  284.519102][T11822] bridge_slave_0: entered promiscuous mode
[  284.527926][T11822] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.529855][T11822] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.531749][T11822] bridge_slave_1: entered allmulticast mode
[  284.534036][T11822] bridge_slave_1: entered promiscuous mode
[  284.637433][T11822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  284.641866][T11822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  284.706985][T11822] team0: Port device team_slave_0 added
[  284.713837][T11822] team0: Port device team_slave_1 added
[  284.744083][T11822] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.746536][T11822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.755184][T11822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  284.760206][T11822] batman_adv: batadv0: Adding interface: batadv_slave_1
[  284.762649][T11822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.772914][T11822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  284.808244][T11822] hsr_slave_0: entered promiscuous mode
[  284.810838][T11822] hsr_slave_1: entered promiscuous mode
[  284.813206][T11822] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  284.819520][T11822] Cannot create hsr debugfs directory
[  284.928782][T11822] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.068745][T11822] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.192709][T11822] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.265178][T11822] bond0: (slave netdevsim0): Releasing backup interface
[  285.270292][T11822] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.502371][T11822] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  285.508481][T11822] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  285.522940][T11822] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  285.532847][T11869] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.1565'.
[  285.541920][T11822] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  285.588177][T11874] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1567'.
[  285.618819][T11822] 8021q: adding VLAN 0 to HW filter on device bond0
[  285.691232][T11822] 8021q: adding VLAN 0 to HW filter on device team0
[  285.698570][ T5694] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.700419][ T5694] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.711241][ T5688] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.713158][ T5688] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.826475][T11822] 8021q: adding VLAN 0 to HW filter on device batadv0
[  285.844802][T11822] veth0_vlan: entered promiscuous mode
[  285.851898][T11822] veth1_vlan: entered promiscuous mode
[  285.871542][T11822] veth0_macvtap: entered promiscuous mode
[  285.893675][T11822] veth1_macvtap: entered promiscuous mode
[  285.900214][T11822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  285.910342][T11822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.917113][T11822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  285.920257][T11822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.922777][T11822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  285.925638][T11822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.929062][T11822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  285.931840][T11822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.937636][T11822] batman_adv: batadv0: Interface activated: batadv_slave_0
[  285.940862][T11822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  285.944869][T11822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.948185][T11822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  285.953125][T11822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.956252][T11822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  285.959985][T11822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.962978][T11822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  285.966578][T11822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.969963][T11822] batman_adv: batadv0: Interface activated: batadv_slave_1
[  285.975102][T11822] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  285.978001][T11822] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.980259][T11822] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.982820][T11822] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  286.130977][   T39] audit: type=1326 audit(1728193427.401:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11873 comm="syz.0.1567" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  286.203552][ T5345] Bluetooth: hci0: command tx timeout
[  286.206688][ T5615] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.209017][ T5615] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.222440][ T5615] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.224803][ T5615] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.336374][T11893] 9pnet: Unknown protocol version 9p2000.
[  286.338593][T11893] overlayfs: overlapping lowerdir path
[  286.354723][T11893] netlink: 'syz.2.1552': attribute type 3 has an invalid length.
[  286.356917][T11893] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1552'.
[  286.575754][T11897] netlink: 5300 bytes leftover after parsing attributes in process `syz.1.1571'.
[  286.579448][T11897] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  286.711029][T11904] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1573'.
[  286.722601][T11904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.755600][T11904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.758824][T11904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.762115][T11904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.774064][T11904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.777434][T11904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.780565][T11904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.788191][T11904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.931373][T11912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1575'.
[  286.939797][T11912] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1575'.
[  287.106607][T11916] trusted_key: encrypted_key: master key parameter 'user:' is invalid
[  287.430733][T11933] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.1582'.
[  288.293418][ T5345] Bluetooth: hci0: command tx timeout
[  288.355504][T11938] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1585'.
[  288.360203][T11938] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1585'.
[  288.363922][T11938] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.366892][T11938] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.369400][T11938] bridge0: port 2(bridge_slave_1) entered forwarding state
[  288.634128][T11953] netlink: 'syz.0.1589': attribute type 3 has an invalid length.
[  289.462580][T11974] FAULT_INJECTION: forcing a failure.
[  289.462580][T11974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.468673][T11974] CPU: 1 UID: 0 PID: 11974 Comm: syz.1.1598 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  289.471819][T11974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.474795][T11974] Call Trace:
[  289.475702][T11974]  <TASK>
[  289.476540][T11974]  dump_stack_lvl+0x16c/0x1f0
[  289.477795][T11974]  should_fail_ex+0x497/0x5b0
[  289.479050][T11974]  _copy_from_user+0x30/0xf0
[  289.480291][T11974]  get_compat_msghdr+0xa8/0x170
[  289.481569][T11974]  ? __pfx_get_compat_msghdr+0x10/0x10
[  289.482988][T11974]  ? find_held_lock+0x2d/0x110
[  289.484250][T11974]  ___sys_recvmsg+0x193/0x1a0
[  289.485521][T11974]  ? __pfx____sys_recvmsg+0x10/0x10
[  289.486892][T11974]  ? lock_acquire+0x2f/0xb0
[  289.488270][T11974]  ? __fget_files+0x40/0x3f0
[  289.489500][T11974]  ? __pfx___might_resched+0x10/0x10
[  289.490885][T11974]  ? fdget+0x176/0x210
[  289.491961][T11974]  do_recvmmsg+0x51a/0x750
[  289.493148][T11974]  ? __pfx_do_recvmmsg+0x10/0x10
[  289.494557][T11974]  ? __pfx_lock_release+0x10/0x10
[  289.495896][T11974]  ? vfs_write+0x14d/0x1140
[  289.497112][T11974]  ? __fget_files+0x244/0x3f0
[  289.498354][T11974]  __sys_recvmmsg+0x21e/0x280
[  289.499595][T11974]  ? __pfx___sys_recvmmsg+0x10/0x10
[  289.500966][T11974]  ? __pfx_ksys_write+0x10/0x10
[  289.502249][T11974]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  289.503893][T11974]  ? lockdep_hardirqs_on+0x7c/0x110
[  289.505273][T11974]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  289.506987][T11974]  __do_fast_syscall_32+0x73/0x120
[  289.508341][T11974]  do_fast_syscall_32+0x32/0x80
[  289.509619][T11974]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  289.511269][T11974] RIP: 0023:0xf7f67579
[  289.512312][T11974] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  289.517191][T11974] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  289.519186][T11974] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200055c0
[  289.521095][T11974] RDX: 000000000400023c RSI: 0000000000000302 RDI: 0000000000000000
[  289.523056][T11974] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  289.524971][T11974] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  289.526926][T11974] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  289.528925][T11974]  </TASK>
[  289.645338][T11984] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.681862][T11984] ieee802154 phy0 wpan0: encryption failed: -22
[  289.856309][T11995] libceph: resolve '.
[  289.856309][T11995] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  289.856309][T11995] ' (ret=-3): failed
[  290.169615][T11999] netlink: 'syz.0.1607': attribute type 3 has an invalid length.
[  290.373455][ T5345] Bluetooth: hci0: command tx timeout
[  291.872198][T12009] __nla_validate_parse: 3 callbacks suppressed
[  291.872210][T12009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1610'.
[  292.081027][T12023] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1615'.
[  292.448053][ T5345] Bluetooth: hci0: command tx timeout
[  293.251916][T12038] netlink: 'syz.3.1617': attribute type 3 has an invalid length.
[  293.254303][T12038] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1617'.
[  294.603453][ T5933] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  294.785152][ T5933] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  294.789035][ T5933] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  294.792510][ T5933] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  294.799421][ T5933] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.806412][T12045] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  294.814469][ T5933] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  295.045430][T12045] exFAT-fs (nullb0): invalid boot record signature
[  295.047982][T12045] exFAT-fs (nullb0): failed to read boot sector
[  295.049928][T12045] exFAT-fs (nullb0): failed to recognize exfat type
[  295.058126][T12053] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.1622'.
[  295.067152][   T62] usb 8-1: USB disconnect, device number 12
[  295.303488][ T5933] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  295.475350][ T5933] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  295.478613][ T5933] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  295.481287][ T5933] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  295.483997][ T5933] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.490314][T12051] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  295.499875][ T5933] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  295.720821][   T56] usb 7-1: USB disconnect, device number 5
[  296.318499][T12072] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1629'.
[  296.359802][T12072] batman_adv: batadv0: Adding interface: ip6gretap1
[  296.361626][T12072] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.368439][T12072] batman_adv: batadv0: Interface activated: ip6gretap1
[  296.883366][T12083] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1633'.
[  296.885987][T12083] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1633'.
[  296.956793][T12085] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1634'.
[  297.403558][T12091] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1636'.
[  297.409855][T12091] netlink: 'syz.1.1636': attribute type 29 has an invalid length.
[  297.412254][T12091] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1636'.
[  297.414853][T12091] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1636'.
[  297.417807][T12091] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1636'.
[  298.227527][T12104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1639'.
[  298.688978][T12116] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1641'.
[  298.761911][T12118] FAULT_INJECTION: forcing a failure.
[  298.761911][T12118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.765858][T12118] CPU: 2 UID: 0 PID: 12118 Comm: syz.1.1642 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  298.768651][T12118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  298.771414][T12118] Call Trace:
[  298.772295][T12118]  <TASK>
[  298.773072][T12118]  dump_stack_lvl+0x16c/0x1f0
[  298.774311][T12118]  should_fail_ex+0x497/0x5b0
[  298.775544][T12118]  _copy_from_user+0x30/0xf0
[  298.776777][T12118]  get_compat_msghdr+0xa8/0x170
[  298.778048][T12118]  ? __pfx_get_compat_msghdr+0x10/0x10
[  298.779461][T12118]  ? __pfx_lock_release+0x10/0x10
[  298.780791][T12118]  ? find_held_lock+0x2d/0x110
[  298.782200][T12118]  ___sys_sendmsg+0x1b0/0x1e0
[  298.783450][T12118]  ? __up_read+0x1fb/0x760
[  298.784638][T12118]  ? __pfx____sys_sendmsg+0x10/0x10
[  298.786015][T12118]  ? handle_mm_fault+0x497/0xaa0
[  298.787331][T12118]  ? __pfx___might_resched+0x10/0x10
[  298.788724][T12118]  ? __sys_sendmmsg+0x2bd/0x450
[  298.790004][T12118]  __sys_sendmmsg+0x2a5/0x450
[  298.791240][T12118]  ? __pfx___sys_sendmmsg+0x10/0x10
[  298.792610][T12118]  ? vfs_write+0x14d/0x1140
[  298.793805][T12118]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  298.795406][T12118]  ? fput+0x30/0x390
[  298.796457][T12118]  ? ksys_write+0x1ad/0x260
[  298.797652][T12118]  ? __pfx_ksys_write+0x10/0x10
[  298.798927][T12118]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  298.800401][T12118]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  298.802106][T12118]  __do_fast_syscall_32+0x73/0x120
[  298.803443][T12118]  do_fast_syscall_32+0x32/0x80
[  298.804718][T12118]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  298.806370][T12118] RIP: 0023:0xf7f67579
[  298.807434][T12118] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  298.812383][T12118] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  298.814536][T12118] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004400
[  298.816536][T12118] RDX: 0000000000000203 RSI: 00000000000101d0 RDI: 0000000000000000
[  298.818590][T12118] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  298.820653][T12118] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  298.822699][T12118] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  298.824756][T12118]  </TASK>
[  298.860898][   T39] audit: type=1326 audit(1728193440.131:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12115 comm="syz.0.1641" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  299.118334][T12131] ./file0: Can't lookup blockdev
[  299.793493][T12135] can0: slcan on ttyprintk.
[  300.033409][   T56] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  300.163403][   T56] usb 6-1: device descriptor read/64, error -71
[  300.194941][T12154] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1649'.
[  300.403407][   T56] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  300.543403][   T56] usb 6-1: device descriptor read/64, error -71
[  300.654239][   T56] usb usb6-port1: attempt power cycle
[  301.013420][   T56] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  301.038522][   T56] usb 6-1: device descriptor read/8, error -71
[  301.273552][   T56] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  301.294591][   T56] usb 6-1: device descriptor read/8, error -71
[  301.404281][   T56] usb usb6-port1: unable to enumerate USB device
[  301.773415][    T8] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  301.923426][    T8] usb 8-1: Using ep0 maxpacket: 16
[  301.927091][    T8] usb 8-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  301.930042][    T8] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  301.933142][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11
[  301.936165][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024
[  301.939083][    T8] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  301.947093][    T8] usb 8-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  301.949438][    T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.951393][    T8] usb 8-1: Product: syz
[  301.952511][    T8] usb 8-1: Manufacturer: syz
[  301.953794][    T8] usb 8-1: SerialNumber: syz
[  301.956294][    T8] usb 8-1: config 0 descriptor??
[  302.159549][T12162] FAULT_INJECTION: forcing a failure.
[  302.159549][T12162] name failslab, interval 1, probability 0, space 0, times 0
[  302.159671][T12162] CPU: 0 UID: 0 PID: 12162 Comm: syz.3.1651 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  302.159687][T12162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  302.159694][T12162] Call Trace:
[  302.159698][T12162]  <TASK>
[  302.159702][T12162]  dump_stack_lvl+0x16c/0x1f0
[  302.159723][T12162]  should_fail_ex+0x497/0x5b0
[  302.159740][T12162]  ? fs_reclaim_acquire+0xae/0x160
[  302.159755][T12162]  should_failslab+0xc2/0x120
[  302.159770][T12162]  __kmalloc_cache_noprof+0x6b/0x310
[  302.159794][T12162]  ? drm_atomic_helper_setup_commit+0x633/0x15e0
[  302.159832][T12162]  drm_atomic_helper_setup_commit+0x633/0x15e0
[  302.159850][T12162]  drm_atomic_helper_commit+0xa9/0x380
[  302.159862][T12162]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  302.159874][T12162]  drm_atomic_commit+0x229/0x300
[  302.159888][T12162]  ? __pfx_drm_atomic_commit+0x10/0x10
[  302.159902][T12162]  ? __pfx___drm_atomic_helper_set_config+0x10/0x10
[  302.159914][T12162]  ? __pfx___drm_printfn_info+0x10/0x10
[  302.159932][T12162]  ? drm_client_rotation+0x4d9/0x6a0
[  302.159949][T12162]  drm_client_modeset_commit_atomic+0x6b0/0x800
[  302.159966][T12162]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  302.159978][T12162]  ? trace_contention_end+0xea/0x140
[  302.159995][T12162]  ? drm_master_internal_acquire+0x21/0x80
[  302.160016][T12162]  ? rcu_is_watching+0x12/0xc0
[  302.160033][T12162]  drm_client_modeset_dpms+0x17e/0x210
[  302.160047][T12162]  drm_fb_helper_blank+0x19f/0x260
[  302.160058][T12162]  ? __pfx_drm_fb_helper_blank+0x10/0x10
[  302.160073][T12162]  fb_blank+0x105/0x190
[  302.160085][T12162]  ? __pfx_fb_blank+0x10/0x10
[  302.160096][T12162]  ? lock_acquire+0x2f/0xb0
[  302.160114][T12162]  do_fb_ioctl+0x432/0x7d0
[  302.160128][T12162]  ? __pfx_do_fb_ioctl+0x10/0x10
[  302.160159][T12162]  ? tomoyo_path_number_perm+0x292/0x5b0
[  302.160185][T12162]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  302.160215][T12162]  fb_compat_ioctl+0x55f/0x670
[  302.160228][T12162]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  302.160245][T12162]  ? __fget_files+0x244/0x3f0
[  302.160258][T12162]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  302.160272][T12162]  __do_compat_sys_ioctl+0x259/0x2b0
[  302.160290][T12162]  __do_fast_syscall_32+0x73/0x120
[  302.160306][T12162]  do_fast_syscall_32+0x32/0x80
[  302.160320][T12162]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  302.160335][T12162] RIP: 0023:0xf7f61579
[  302.160345][T12162] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  302.160355][T12162] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  302.160367][T12162] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000004611
[  302.160374][T12162] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  302.160381][T12162] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  302.160387][T12162] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  302.160394][T12162] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  302.160408][T12162]  </TASK>
[  302.214390][    T8] appledisplay 8-1:0.0: Error while getting initial brightness: -110
[  302.219216][    T8] appledisplay 8-1:0.0: probe with driver appledisplay failed with error -110
[  302.334545][    T8] usb 8-1: USB disconnect, device number 13
[  302.924122][T12134] can0 (unregistered): slcan off ttyprintk.
[  303.093967][T12191] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1656'.
[  303.097045][T12191] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  303.283517][   T35] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  303.423505][   T35] usb 6-1: device descriptor read/64, error -71
[  303.480622][T12199] netlink: 'syz.0.1657': attribute type 3 has an invalid length.
[  303.482800][T12199] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1657'.
[  303.673441][   T35] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  303.817460][   T35] usb 6-1: device descriptor read/64, error -71
[  303.819843][   T39] audit: type=1326 audit(1728193445.091:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12184 comm="syz.2.1656" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7fc00000
[  303.923724][   T35] usb usb6-port1: attempt power cycle
[  304.393485][   T35] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  304.413831][   T35] usb 6-1: device descriptor read/8, error -71
[  304.663371][   T35] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  304.693866][   T35] usb 6-1: device descriptor read/8, error -71
[  304.803551][   T35] usb usb6-port1: unable to enumerate USB device
[  304.960969][T12227] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1663'.
[  304.976806][T12227] sp0: Synchronizing with TNC
[  305.320360][T12230] FAULT_INJECTION: forcing a failure.
[  305.320360][T12230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.324134][T12230] CPU: 3 UID: 0 PID: 12230 Comm: syz.0.1664 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  305.327024][T12230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  305.329889][T12230] Call Trace:
[  305.330801][T12230]  <TASK>
[  305.331618][T12230]  dump_stack_lvl+0x16c/0x1f0
[  305.332914][T12230]  should_fail_ex+0x497/0x5b0
[  305.334193][T12230]  _copy_from_user+0x30/0xf0
[  305.335422][T12230]  get_compat_msghdr+0xa8/0x170
[  305.336936][T12230]  ? __pfx_get_compat_msghdr+0x10/0x10
[  305.338428][T12230]  ? find_held_lock+0x2d/0x110
[  305.339722][T12230]  ___sys_recvmsg+0x193/0x1a0
[  305.341002][T12230]  ? __pfx____sys_recvmsg+0x10/0x10
[  305.342415][T12230]  ? lock_acquire+0x2f/0xb0
[  305.343643][T12230]  ? __fget_files+0x40/0x3f0
[  305.344893][T12230]  ? __pfx___might_resched+0x10/0x10
[  305.346290][T12230]  ? fdget+0x176/0x210
[  305.347382][T12230]  do_recvmmsg+0x51a/0x750
[  305.348595][T12230]  ? __pfx_do_recvmmsg+0x10/0x10
[  305.351300][T12230]  ? __schedule+0x3b3f/0x5750
[  305.353212][T12230]  ? __pfx___schedule+0x10/0x10
[  305.354537][T12230]  ? __fget_files+0x244/0x3f0
[  305.355782][T12230]  __sys_recvmmsg+0x21e/0x280
[  305.357109][T12230]  ? __pfx___sys_recvmmsg+0x10/0x10
[  305.358515][T12230]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  305.360148][T12230]  ? lockdep_hardirqs_on+0x7c/0x110
[  305.361500][T12230]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  305.363195][T12230]  __do_fast_syscall_32+0x73/0x120
[  305.365058][T12230]  do_fast_syscall_32+0x32/0x80
[  305.366380][T12230]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  305.368024][T12230] RIP: 0023:0xf73fe579
[  305.369124][T12230] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  305.374163][T12230] RSP: 002b:00000000f56c556c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  305.376354][T12230] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020008880
[  305.378406][T12230] RDX: 000000000000045b RSI: 0000000044000102 RDI: 0000000000000000
[  305.380561][T12230] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.382593][T12230] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  305.384640][T12230] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.386446][T12230]  </TASK>
[  306.776269][T12252] netlink: 'syz.3.1667': attribute type 3 has an invalid length.
[  306.778432][T12252] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1667'.
[  307.968563][T12279] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  308.997921][T12287] netlink: 'syz.2.1677': attribute type 3 has an invalid length.
[  308.999882][T12287] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1677'.
[  311.645664][ T5345] Bluetooth: hci0: command tx timeout
[  311.868019][T12326] netlink: 'syz.0.1687': attribute type 1 has an invalid length.
[  311.871504][T12326] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.1687'.
[  311.875618][T12326] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1687'.
[  313.714751][T12353] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1691'.
[  313.810314][T12352] overlayfs: missing 'lowerdir'
[  314.163508][T12352] netlink: 'syz.2.1694': attribute type 3 has an invalid length.
[  314.163571][T12352] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1694'.
[  314.638801][T12359] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1695'.
[  314.715627][T12361] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1696'.
[  314.718646][T12361] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1696'.
[  314.721038][T12361] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1696'.
[  314.980222][T12371] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.1699'.
[  316.442173][T12382] overlay: Unknown parameter '/'
[  316.455031][ T1374] ieee802154 phy0 wpan0: encryption failed: -22
[  316.456544][T12382] netlink: 'syz.2.1703': attribute type 3 has an invalid length.
[  316.458863][T12382] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1703'.
[  317.150828][T12385] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.1704'.
[  318.629516][ T4783] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  318.634915][ T4783] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  318.637529][ T4783] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  318.641230][ T4783] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  318.643644][ T4783] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  318.653625][ T4783] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  318.828925][T12410] chnl_net:caif_netlink_parms(): no params data found
[  318.889812][T12410] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.891788][T12410] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.894342][T12410] bridge_slave_0: entered allmulticast mode
[  318.896427][T12410] bridge_slave_0: entered promiscuous mode
[  318.899369][T12410] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.901286][T12410] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.903193][T12410] bridge_slave_1: entered allmulticast mode
[  318.905402][T12410] bridge_slave_1: entered promiscuous mode
[  318.939175][T12410] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  318.942921][T12410] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  318.967949][T12410] team0: Port device team_slave_0 added
[  318.970780][T12410] team0: Port device team_slave_1 added
[  318.994275][T12410] batman_adv: batadv0: Adding interface: batadv_slave_0
[  318.996214][T12410] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.009013][T12410] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  319.016653][T12410] batman_adv: batadv0: Adding interface: batadv_slave_1
[  319.018370][T12410] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.028515][T12410] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  319.135575][T12410] hsr_slave_0: entered promiscuous mode
[  319.139189][T12410] hsr_slave_1: entered promiscuous mode
[  319.141972][T12410] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  319.147172][T12410] Cannot create hsr debugfs directory
[  319.272918][T12410] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.284890][T12428] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1715'.
[  319.288191][T12428] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1715'.
[  319.360397][T12410] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.431560][T12410] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.454790][T12434] mkiss: ax0: crc mode is auto.
[  319.514553][T12410] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.632636][T12410] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  319.658062][T12410] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  319.664390][T12410] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  319.677887][T12410] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  319.698648][T12410] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.700649][T12410] bridge0: port 2(bridge_slave_1) entered forwarding state
[  319.702625][T12410] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.704562][T12410] bridge0: port 1(bridge_slave_0) entered forwarding state
[  319.759531][T12410] 8021q: adding VLAN 0 to HW filter on device bond0
[  319.771119][ T5690] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.775959][ T5690] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.790175][T12438] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1717'.
[  319.803243][T12410] 8021q: adding VLAN 0 to HW filter on device team0
[  319.827795][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.830451][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state
[  319.854405][ T5690] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.856857][ T5690] bridge0: port 2(bridge_slave_1) entered forwarding state
[  320.307865][T12455] overlayfs: missing 'lowerdir'
[  320.381583][T12410] 8021q: adding VLAN 0 to HW filter on device batadv0
[  320.493224][T12452] netlink: 'syz.2.1721': attribute type 3 has an invalid length.
[  320.495565][T12452] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1721'.
[  320.498714][T12410] veth0_vlan: entered promiscuous mode
[  320.627362][T12410] veth1_vlan: entered promiscuous mode
[  320.763934][ T4783] Bluetooth: hci4: command tx timeout
[  320.966838][T12410] veth0_macvtap: entered promiscuous mode
[  320.976169][T12410] veth1_macvtap: entered promiscuous mode
[  320.982586][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.987443][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.990099][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.993212][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.996043][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.998749][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.001424][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.007499][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.009879][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.012340][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.015611][T12410] batman_adv: batadv0: Interface activated: batadv_slave_0
[  321.019864][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.022507][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.025115][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.027567][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.029893][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.032395][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.035936][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.038709][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.041341][T12410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.044684][T12410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.049193][T12410] batman_adv: batadv0: Interface activated: batadv_slave_1
[  321.060699][T12410] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  321.063372][T12410] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  321.066446][T12410] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  321.068811][T12410] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  321.165058][ T5703] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.166977][ T5703] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.195414][ T5703] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.197627][ T5703] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.290368][T12465] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1724'.
[  321.330398][T12463] tmpfs: Unknown parameter '�'
[  322.747310][T12481] overlayfs: failed to get index nlink (file1/file0, err=-61)
[  322.819579][T12481] overlayfs: failed to get index nlink (file1/file1, err=-61)
[  322.903443][ T4783] Bluetooth: hci4: command tx timeout
[  322.944269][T12481] fuse: Unknown parameter 'root'
[  323.507346][T12491] binder: 12490:12491 ioctl c0306201 20000880 returned -14
[  323.512653][T12491] 9pnet_fd: Insufficient options for proto=fd
[  323.566704][T12493] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1731'.
[  323.901743][T12502] netlink: 'syz.1.1734': attribute type 3 has an invalid length.
[  323.905101][T12502] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1734'.
[  324.636948][T12507] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1736'.
[  324.936180][ T4783] Bluetooth: hci4: command tx timeout
[  325.299473][T12519] overlay: Unknown parameter '/'
[  325.335355][T12519] netlink: 'syz.1.1738': attribute type 3 has an invalid length.
[  325.337701][T12519] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1738'.
[  326.095821][T12536] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1744'.
[  326.098553][T12536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.101310][T12536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.106349][T12536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.109174][T12536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.111742][T12536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.114618][T12536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.117366][T12536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.120144][T12536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.122848][T12536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.126264][T12536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.932475][T12549] overlay: Unknown parameter '/'
[  326.950520][T12549] netlink: 'syz.2.1747': attribute type 3 has an invalid length.
[  326.973645][T12549] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1747'.
[  327.003429][ T4783] Bluetooth: hci4: command tx timeout
[  327.696350][T12554] FAULT_INJECTION: forcing a failure.
[  327.696350][T12554] name failslab, interval 1, probability 0, space 0, times 0
[  327.723514][T12554] CPU: 0 UID: 0 PID: 12554 Comm: syz.3.1748 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  327.726365][T12554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  327.729175][T12554] Call Trace:
[  327.730078][T12554]  <TASK>
[  327.730869][T12554]  dump_stack_lvl+0x16c/0x1f0
[  327.732134][T12554]  should_fail_ex+0x497/0x5b0
[  327.733395][T12554]  ? fs_reclaim_acquire+0xae/0x160
[  327.734752][T12554]  should_failslab+0xc2/0x120
[  327.736030][T12554]  __kmalloc_node_noprof+0xd1/0x440
[  327.737403][T12554]  ? __nf_register_net_hook+0x184/0x730
[  327.738875][T12554]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  327.740681][T12554]  __kvmalloc_node_noprof+0xad/0x1a0
[  327.742939][T12554]  nf_hook_entries_grow+0x282/0x810
[  327.744424][T12554]  __nf_register_net_hook+0x1cd/0x730
[  327.745845][T12554]  nf_register_net_hook+0x109/0x160
[  327.747229][T12554]  nf_register_net_hooks+0x5d/0xd0
[  327.748613][T12554]  nf_defrag_ipv4_enable+0xb8/0x120
[  327.750001][T12554]  nf_ct_netns_do_get+0x31f/0x620
[  327.751369][T12554]  ? __pfx_nf_ct_netns_do_get+0x10/0x10
[  327.752853][T12554]  ? nft_counter_do_init+0x1c0/0x240
[  327.754359][T12554]  nf_ct_netns_get+0x39/0x150
[  327.755616][T12554]  nft_masq_init+0x1c4/0x2a0
[  327.756865][T12554]  ? __pfx_nft_counter_init+0x10/0x10
[  327.758272][T12554]  ? __pfx_nft_masq_init+0x10/0x10
[  327.759619][T12554]  nf_tables_newrule+0xe99/0x2890
[  327.760990][T12554]  ? __pfx_nf_tables_newrule+0x10/0x10
[  327.762419][T12554]  ? net_generic+0xea/0x2a0
[  327.763640][T12554]  ? __pfx_lock_release+0x10/0x10
[  327.764984][T12554]  ? trace_lock_acquire+0x14a/0x1d0
[  327.766352][T12554]  ? __nla_parse+0x40/0x60
[  327.767535][T12554]  nfnetlink_rcv_batch+0x1a28/0x24e0
[  327.768989][T12554]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  327.770464][T12554]  ? __pfx_lock_release+0x10/0x10
[  327.771803][T12554]  ? __local_bh_enable_ip+0xa4/0x120
[  327.773217][T12554]  ? lockdep_hardirqs_on+0x7c/0x110
[  327.774591][T12554]  ? __pfx___dev_queue_xmit+0x10/0x10
[  327.776040][T12554]  ? __nla_parse+0x40/0x60
[  327.777221][T12554]  nfnetlink_rcv+0x3c3/0x430
[  327.778450][T12554]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  327.779814][T12554]  netlink_unicast+0x53c/0x7f0
[  327.781108][T12554]  ? __pfx_netlink_unicast+0x10/0x10
[  327.782517][T12554]  ? __phys_addr_symbol+0x30/0x80
[  327.783875][T12554]  ? __check_object_size+0x488/0x710
[  327.785312][T12554]  netlink_sendmsg+0x8b8/0xd70
[  327.786940][T12554]  ? __pfx_netlink_sendmsg+0x10/0x10
[  327.788344][T12554]  ? lock_acquire+0x2f/0xb0
[  327.789563][T12554]  ____sys_sendmsg+0x9ae/0xb40
[  327.791199][T12554]  ? __pfx_____sys_sendmsg+0x10/0x10
[  327.793000][T12554]  ? get_compat_msghdr+0x11b/0x170
[  327.794745][T12554]  ? __pfx___lock_acquire+0x10/0x10
[  327.796168][T12554]  ___sys_sendmsg+0x135/0x1e0
[  327.797436][T12554]  ? __pfx____sys_sendmsg+0x10/0x10
[  327.798835][T12554]  ? lock_acquire+0x2f/0xb0
[  327.800066][T12554]  ? __fget_files+0x40/0x3f0
[  327.801314][T12554]  ? fdget+0x176/0x210
[  327.802411][T12554]  __sys_sendmsg+0x117/0x1f0
[  327.803669][T12554]  ? __pfx___sys_sendmsg+0x10/0x10
[  327.805348][T12554]  ? __fget_files+0x244/0x3f0
[  327.806607][T12554]  __do_fast_syscall_32+0x73/0x120
[  327.807980][T12554]  do_fast_syscall_32+0x32/0x80
[  327.809267][T12554]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  327.810924][T12554] RIP: 0023:0xf7f61579
[  327.812023][T12554] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  327.817232][T12554] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  327.819368][T12554] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  327.822039][T12554] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  327.824727][T12554] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  327.826817][T12554] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  327.828917][T12554] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  327.831015][T12554]  </TASK>
[  328.824121][T12574] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  329.571439][   T39] audit: type=1326 audit(1728193470.841:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12570 comm="syz.2.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7fc00000
[  329.622875][T12587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1756'.
[  329.844843][T12593] netlink: 134744 bytes leftover after parsing attributes in process `syz.2.1757'.
[  330.167378][   T39] audit: type=1326 audit(1728193471.441:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12586 comm="syz.1.1756" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x0
[  330.547411][T12612] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1761'.
[  331.131050][   T39] audit: type=1326 audit(1728193472.401:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12611 comm="syz.2.1761" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  331.379425][T12629] kvm: kvm [12628]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6000000f809
[  331.406904][   T39] audit: type=1326 audit(1728193472.681:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12631 comm="syz.0.1766" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  332.207236][T12640] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1768'.
[  332.331777][   T39] audit: type=1326 audit(1728193473.601:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12639 comm="syz.3.1768" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x0
[  332.334069][T12643] netlink: 'syz.0.1769': attribute type 3 has an invalid length.
[  332.339529][T12643] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1769'.
[  332.373370][T12636] delete_channel: no stack
[  332.514129][T12654] 9pnet_virtio: no channels available for device syz
[  332.528747][T12654] overlayfs: overlapping lowerdir path
[  332.582228][T12654] netlink: 'syz.1.1771': attribute type 3 has an invalid length.
[  332.586159][T12654] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1771'.
[  333.495821][T12661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1773'.
[  333.498859][T12661] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1773'.
[  333.508579][T12661] vlan2: entered allmulticast mode
[  333.510494][T12661] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  333.721577][T12667] FAULT_INJECTION: forcing a failure.
[  333.721577][T12667] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.725488][T12667] CPU: 1 UID: 0 PID: 12667 Comm: syz.0.1774 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  333.728250][T12667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  333.731165][T12667] Call Trace:
[  333.732253][T12667]  <TASK>
[  333.733185][T12667]  dump_stack_lvl+0x16c/0x1f0
[  333.735030][T12667]  should_fail_ex+0x497/0x5b0
[  333.736673][T12667]  _copy_from_user+0x30/0xf0
[  333.738132][T12667]  vcs_write+0x2f2/0xdb0
[  333.739518][T12667]  ? iovec_from_user.part.0+0x7e/0x130
[  333.741263][T12667]  ? __pfx_vcs_write+0x10/0x10
[  333.742775][T12667]  ? apparmor_file_permission+0x180/0x400
[  333.744590][T12667]  ? bpf_lsm_file_permission+0x9/0x10
[  333.746279][T12667]  ? security_file_permission+0x71/0x210
[  333.748023][T12667]  ? __pfx_vcs_write+0x10/0x10
[  333.749393][T12667]  vfs_writev+0x6da/0xdd0
[  333.750757][T12667]  ? find_held_lock+0x2d/0x110
[  333.752294][T12667]  ? __pfx_vfs_writev+0x10/0x10
[  333.753847][T12667]  ? find_held_lock+0x2d/0x110
[  333.755363][T12667]  ? __pfx_lock_release+0x10/0x10
[  333.756975][T12667]  ? trace_lock_acquire+0x14a/0x1d0
[  333.758604][T12667]  ? __fget_files+0x244/0x3f0
[  333.760094][T12667]  ? do_writev+0x137/0x370
[  333.761496][T12667]  do_writev+0x137/0x370
[  333.762815][T12667]  ? __pfx_do_writev+0x10/0x10
[  333.764345][T12667]  __do_fast_syscall_32+0x73/0x120
[  333.765975][T12667]  do_fast_syscall_32+0x32/0x80
[  333.767506][T12667]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  333.769477][T12667] RIP: 0023:0xf73fe579
[  333.770762][T12667] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  333.776710][T12667] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  333.778944][T12667] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000200002c0
[  333.781150][T12667] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000
[  333.783264][T12667] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  333.785186][T12667] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  333.787074][T12667] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  333.788991][T12667]  </TASK>
[  334.300942][T12680] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.1779'.
[  334.778182][T12684] netlink: 'syz.2.1781': attribute type 29 has an invalid length.
[  334.870446][T12688] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1783'.
[  334.875425][T12688] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1783'.
[  335.130640][   T39] audit: type=1326 audit(1728193476.401:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12696 comm="syz.2.1785" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  335.483745][ T5933] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  335.674636][ T5933] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  335.677840][ T5933] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  335.680353][ T5933] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  335.682854][ T5933] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  335.685375][ T5933] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.692870][ T5933] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  335.732978][ T5933] snd-usb-audio 7-1:27.0: probe with driver snd-usb-audio failed with error -12
[  337.400528][ T4783] Bluetooth: hci4: unexpected cc 0x0403 length: 65 > 1
[  337.664444][T12749] FAULT_INJECTION: forcing a failure.
[  337.664444][T12749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  337.668068][T12749] CPU: 0 UID: 0 PID: 12749 Comm: syz.0.1799 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  337.670560][T12749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  337.673331][T12749] Call Trace:
[  337.674308][T12749]  <TASK>
[  337.675093][T12749]  dump_stack_lvl+0x16c/0x1f0
[  337.676367][T12749]  should_fail_ex+0x497/0x5b0
[  337.677612][T12749]  _copy_from_user+0x30/0xf0
[  337.678833][T12749]  get_compat_msghdr+0xa8/0x170
[  337.680191][T12749]  ? __pfx_get_compat_msghdr+0x10/0x10
[  337.681620][T12749]  ? __pfx___lock_acquire+0x10/0x10
[  337.683072][T12749]  ___sys_sendmsg+0x1b0/0x1e0
[  337.684403][T12749]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.685826][T12749]  ? lock_acquire+0x2f/0xb0
[  337.687042][T12749]  ? __fget_files+0x40/0x3f0
[  337.688279][T12749]  ? fdget+0x176/0x210
[  337.689355][T12749]  __sys_sendmsg+0x117/0x1f0
[  337.690573][T12749]  ? __pfx___sys_sendmsg+0x10/0x10
[  337.691916][T12749]  ? __fget_files+0x244/0x3f0
[  337.693160][T12749]  __do_fast_syscall_32+0x73/0x120
[  337.694523][T12749]  do_fast_syscall_32+0x32/0x80
[  337.695838][T12749]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  337.697572][T12749] RIP: 0023:0xf73fe579
[  337.698631][T12749] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  337.703646][T12749] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  337.705810][T12749] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000580
[  337.707866][T12749] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  337.709913][T12749] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  337.711966][T12749] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  337.714008][T12749] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  337.716085][T12749]  </TASK>
[  338.070124][T12754] netlink: 'syz.0.1800': attribute type 12 has an invalid length.
[  338.150735][  T980] usb 7-1: USB disconnect, device number 6
[  338.341049][T12762] random: crng reseeded on system resumption
[  338.418973][T12765] FAULT_INJECTION: forcing a failure.
[  338.418973][T12765] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  338.422656][T12765] CPU: 2 UID: 0 PID: 12765 Comm: syz.3.1805 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  338.425451][T12765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  338.428399][T12765] Call Trace:
[  338.429301][T12765]  <TASK>
[  338.430094][T12765]  dump_stack_lvl+0x16c/0x1f0
[  338.431387][T12765]  should_fail_ex+0x497/0x5b0
[  338.432663][T12765]  _copy_to_user+0x30/0xc0
[  338.433849][T12765]  do_pages_stat+0x5c1/0x820
[  338.435086][T12765]  ? __pfx_do_pages_stat+0x10/0x10
[  338.436463][T12765]  ? cpuset_mems_allowed+0x1d9/0x480
[  338.437867][T12765]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  338.439395][T12765]  ? lockdep_hardirqs_on+0x7c/0x110
[  338.440774][T12765]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  338.442319][T12765]  kernel_move_pages+0x10a4/0x15a0
[  338.443673][T12765]  ? __mutex_unlock_slowpath+0x164/0x650
[  338.445218][T12765]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  338.446930][T12765]  ? __pfx_kernel_move_pages+0x10/0x10
[  338.448938][T12765]  ? __fget_files+0x244/0x3f0
[  338.450538][T12765]  ? fput+0x30/0x390
[  338.451579][T12765]  ? ksys_write+0x1ad/0x260
[  338.452797][T12765]  ? __pfx_ksys_write+0x10/0x10
[  338.454220][T12765]  __ia32_sys_move_pages+0xdd/0x1b0
[  338.455695][T12765]  ? lockdep_hardirqs_on+0x7c/0x110
[  338.457109][T12765]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  338.458832][T12765]  __do_fast_syscall_32+0x73/0x120
[  338.460196][T12765]  do_fast_syscall_32+0x32/0x80
[  338.461499][T12765]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  338.463630][T12765] RIP: 0023:0xf7f61579
[  338.465022][T12765] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  338.471483][T12765] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 000000000000013d
[  338.474297][T12765] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000001efe
[  338.476857][T12765] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000040
[  338.479476][T12765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  338.481685][T12765] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  338.483844][T12765] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  338.485950][T12765]  </TASK>
[  338.490288][T12770] libceph: resolve '.
[  338.490288][T12770] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  338.490288][T12770] ' (ret=-3): failed
[  338.539541][T12773] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.1808'.
[  338.814489][T12782] netlink: 'syz.1.1810': attribute type 3 has an invalid length.
[  338.816843][T12782] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1810'.
[  339.766280][T12793] 9pnet_virtio: no channels available for device syz
[  339.796976][T12793] overlayfs: overlapping lowerdir path
[  339.858101][T12794] ------------[ cut here ]------------
[  339.858937][T12793] netlink: 'syz.0.1812': attribute type 3 has an invalid length.
[  339.860046][T12794] kmem_cache of name '9p-fcall-cache' already exists
[  339.862029][T12793] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1812'.
[  339.863873][T12794] WARNING: CPU: 1 PID: 12794 at mm/slab_common.c:107 __kmem_cache_create_args+0xb0/0x3c0
[  339.868760][T12794] Modules linked in:
[  339.869887][T12794] CPU: 1 UID: 0 PID: 12794 Comm: syz.3.1811 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  339.874230][T12794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  339.876970][T12794] RIP: 0010:__kmem_cache_create_args+0xb0/0x3c0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  339.878577][T12794] Code: 98 48 3d 10 bb f1 8d 74 25 48 8b 7b 60 48 89 ee e8 c5 68 34 09 85 c0 75 e0 90 48 c7 c7 e8 1f 58 8d 48 89 ee e8 41 b1 7e ff 90 <0f> 0b 90 90 be 20 00 00 00 48 89 ef e8 4f 6a 34 09 48 85 c0 0f 85
[  339.883598][T12794] RSP: 0018:ffffc9002c2078f0 EFLAGS: 00010286
[  339.885151][T12794] RAX: 0000000000000000 RBX: ffff888045715180 RCX: ffffc9000d7d2000
[  339.887187][T12794] RDX: 0000000000040000 RSI: ffffffff814e28c6 RDI: 0000000000000001
[  339.889130][T12794] RBP: ffffffff8ca1e320 R08: 0000000000000001 R09: 0000000000000000
[  339.891041][T12794] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[  339.893066][T12794] R13: 0000000000020018 R14: ffffc9002c2079e0 R15: 0000000000020018
[  339.895127][T12794] FS:  0000000000000000(0000) GS:ffff88802b500000(0063) knlGS:00000000f56a4b40
[  339.897475][T12794] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  339.899247][T12794] CR2: 00000000f5481da4 CR3: 0000000012522000 CR4: 0000000000352ef0
[  339.901330][T12794] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  339.903357][T12794] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  339.905426][T12794] Call Trace:
[  339.906314][T12794]  <TASK>
[  339.907101][T12794]  ? __warn+0xea/0x3d0
[  339.908351][T12794]  ? __kmem_cache_create_args+0xb0/0x3c0
[  339.909808][T12794]  ? report_bug+0x3c0/0x580
[  339.911017][T12794]  ? handle_bug+0x54/0xa0
[  339.912171][T12794]  ? exc_invalid_op+0x17/0x50
[  339.913455][T12794]  ? asm_exc_invalid_op+0x1a/0x20
[  339.914790][T12794]  ? __warn_printk+0x1a6/0x350
[  339.916076][T12794]  ? __kmem_cache_create_args+0xb0/0x3c0
[  339.917549][T12794]  p9_client_create+0xe04/0x1150
[  339.918899][T12794]  ? __pfx_p9_client_create+0x10/0x10
[  339.920267][T12794]  ? __raw_spin_lock_init+0x3a/0x110
[  339.921647][T12794]  v9fs_session_init+0x1f8/0x1a80
[  339.923010][T12794]  ? __pfx_v9fs_session_init+0x10/0x10
[  339.924504][T12794]  ? kasan_save_track+0x14/0x30
[  339.925797][T12794]  v9fs_mount+0xc6/0xa50
[  339.926918][T12794]  ? __pfx_v9fs_mount+0x10/0x10
[  339.928300][T12794]  ? __pfx_v9fs_mount+0x10/0x10
[  339.929587][T12794]  legacy_get_tree+0x109/0x220
[  339.930859][T12794]  vfs_get_tree+0x8f/0x380
[  339.932405][T12794]  path_mount+0x6e1/0x1f10
[  339.933785][T12794]  ? kmem_cache_free+0x152/0x4b0
[  339.935368][T12794]  ? __pfx_path_mount+0x10/0x10
[  339.937077][T12794]  ? putname+0x12e/0x170
[  339.938489][T12794]  __ia32_sys_mount+0x292/0x310
[  339.939850][T12794]  ? __pfx___ia32_sys_mount+0x10/0x10
[  339.941306][T12794]  __do_fast_syscall_32+0x73/0x120
[  339.942688][T12794]  do_fast_syscall_32+0x32/0x80
[  339.944238][T12794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  339.946306][T12794] RIP: 0023:0xf7f61579
[  339.947415][T12794] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  339.953168][T12794] RSP: 002b:00000000f56a456c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  339.956263][T12794] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000020000480
[  339.959153][T12794] RDX: 00000000200004c0 RSI: 0000000000000000 RDI: 0000000020001000
[  339.962037][T12794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  339.965036][T12794] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  339.967896][T12794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  339.970768][T12794]  </TASK>
[  339.971922][T12794] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  339.974568][T12794] CPU: 1 UID: 0 PID: 12794 Comm: syz.3.1811 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  339.978408][T12794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  339.982261][T12794] Call Trace:
[  339.983490][T12794]  <TASK>
[  339.984601][T12794]  dump_stack_lvl+0x3d/0x1f0
[  339.986313][T12794]  panic+0x71d/0x800
[  339.987764][T12794]  ? __pfx_panic+0x10/0x10
[  339.989423][T12794]  ? show_trace_log_lvl+0x29d/0x3d0
[  339.991342][T12794]  ? __kmem_cache_create_args+0xb0/0x3c0
[  339.993502][T12794]  check_panic_on_warn+0xab/0xb0
[  339.995329][T12794]  __warn+0xf6/0x3d0
[  339.996803][T12794]  ? __kmem_cache_create_args+0xb0/0x3c0
[  339.998724][T12794]  report_bug+0x3c0/0x580
[  340.000142][T12794]  handle_bug+0x54/0xa0
[  340.001535][T12794]  exc_invalid_op+0x17/0x50
[  340.003244][T12794]  asm_exc_invalid_op+0x1a/0x20
[  340.004687][T12794] RIP: 0010:__kmem_cache_create_args+0xb0/0x3c0
[  340.006598][T12794] Code: 98 48 3d 10 bb f1 8d 74 25 48 8b 7b 60 48 89 ee e8 c5 68 34 09 85 c0 75 e0 90 48 c7 c7 e8 1f 58 8d 48 89 ee e8 41 b1 7e ff 90 <0f> 0b 90 90 be 20 00 00 00 48 89 ef e8 4f 6a 34 09 48 85 c0 0f 85
[  340.013397][T12794] RSP: 0018:ffffc9002c2078f0 EFLAGS: 00010286
[  340.015585][T12794] RAX: 0000000000000000 RBX: ffff888045715180 RCX: ffffc9000d7d2000
[  340.018469][T12794] RDX: 0000000000040000 RSI: ffffffff814e28c6 RDI: 0000000000000001
[  340.021193][T12794] RBP: ffffffff8ca1e320 R08: 0000000000000001 R09: 0000000000000000
[  340.023992][T12794] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[  340.026805][T12794] R13: 0000000000020018 R14: ffffc9002c2079e0 R15: 0000000000020018
[  340.029006][T12794]  ? __warn_printk+0x1a6/0x350
[  340.030757][T12794]  p9_client_create+0xe04/0x1150
[  340.032562][T12794]  ? __pfx_p9_client_create+0x10/0x10
[  340.034478][T12794]  ? __raw_spin_lock_init+0x3a/0x110
[  340.036367][T12794]  v9fs_session_init+0x1f8/0x1a80
[  340.038202][T12794]  ? __pfx_v9fs_session_init+0x10/0x10
[  340.040192][T12794]  ? kasan_save_track+0x14/0x30
[  340.041885][T12794]  v9fs_mount+0xc6/0xa50
[  340.043434][T12794]  ? __pfx_v9fs_mount+0x10/0x10
[  340.045146][T12794]  ? __pfx_v9fs_mount+0x10/0x10
[  340.046818][T12794]  legacy_get_tree+0x109/0x220
[  340.048531][T12794]  vfs_get_tree+0x8f/0x380
[  340.050127][T12794]  path_mount+0x6e1/0x1f10
[  340.051704][T12794]  ? kmem_cache_free+0x152/0x4b0
[  340.053456][T12794]  ? __pfx_path_mount+0x10/0x10
[  340.055026][T12794]  ? putname+0x12e/0x170
[  340.056514][T12794]  __ia32_sys_mount+0x292/0x310
[  340.058305][T12794]  ? __pfx___ia32_sys_mount+0x10/0x10
[  340.060291][T12794]  __do_fast_syscall_32+0x73/0x120
[  340.062144][T12794]  do_fast_syscall_32+0x32/0x80
[  340.063914][T12794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  340.066225][T12794] RIP: 0023:0xf7f61579
[  340.067730][T12794] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  340.074555][T12794] RSP: 002b:00000000f56a456c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  340.077581][T12794] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000020000480
[  340.080439][T12794] RDX: 00000000200004c0 RSI: 0000000000000000 RDI: 0000000020001000
[  340.083288][T12794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  340.086042][T12794] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  340.088903][T12794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  340.091729][T12794]  </TASK>
[  340.093220][T12794] Kernel Offset: disabled
[  340.094930][T12794] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:27:37  Registers:
info registers vcpu 0

CPU#0
EAX=f681a9f8 EBX=ffffffff ECX=816d1e7d EDX=ffffffff
ESI=816d1e7d EDI=f67dbae8 EBP=f67dbaf0 ESP=ffee40f0
EIP=f7127c78 EFL=00000296 [--S-AP-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 565c4440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 00003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000318f9ff8 CR3=00000000292e2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85034e45 RDI=ffffffff9a63a220 RBP=ffffffff9a63a1e0 RSP=ffffc9002c207258
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000020 R14=ffffffff85034de0 R15=0000000000000000
RIP=ffffffff85034e6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5481da4 CR3=0000000012522000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000080000001 RBX=0000000000000000 RCX=ffffffff848eea8b RDX=ffff888022ff0000
RSI=0000000000000000 RDI=0000000000000005 RBP=ffffc90003187538 RSP=ffffc900031873f0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffffffff8bb1cc5b R13=dffffc0000000000 R14=0000000000000003 R15=0000000000000002
RIP=ffffffff818ca87c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7466f74 CR3=0000000023e70000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f746bff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000097b451 RBX=0000000000000003 RCX=ffffffff8b12f709 RDX=0000000000000000
RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb12120 RBP=ffffed100376b488 RSP=ffffc90000497e08
R8 =0000000000000001 R9 =ffffed10056e7025 R10=ffff88802b73812b R11=0000000000000000
R12=0000000000000003 R13=ffff88801bb5a440 R14=ffffffff901cce88 R15=0000000000000000
RIP=ffffffff8b130aef RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055e804225600 CR3=000000005bc3a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000