last executing test programs:

11.698954004s ago: executing program 3 (id=1607):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_DIRTY_TLB(r0, 0x400caeaa, &(0x7f0000000080)={0x1, 0x7})
acct(&(0x7f0000000040)='./file1/file0\x00')
ioctl$KVM_CAP_HYPERV_SYNIC2(r0, 0x4068aea3, &(0x7f0000000180))
pipe(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10)
write(r3, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000f00c00000000", 0x14)
recvmmsg(r3, &(0x7f0000001b40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_TARGET={0x8}, @TCA_CAKE_NAT={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
socket$nl_route(0x10, 0x3, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8, 0x110, r2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x104, &(0x7f0000000280)=0x2, 0x0, 0x4)
write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc)
splice(r1, 0x0, r4, 0x0, 0x4ffe6, 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000000), 0x40, &(0x7f0000000400)={[{@nfs_export_on}, {@verity_require}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r6 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xfffffffd)
setuid(0xee01)
shmget$private(0x0, 0x1000, 0x54001800, &(0x7f0000fff000/0x1000)=nil)
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f0000000140)={0x1, &(0x7f00000000c0)=[{0x40, 0xfff}]})

10.821785548s ago: executing program 3 (id=1611):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x5)
setsockopt(r1, 0x800000000010d, 0x8000000011, &(0x7f00001c9fff), 0xc5)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10)
sendmmsg(r1, &(0x7f0000002980), 0x400000000000239, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
socket$nl_generic(0x10, 0x3, 0x10)

10.218900098s ago: executing program 3 (id=1614):
socket$alg(0x26, 0x5, 0x0)
r0 = syz_socket_connect_nvme_tcp()
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r1)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x3, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc00800190007000200060018c00364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
sendto$inet_nvme_of_msg(r0, &(0x7f00000010c0)={@rsp={{0x5, 0x3, 0x18, 0x4d, 0x151}, {@u64, 0xff, 0x6, 0x6, 0x6}}, @void}, 0x80, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6000, 0x0)
setsockopt$sock_int(r2, 0x1, 0x10, &(0x7f0000000000)=0x9, 0x35)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x518, 0x0, 0x18c, 0x203, 0x340, 0x19030000, 0x450, 0x2e0, 0x2e0, 0x450, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2f8, 0x340, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4754884}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x80}]}}, @common=@hl={{0x24}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private, 'veth1_macvtap\x00'}}}, {{@uncond, 0x0, 0xc8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x574)
setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000001180), 0x4)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0x1, 0x2}, 0x6)
socket$nl_rdma(0x10, 0x3, 0x14)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000000005142106000000000000002008000100000000000800030000000000f50000505f9dc284368dd59e3515914a8697e0c1bc8271ceae582fc6de094f74c900d33f837789f1838c4d501609f4d40000cd48fa877f3c8c56ecd67625a6b0f9245da02ee2b464c622ba7129d30878fe020000000000000000"], 0x20}}, 0x0)

10.09013015s ago: executing program 3 (id=1615):
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0900000004000000ff0f000007"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000380))
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_create(0x4, &(0x7f0000000240)={0x0, 0x1d, 0x0, @tid=r0}, &(0x7f0000000900)=<r1=>0x0)
timer_delete(r1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0x1)
r4 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f00000000c0)=ANY=[@ANYRES32=r4, @ANYBLOB="139b17548d63dc86e81bf0540ce8dde8648f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYRESDEC=r4, @ANYRESDEC=r2, @ANYRES8=0x0], 0x64}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000002011d04000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001"], 0x38}}, 0x0)
r7 = syz_io_uring_setup(0x23c, &(0x7f0000000380)={0x0, 0x9aa9, 0x10100, 0x7ffff, 0x0, 0x0, r3}, &(0x7f0000000200)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r11, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r11, 0x117, 0x1, 0x0, 0x0)
r12 = accept4(r11, 0x0, 0x0, 0x0)
sendmsg$alg(r12, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
recvmmsg(r12, &(0x7f0000000240), 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r10, 0x0, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r7, 0x2df0, 0x4000, 0x0, 0x0, 0x0)

9.90965627s ago: executing program 3 (id=1617):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4) (async, rerun: 64)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) (async, rerun: 64)
r1 = socket(0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000000020e6ffffff00000f000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 64)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) (async)
r3 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r3, 0xab07, 0xb) (async)
r4 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r4, 0xab00, r5) (async)
ioctl$NBD_DO_IT(r4, 0xab03)
ioctl$NBD_CLEAR_SOCK(r3, 0xab04)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000280)={0x1, [0x608]}, 0x6) (async)
syz_open_dev$ndb(&(0x7f00000002c0), 0x0, 0x0) (async)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
semget(0x1, 0x0, 0x4cc) (async, rerun: 32)
open(0x0, 0x400141042, 0x0) (rerun: 32)
semget(0x3, 0x2, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
semget(0x1, 0x3, 0x204)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x4) (async)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000380)=0xffffffffffffffff, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304, 0x37}, "475566172f45f011", "bd14060000000000000092f94413582b", "00001000", "4e67cb72f328ac2f"}, 0x28)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x7b}, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000000)="42fa00003c0000", 0x7}, {&(0x7f0000000240)="2dbff9d0a66211c46839240a7b6626d50ba54c1260332dd79a7b60ec3ad9726937", 0x21}], 0x2)

9.370127006s ago: executing program 3 (id=1621):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {}, {}, {}, {0x6}, {}, {0x0, 0x20}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$l2tp(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x112, 0x0, &(0x7f0000000580)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0})
sendto$l2tp(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = socket(0x840000000002, 0x3, 0xff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000540)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94) (fail_nth: 29)

8.199750586s ago: executing program 0 (id=1623):
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xee01, 0xee00}}, './file0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x4, 0x7ffc1ff9}]})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000240)={'erspan0\x00', &(0x7f0000000300)={'syztnl0\x00', <r3=>0x0, 0x1, 0x8, 0x3, 0x7c, {{0xa, 0x4, 0x2, 0x1, 0x28, 0x65, 0x0, 0x0, 0x2f, 0x0, @remote, @rand_addr=0x64010101, {[@timestamp={0x44, 0x14, 0xf4, 0x0, 0x1, [0x6, 0x2, 0x3, 0x0]}]}}}}})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x5, 0x1, 0x100, 0x1008, 0xffffffffffffffff, 0x18, '\x00', r3, r0, 0x4, 0x5, 0x1, 0x7, @void, @value, @void, @value}, 0x50)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f00000004c0), 0x0}, 0x1c)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x3abe, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0xf0, @void, @value, @void, @value}, 0x48)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000008, 0x2010, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x30}, {0x3, 0x3, 0x3, 0xa, 0x2, 0xfff0}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x8, 0x90}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfff0, 0xa1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r5}, {}, {0x15, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pause()

7.249378597s ago: executing program 0 (id=1628):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
r0 = socket(0x10, 0x3, 0x0)
getsockopt$inet_mreqn(r0, 0x0, 0x20, 0x0, 0x0)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x18000, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040))
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000000), 0x40, &(0x7f0000000400)={[{@nfs_export_on}, {@verity_require}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

7.200146657s ago: executing program 1 (id=1629):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x1, 0x0, 0x4, 0x4004, 0x81})

7.149943855s ago: executing program 0 (id=1630):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xf, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=r0, 0x4)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x1000, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000140)}, 0x1c)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000003c0)={'syztnl2\x00', &(0x7f0000000340)={'syztnl2\x00', <r4=>0x0, 0x29, 0x40, 0x78, 0x8, 0x42, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @multicast1}, 0x7800, 0x700, 0xffff}}) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000640)={r1, 0x20, &(0x7f0000000600)={&(0x7f0000000440)=""/228, 0xe4, <r5=>0x0, &(0x7f0000000540)=""/178, 0xb2}}, 0x10) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xad45}, [@ldst={0x3, 0x3, 0x3, 0x7, 0xb, 0x20, 0xfffffffffffffffc}, @ringbuf_query, @jmp={0x5, 0x1, 0xa, 0x3, 0x7, 0x190}, @ldst={0x3, 0x3, 0x0, 0x5, 0x6, 0x80}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}]}, &(0x7f0000000700)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x1, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000780)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f00000007c0)=[{0x0, 0x5, 0xc, 0x6}, {0x0, 0x5, 0xd, 0xa}, {0x3, 0x4, 0x5, 0x9}, {0x2, 0x3, 0xf, 0xf}], 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1, 0x1f, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@btf_id={0x18, 0x8, 0x3, 0x0, 0x3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x200}}, @jmp={0x5, 0x1, 0x9, 0xb, 0x7, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000002c0)='GPL\x00', 0x6, 0xb, &(0x7f0000000300)=""/11, 0x41100, 0x56, '\x00', r4, @fallback=0x2f, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x2, 0x1, 0x2, 0x10}, 0x10, r5, r6, 0x0, 0x0, 0x0, 0x10, 0xfffffb43, @void, @value}, 0x94) (async)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000980)={{0x1, 0x1, 0x18, <r7=>r2, {0x4}}, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000009c0)={'vxcan0\x00', <r8=>0x0}) (async)
openat$nullb(0xffffff9c, &(0x7f0000000a00), 0x200, 0x0) (async)
setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000a40)={@loopback, @local, 0xffffffffffffffff, "f5b92946628bfd4b9e72852118628257fab1d0838c4908172eb01a84802a8626", 0x8000, 0x2, 0x3ff, 0x7}, 0x3c) (async)
syz_init_net_socket$rose(0xb, 0x5, 0x0) (async, rerun: 64)
timerfd_settime(r7, 0x3, &(0x7f0000000a80)={{}, {0x0, 0x3938700}}, &(0x7f0000000ac0)) (async, rerun: 64)
r9 = syz_genetlink_get_family_id$gtp(&(0x7f0000000b40), r7)
sendmsg$GTP_CMD_GETPDP(r7, &(0x7f0000000c40)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b80)={0x44, r9, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r7}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_VERSION={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0xc800}, 0x48050) (async)
r10 = openat$sndseq(0xffffff9c, &(0x7f0000000c80), 0x503000)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r10, 0xc08c5334, &(0x7f0000000cc0)={0x6, 0x7ff, 0x1, 'queue1\x00', 0x5})
socket$inet6(0xa, 0x6, 0x9) (async, rerun: 32)
openat$ppp(0xffffff9c, &(0x7f0000000d80), 0x40400, 0x0) (async, rerun: 32)
r11 = syz_genetlink_get_family_id$tipc(&(0x7f0000000e00), r7)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r7, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x30, r11, 0x100, 0x70bd2c, 0x25dfdbfd, {{}, {}, {0x14, 0x18, {0x1000, @bearer=@udp='udp:syz2\x00'}}}, ["", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x600c804}, 0x44) (async)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000f00)={0x3, 0x4, 0x3, 0x7ff, 0x3ff, 0xfff}) (async)
sendmsg$FOU_CMD_GET(r7, &(0x7f0000001040)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001000)={&(0x7f0000000fc0)={0x3c, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x2f}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}, @FOU_ATTR_PEER_V4={0x8, 0x8, @remote}, @FOU_ATTR_IFINDEX={0x8, 0xb, r8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x804}, 0x44)
sendmsg$GTP_CMD_DELPDP(r7, &(0x7f0000001140)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x1c, r9, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@GTPA_FLOW={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000010)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000001180)={0x0, <r12=>0x0})
tkill(r12, 0x18)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f00000011c0)={<r13=>0x0, 0x8}, &(0x7f0000001200)=0xc)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000001240)={r13, 0xb6bb}, 0xc) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000001280))

7.149541958s ago: executing program 1 (id=1631):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x5)
setsockopt(r1, 0x800000000010d, 0x8000000011, &(0x7f00001c9fff), 0xc5)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10)
sendmmsg(r1, &(0x7f0000002980), 0x400000000000239, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
socket$nl_generic(0x10, 0x3, 0x10)

7.028284651s ago: executing program 0 (id=1632):
r0 = socket(0x1d, 0x2, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x94, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x80, 0x1, [@m_ct={0x34, 0x2, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x5}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x7}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x804}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000180)=0x7, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f00000002c0)=0xc0f)
sched_setscheduler(r1, 0x2, &(0x7f0000000440)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = creat(&(0x7f00000001c0)='./file0\x00', 0x31)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040029bd7000fedbdf25b0896fdb020000000800f900010008003f0004000000"], 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x40000c1)
r5 = socket$kcm(0x1e, 0x5, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000008c0), 0x4)
sendmsg$kcm(r5, &(0x7f0000000100)={&(0x7f0000001540)=@tipc=@name={0x1e, 0x2, 0x3}, 0x80, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0xca04, 0x10, 0x0, 0x184, 0x0, r4}, &(0x7f0000000400)=<r7=>0x0, &(0x7f0000000000)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x10, &(0x7f0000000480)=0x6, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r6, 0x47f6, 0x0, 0x0, 0x0, 0x0)
getsockopt$nfc_llcp(r0, 0x6a, 0x3, 0x0, 0x20000071)

7.025765238s ago: executing program 1 (id=1633):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000240)=""/48, 0x30}, {&(0x7f0000000280)=""/38, 0x26}]}, &(0x7f0000000000)="123589000000", 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000f40)=@bpf_tracing={0x1a, 0x5, &(0x7f00000008c0)=@raw=[@cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}, @cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x9, 0x3, 0x0, 0xfffffffffffffff4}], &(0x7f0000000900)='GPL\x00', 0x8, 0x3, &(0x7f0000000940)=""/3, 0x40f00, 0x50, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000000e80)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000ec0)={0x0, 0x3, 0x6}, 0x10, 0x4c4d, 0xffffffffffffffff, 0x0, &(0x7f0000000f00)=[0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0xbdfc, @void, @value}, 0x94)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x40082)
write$sndseq(r3, 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r4, 0x4058534c, &(0x7f00000000c0)={0x80, 0x8})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x6, 0x18, &(0x7f00000008c0)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
r6 = memfd_create(&(0x7f0000000980)='\xff\x00l\x1e\xa0</\x00\x8e._\x14zC\x9a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-\xe2\xc7\xd3\xe6M^\x98\x85x\x14\t\xe9Q1\x1dK\x9a\x045\xd3\x17\xb22\x00D(\xd2\xdd\xa0\xff\x1f\x00\x00\n\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xe36g\xfd\xd2\xd4\xe3\x1f\xa6\xc6\xe2\xa6!\x9aE<2`]<\xf2R?8\xb8\xa3\xbf\xc3\x18s\xf7!~0\xc7y\xe2\xb2VP\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yxm\x96\xbfS\x97\x9c/\x1f5i\xc6\x861\x8a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd26<Z|U6\r\xd7\x18\xad\x1d\xf5\xabzZ\x87\xd0\xb6p\x1a\xd8\xef\xb6\x9e8Z\t:#r\xa2\xb1h\xc0\xc0a\xa9\xc46A\x01\xac\xe6\xbf !5I\xc9<\x19{)\xa4\xad\v\x923\b\x9d\xbd>,\xc1\x8d\\Rxt\'\xb6\xbf\xc8*\n\xaf\x1b\xec\xfd\xbbY\x99\xb3\x06c\xd6\xf6\xb0\xcd=\xf3\x03`\x93\xff\x05e\xaa$\x00\xeaw\xd9\x10\x0f\x1d\x888\x8cS\x12?R\x99\xda7\xce)\x8f\xcc\x87\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd32J\xd7\x9f\xea:\xebw\xc7\xabS\xd7pJ\xd2\xa1\xcf\xae\x1f2\x9f\x98\xa80\r\x85\xb4\x86\xbc\xd0\xea\xbf\xb1Z\xb7e$\xcf<\ra\x9b\xa5\xdc\v\x1e\xfd\xc7\x91\xf22\xcf\x96\x99\xc1\xbb\xa1j\xe5\xa8\x7f\a\xa9\xa7G\xad\xa3\x8b\xf1\xdb\\]R\x8cf\xac1\xd7V\x00\x00\x8e\x10\x95\x9f=2\xd0-\xe1K:\xc3b\x89\x15OS\xa5\x98Ky\x12\xe7Qt#\xeb\x99\a\x10\x1c\xb3N\x85\xeb\x80\x05\x82_\x15\xdc\xbc\xf93\xdd\xf5g\x98\xd4\x8az\xe4`\xa5\x00\x00\x00\x00\xcd\x13\xfc+\xac\xe5\x8bI\f\xd6\x89\xc7HY\xcf\x00O\x88\xe6\x8b\x8bF/\x82u\xffCnG\x02\x82\xfc\xe9Od\x92\x06\xdeg@y\xa6=4\xb1}\xa8Yr\xad9\xb9b)\xec}\x87=\x91:IV\xab\xdf\xa2\xba+6D\x1fuf\xdeJYw$L\xa1\x83NH\xe3\xf2\x91\x8cW\xb7\b\x04\x12\x8b\x8bV\x19\xf1\r\xcb\x94\xa3\xf4\xdf\x97$\x99c\rG\xd7#\xe2\xfd\x80\xadR\x83\xdc\xb8d\x15|\xac\xb8g$\x0f@\xca3\x9f\xb1\xea\xc6vQ\x1b\xdb#\xa3\"\x9f\x9e\xd8\xba\x13d\x9bx\x9a\xbf\xee\xf2kQ\xe0\xc4/~7\xcd\xd1\x06\xe5\x17\x9b\bW|\xbc\x86D\x05\xaf<\xdfy,I2f\xa7G\xe3Qp<\'6 x\n\x94f\xf8\xa2\xea\xf4\xa5\x9eY\xf80C\x91\x7f\x16u\x8c(Xl\x90\xd2\x9f\xa9\xb9kJy[\x93\xfe{\xe5\x1a\xe9\xb7T\x19;\xb9\t\xe7\x0ei\xfaZ\xfbS:\x9b\xc1r\xcbM.\xf8\xb8wR\xb3p~b\xcb\v1-\a-\x8a#\xaa1\xa9\x9a\x88\a\xc5\xb9*\xd3?\xac\n\x9c\xcd\xe2\xc9\xbd\xeb\xb3\xf65\xbdaP\t\xd6\x06\x1c\xeeNg\x92>\x92>\xaf\b3\x05\xfdM\xd2F\v\xbd\xeb\x83 \x9d\x90S\x11w\xefg\\\xca\xe2\xfc~w\xbe\xefh#\x96\xa5h\xec\xbfr\xc8Bi\x90\x13(\xf2\xc6\xcc\xfbX\x14{\x9e5\x87\x91\xe2\x9b\xd4\xc6\xc2whk+\x0f\x82\xca\xc1@\xcb~P\xe4\x18\xf9E\'\xab\xc7z\xd7\x05V{\xa1X\xa3\x10\x13.]tlz\x12\xde\xf2\xa43\xee#\x92J~\xda \x9b\xc4\xc0V\xb3\x9dCO\x1fu\x1c4\x1d\v}\x1b\xe5>w\xfbsm\xa3\fI|\x96-p\x86\xd3O\xfa\x9a\x8f\xb2\x8e\x88qGEGf]\x1b\x8a_\x80\x15\xad9\x85\f\xeb\x94n9\x9e\x90\xb2g8\x9cv\xc5\xc5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd0\xfc\x90g\x99\xe3\xb8\xb4F<\r\x0e\xc5\xbdP\x85rQ\xb1\x14\x10\xee\xfb8\xcf\x924d !\xe6K\xe5\xc9\xf5\xdfi\xf8q\xad\xbe\xb6A\x95\x98,\xae}\xd7\x8ds.\xb1\f+\xef\xfau\xe6}\xe3\xe0\v\x00\xd0[\x9e\x0f{\x1cdkXk\xcb[\xa2\xf6>\xc5\xa1\xbd\xbe}n\xccW\xd4\xce\\\x90\xc05\xd0\x18.N2\xa1\xa2 X\x89\x9e\xfa\xaa\xfd\x92\x8b+\xc0\x8c\x1b\xaf\xce\x16\xad\xca\x1b\xff\xaa\x05\xc5\xbb\xf3{g\x91\xa2\x8b\x9a\x17\x06\x1bi\xff\x0f\xd2o\x1b\xcb\xeb\b\xed0A\x9cW\x15\xa5\x04;[\xcc<]\x16\x01\xf3\x9cT\xae\x03\xbe+/\x98\xd1\x1d\x92\xb07V\xe46g{N5+l\x9c;\xba\xa3\xc8\xbb\x03\x81]\xf6\xd9\x92\xff\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03(\x82\x00\a\x04H8\xd5\xb8\xc2\xe5!;\xd8\x93A\xc9\x16j\xe7\x1a\xcbF\x98@\xa2\xb0\x92r\xb9\b\r<I\xd6\xf7\x84sKz\xb8\xb1\xbb\xfd\x8a\r\xcd_\xf9=\xc6\xa3\xc9.\xe4G9\"\x16\xdc\xbc\xd5R\xa1\x97V[Uz\xcf\x8b\xd9\xc4i\xfbZ\xfe]\x91b\xe3\xa6\x8a\x0e\xa5]\x84DC0h\x9f\x16|\x90\xfew\n\xad\xe2\xe8v<\xf2\xb1\xcf}\x80\x10\xa6\x16\t\xa0\x92', 0x7)
fcntl$addseals(r6, 0x409, 0xe)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r6, 0xc4c20000)
r7 = openat$autofs(0xffffff9c, &(0x7f0000000200), 0x220040, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r7, 0xc0189372, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r8=>r0, {0xfffffffe}}, './file0\x00'})
setsockopt$inet6_icmp_ICMP_FILTER(r8, 0x1, 0x1, &(0x7f00000000c0)={0x3}, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$PIO_UNIMAPCLR(r8, 0x4b68, &(0x7f0000000040)={0x6e5e, 0x400, 0x1000})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x18, 0xe, &(0x7f0000001880)=ANY=[@ANYRESOCT=0x0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x2, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
writev(r7, &(0x7f00000005c0)=[{&(0x7f0000000300)="3ee58364e3f6e22672cdc5d426cdb8beeddee1bc7a5e15bf81d78fd4bc132c36884a6385699b23f1028f57b67050845400a6c14df74c59717c7aa689e4771a3865c32e90b7f3662aa42730f017cc4d6667dadb3e8c5b3d47ae6824b1d3aeb13978eff238c0291e473d85b8100e09e1286aae9781c96572e3368cf445ffa01c088d8e8130af000d63aeea98eb65bd", 0x8e}, {&(0x7f00000003c0)="039f01ecc37b5fdef96150c7256a20554547e5bf30cdf4b5ab0b28adab1745b2481a377f52814457038f38a136948eca02622a01b2081da1165f22a97b8f46b56d683cfaf066919d6c07ae7a0fdbd302cdf6cf29d5cf889cc43040b1ff864e1f317952843c", 0x65}, {&(0x7f0000000440)="af65661d3f4a178e412eb01f0f5b895b9692a389899ac400df637e8f553a6590d53335678e4ef191fb39f8ad87069d89de7e92f5c9bc73ea2d233d9bb48aabc8f2ec57189e07a1addf1f56fce57f138e1e6fb8ee38facb6389a85b2a3ae97838e3672afd931d46fffe01faacdfce1d5eb04f7d196708f8a928a308542634d205bd726a244d670da3b3c526cb8f0a84a5417dec3a68c5d042ad0d5d", 0x9b}, {&(0x7f0000000500)="f7fee4daf33c17f3ef4df790b1dd5aa0cbbef111602e6bab2169dc929d008f60e078aa33ad84801381714994557b3868917be1fab89e9c632c766a5d4dd24d610ac1f644cf9519fb1a3572cb29b04454fca069febee5debe43f3427b12562a8b68f07eeadc7d02a063bb34e794392e2734635ce052ce", 0x76}, {&(0x7f0000000680)="e278b8d0ae3d5a0f2c83447742df2970d9c6ebb850be4c43c08af794117ec429b57c3f092e181f4acd0a81f6e1787177ff7f398edd5c39f78f32284ac649e7d5c7167284bf19783df57f18e58bb0c638b0e6ee8c510c615b46feb78ef7b5520b25e1bb7c59c29f50f4ee850b90459d91430dad0ca4771836615d73e2baa8a168b36400bd73240186ff4cca616354a12a94703ec5509bbd", 0x97}, {&(0x7f0000000580)="d4f1bf897e5aca28361c0d1ba24e34e3a2e40edfa524105b1553c61fd69e6631ba42b666a87d2f08cb5ebaee1b9e1e", 0x2f}, {&(0x7f0000000740)="59bba4f0baf79b0c4ddfb110f459e2a98c3fb0611dd473b7ec2ba333f502b9c5e450ff13893b283b42231e4014fba79788944753acd56b66e7bb737f37f39582896339549a44a2ba82b75afc258ba5edf3d225dede4203e6a9b64fe9afc83971a4ec52c7f7ac4c69dffda1bb0ffe4a32f567c791a978d2bdcb8684d5a6f499468910617617f6c691941ba3d3d38823a16f2574c71714657ee18c71f13179331f1c46a7e3065fd968035f5f282f73807ad44cb988be664a49c02e22e0294eb48c80c24a4f47d2bbfda2f2388fa56e05b89a5e2004b43ccb68003a13f6fe855ad284dccf7d59cb23e3fcdc3801ff8360bb4c17d84e4cb4646979fa", 0xfa}, {&(0x7f0000000840)="d89bdf8f1e734b30f52f96eec472c1df9b5d61621f8be69dc854d09fc4d6b0f4ce4c1ec1802efd59ae8651128cf762240762e731907168ef1cd828caa20497eb47a82c179b15b89c412ae79e4f4def6032ac331eec8fb0bff7927407", 0x5c}], 0x8)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, 0x0)
sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="320000f8290a0500000600000000000001000000"], 0x14}}, 0x0)

6.794363353s ago: executing program 1 (id=1635):
socket$kcm(0x29, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000006a00000f0007000000", @ANYRES32=r1, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r2 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0)
mknodat$loop(r2, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
mount$9p_rdma(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', &(0x7f0000000180), 0x20, &(0x7f00000001c0)={'trans=rdma,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@common=@posixacl}], [{@subj_user={'subj_user', 0x3d, '-)'}}]}})

6.735417404s ago: executing program 1 (id=1637):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000000), 0x40, &(0x7f0000000400)={[{@nfs_export_on}, {@verity_require}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (fail_nth: 14)

6.51938842s ago: executing program 1 (id=1638):
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
r0 = openat$nullb(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r2 = dup2(r0, r1)
ioctl$BLKALIGNOFF(r2, 0x40041271, &(0x7f0000002b80))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r3, 0xc0845658, &(0x7f0000001740)={0x0, @reserved})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket(0x18, 0xa, 0xffffffff)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r5=>r2, {0xee00, 0xee00}}, './file0\x00'})
ioctl$UI_SET_LEDBIT(r5, 0x40045569, 0x1)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendmmsg$inet(r6, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000200)="e73c", 0x2}], 0x1}}], 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000300)=[@window, @mss, @window={0x3, 0x0, 0x100}, @timestamp, @sack_perm, @timestamp, @mss={0x2, 0x2}, @sack_perm], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r6, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd14b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)

5.7699244s ago: executing program 0 (id=1640):
r0 = openat$tun(0xffffff9c, &(0x7f0000000000), 0x30000, 0x0)
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f0000000080))
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file0\x00', 0x0, 0x18}, 0x14)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000240)={{0x1, 0x1, 0x18, r2}, './file0\x00'})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x7fff, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x13, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x35}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x47}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000000040)={@local, @empty, @val, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @rand_addr, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r1, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27)
recvmsg(r1, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000080)='nv\x00', 0x14)
pipe(&(0x7f0000000140)={<r5=>0xffffffffffffffff})
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r5, 0x40189429, &(0x7f0000000180)={0x0, 0x3, 0x9})
syz_usb_connect(0x0, 0x57, 0x0, 0x0)
r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r7 = socket$inet(0x2, 0x6, 0x0)
mkdir(&(0x7f0000002200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000980)='./file0\x00', &(0x7f0000000080)='debugfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x210020, &(0x7f0000000280)={[{@gid}]})
setsockopt$inet_opts(r7, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r8, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @loopback}, @ib={0x1b, 0x0, 0x0, {"7d735931001800007f004103ff0100"}}}}, 0x118)
connect$inet(r7, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)
write$P9_RSTATu(r6, &(0x7f00000007c0)={0x252, 0x2, 0xfffc, {{0x500, 0x111, 0xfff9, 0x0, {}, 0x1000000, 0x0, 0x0, 0x0, 0x1b, '\x04node\x059\xc6\x00\x05\x00\x007\xd9h\x8b\x92\x00'/27, 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x36, '\xf2\x99\x98\x9d\xec\x14\xc8\xdf\xe7CZI\x14\xb6tg\x80\x02\x98l\xe9m\xd7\xc5\x00\xf0L\xd8_*p\xf5\xe9\x0e\x97\x85\x9ad\xad\xd4\x1b\xc2\xf8\xc4\x99\xc0bm\xf3\xe6k<\xff\xbc', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x252)

3.476151609s ago: executing program 2 (id=1646):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000000), 0x40, &(0x7f0000000400)={[{@nfs_export_on}, {@verity_require}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (fail_nth: 15)

3.339563095s ago: executing program 2 (id=1647):
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xee01, 0xee00}}, './file0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x4, 0x7ffc1ff9}]})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000240)={'erspan0\x00', &(0x7f0000000300)={'syztnl0\x00', <r3=>0x0, 0x1, 0x8, 0x3, 0x7c, {{0xa, 0x4, 0x2, 0x1, 0x28, 0x65, 0x0, 0x0, 0x2f, 0x0, @remote, @rand_addr=0x64010101, {[@timestamp={0x44, 0x14, 0xf4, 0x0, 0x1, [0x6, 0x2, 0x3, 0x0]}]}}}}})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x5, 0x1, 0x100, 0x1008, 0xffffffffffffffff, 0x18, '\x00', r3, r0, 0x4, 0x5, 0x1, 0x7, @void, @value, @void, @value}, 0x50)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f00000004c0), 0x0}, 0x1c)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x3abe, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0xa1ff, @void, @value, @void, @value}, 0x48)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000008, 0x2010, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x30}, {0x3, 0x3, 0x3, 0xa, 0x2, 0xfff0}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x8, 0x90}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfff0, 0xa1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r5}, {}, {0x15, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pause()

3.339167307s ago: executing program 0 (id=1648):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[], 0x7c}}, 0x200000d0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0xffffffff, 0x0, 0x3, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$fuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x101, 0x2)
syz_open_dev$ttys(0xc, 0x2, 0x1)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
unshare(0x6020400)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = inotify_init1(0x0)
fcntl$setown(r5, 0x8, 0xffffffffffffffff)
fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
r7 = syz_open_procfs(r6, &(0x7f0000000040)='fd/4\x00')
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x0, r7})
ioctl$CDROM_SEND_PACKET(r3, 0x125e, 0x0)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={<r9=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r7, &(0x7f0000000200)={0x13, 0x10, 0x7, {0x0, r9, 0x2}}, 0x1c)
mkdir(0x0, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000a00)='./file1\x00', 0x0, 0x0, &(0x7f0000000a80))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff)

2.40816361s ago: executing program 2 (id=1649):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="4700000000010104000000000000000002000000180001801400018008000100e00000010800020000000000a0aa95824f206dcaf6d21fb9e8fe54243353dec5af4df1e34b1fbab6dbc7de2085fbc7177948018fb3e4eded7177f3d9e471413a743134e330f611b602c6b5dde411e707f741542dd09ec43ba7290cf2048e0ed74d2f1f437adaf560ac3c068798f450e0bcde0e7ca470e40bc87878d07fcef6d3b332198116ff4398358320649e45ef12d03626cc8ab2455650e0eccc14329fa6cbc574144bffb342cad2e09a62af5b034df89bff13c1"], 0x2c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000201090400000000000000fc02020000"], 0x14}}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000002000c0000000c0000000000decdb28c0000000000005f00"], 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = dup(0xffffffffffffffff)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x0, 0x2480, 0x2, 0x0, 0x0, r2}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r2, 0x3516, 0x0, 0x5, 0x0, 0x0)
r4 = msgget$private(0x0, 0x0)
msgrcv(r4, 0x0, 0x0, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5385, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x200000f, 0x4002012, 0xffffffffffffffff, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xc, &(0x7f0000000140)=@assoc_value={<r7=>0x0}, &(0x7f0000000500)=0x8)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7902})
write$cgroup_devices(r9, &(0x7f0000000800)=ANY=[@ANYBLOB='%'], 0xffdd)
write$cgroup_type(r8, &(0x7f0000000180), 0x40001)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r8, 0x84, 0x75, &(0x7f0000000000)={r7, 0xca}, 0x8)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000380)='./file0\x00')
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f97224fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x2e}, {&(0x7f00000000c0)="273e1cc7b22e581d4894c5111a60d06ac781c90f7a3bd4f2cc15fac6aa5e279c3ba3c0bed8f14c4e1c076315d645ad9511ef10940eb7820cb9b41ca10b6b699952e5e832c058fb626b77bd9a3c0c535019af9000d8c2fda5fc0bfebb3f3c96b89237d11c70d1e9699ddc86808e4c3fe5ea678e92616d1843f66e1501914b74ddadf420a025c45be4d3890c07c92744df90bfb1effdae38ae8a31513c0823e990", 0xa0}], 0x2}, 0x0)
ioctl$UI_SET_PHYS(r2, 0x4004556c, &(0x7f00000003c0)='syz0\x00')

1.196860849s ago: executing program 2 (id=1650):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x5)
setsockopt(r1, 0x800000000010d, 0x8000000011, &(0x7f00001c9fff), 0xc5)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10)
sendmmsg(r1, &(0x7f0000002980), 0x400000000000239, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
socket$nl_generic(0x10, 0x3, 0x10)

109.435454ms ago: executing program 2 (id=1651):
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r0, 0x20000005)
r1 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000080)={0x5e, 0x0, '\x00', [@pad1, @generic={0x7, 0x0, "8b8819e257af53bd103f7d4e860ec7e8898e3e73d0d56f307e03c5a5ee98d80567368ebfaa56ed60737f18f30cd5cf551f7e0a88916304c9416dc72e81256435be8a811c7a9fc7e969c1236364ffc46394ab03fae39d957c3fc50673ac43dbe6fd1297e3"}]}, 0x15)
r2 = signalfd4(r0, &(0x7f0000000000)={[0xfffffff8, 0x661d53b0]}, 0x8, 0x40000)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, 0x140d, 0x4, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x800)

0s ago: executing program 2 (id=1652):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4138ae84, &(0x7f0000000080)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfc})

kernel console output (not intermixed with test programs):

120418][T10987] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  286.623021][T10997] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1340'.
[  286.635004][T10997] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  286.637624][T10997] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  286.640756][T10997] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  286.643091][T10997] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  287.136235][   T39] kauditd_printk_skb: 52 callbacks suppressed
[  287.136251][   T39] audit: type=1326 audit(1729495631.781:84091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.144364][   T39] audit: type=1326 audit(1729495631.781:84092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.156075][   T39] audit: type=1326 audit(1729495631.781:84093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.161811][   T39] audit: type=1326 audit(1729495631.781:84094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.171663][   T39] audit: type=1326 audit(1729495631.781:84095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.177874][   T39] audit: type=1326 audit(1729495631.791:84096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.193568][   T39] audit: type=1326 audit(1729495631.791:84097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.199360][   T39] audit: type=1326 audit(1729495631.791:84098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.204897][   T39] audit: type=1326 audit(1729495631.791:84099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.210462][   T39] audit: type=1326 audit(1729495631.791:84100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11008 comm="syz.1.1343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  287.796774][T11019] block nbd2: shutting down sockets
[  288.653111][T11043] bridge0: port 3(syz_tun) entered blocking state
[  288.655042][T11043] bridge0: port 3(syz_tun) entered disabled state
[  288.667825][T11043] syz_tun: entered allmulticast mode
[  288.670146][T11043] syz_tun: entered promiscuous mode
[  288.671813][T11043] bridge0: port 3(syz_tun) entered blocking state
[  288.673683][T11043] bridge0: port 3(syz_tun) entered forwarding state
[  290.066377][T11079] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  290.327858][T11092] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1362'.
[  290.331008][T11092] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  291.514332][T11115] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1368'.
[  291.896230][T11123] loop0: detected capacity change from 0 to 6176
[  292.462307][   T39] kauditd_printk_skb: 57 callbacks suppressed
[  292.462320][   T39] audit: type=1804 audit(1729495637.121:84158): pid=11143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1376" name="/newroot/51/file0/file0" dev="9p" ino=36317149 res=1 errno=0
[  292.801348][T11153] overlayfs: missing 'lowerdir'
[  292.885891][T11158] FAULT_INJECTION: forcing a failure.
[  292.885891][T11158] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.890665][T11158] CPU: 2 UID: 0 PID: 11158 Comm: syz.2.1379 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  292.894437][T11158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  292.898074][T11158] Call Trace:
[  292.899850][T11158]  <TASK>
[  292.900635][T11158]  dump_stack_lvl+0x16c/0x1f0
[  292.902396][T11158]  should_fail_ex+0x497/0x5b0
[  292.903633][T11158]  _copy_from_user+0x30/0xf0
[  292.904923][T11158]  get_compat_msghdr+0xa8/0x170
[  292.906260][T11158]  ? __pfx_get_compat_msghdr+0x10/0x10
[  292.907790][T11158]  ? __pfx___lock_acquire+0x10/0x10
[  292.909167][T11158]  ___sys_sendmsg+0x1b0/0x1e0
[  292.910413][T11158]  ? __pfx____sys_sendmsg+0x10/0x10
[  292.911785][T11158]  ? lock_acquire+0x2f/0xb0
[  292.912996][T11158]  ? __fget_files+0x40/0x3f0
[  292.914217][T11158]  ? __pfx___might_resched+0x10/0x10
[  292.915592][T11158]  ? fdget+0x176/0x210
[  292.916645][T11158]  __sys_sendmmsg+0x2a5/0x450
[  292.917880][T11158]  ? __pfx___sys_sendmmsg+0x10/0x10
[  292.919212][T11158]  ? vfs_write+0x14d/0x1140
[  292.920414][T11158]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  292.921998][T11158]  ? fput+0x30/0x390
[  292.923036][T11158]  ? ksys_write+0x1ad/0x260
[  292.924236][T11158]  ? __pfx_ksys_write+0x10/0x10
[  292.925532][T11158]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  292.927000][T11158]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  292.928717][T11158]  __do_fast_syscall_32+0x73/0x120
[  292.930059][T11158]  do_fast_syscall_32+0x32/0x80
[  292.931342][T11158]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  292.933000][T11158] RIP: 0023:0xf7f18579
[  292.934077][T11158] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  292.939031][T11158] RSP: 002b:00000000f567556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  292.941189][T11158] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  292.943210][T11158] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  292.945266][T11158] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  292.947319][T11158] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  292.949439][T11158] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  292.951494][T11158]  </TASK>
[  293.978238][   T39] audit: type=1326 audit(1729495638.641:84159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.0.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  293.985293][   T39] audit: type=1326 audit(1729495638.641:84160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.0.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  294.004598][   T39] audit: type=1326 audit(1729495638.661:84161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.0.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf746e579 code=0x7ffc0000
[  294.026686][   T39] audit: type=1326 audit(1729495638.661:84162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.0.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  294.033554][   T39] audit: type=1326 audit(1729495638.661:84163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.0.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  294.045457][   T39] audit: type=1326 audit(1729495638.661:84164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.0.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf746e579 code=0x7ffc0000
[  294.051572][   T39] audit: type=1326 audit(1729495638.671:84165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.0.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  294.061391][   T39] audit: type=1326 audit(1729495638.671:84166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.0.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  294.067425][   T39] audit: type=1326 audit(1729495638.671:84167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.0.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf746e579 code=0x7ffc0000
[  294.500823][T11178] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  294.961720][T11192] netlink: 'syz.2.1386': attribute type 10 has an invalid length.
[  294.973712][T11192] team0: Device batadv0 is already an upper device of the team interface
[  295.843917][T11203] overlayfs: missing 'lowerdir'
[  296.188298][T11210] overlayfs: failed to resolve './file0': -2
[  297.177771][T11228] FAULT_INJECTION: forcing a failure.
[  297.177771][T11228] name failslab, interval 1, probability 0, space 0, times 0
[  297.181143][T11228] CPU: 0 UID: 0 PID: 11228 Comm: syz.0.1395 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  297.183952][T11228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  297.187667][T11228] Call Trace:
[  297.188774][T11228]  <TASK>
[  297.189539][T11228]  dump_stack_lvl+0x16c/0x1f0
[  297.190926][T11228]  should_fail_ex+0x497/0x5b0
[  297.192688][T11228]  ? fib_select_path+0x2a2/0x1f70
[  297.194536][T11228]  should_failslab+0xc2/0x120
[  297.196186][T11228]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  297.198102][T11228]  ? dst_alloc+0x99/0x1a0
[  297.199473][T11228]  dst_alloc+0x99/0x1a0
[  297.200673][T11228]  rt_dst_alloc+0x35/0x3a0
[  297.202276][T11228]  ip_route_output_key_hash_rcu+0x8a5/0x2770
[  297.204418][T11228]  ? __lock_acquire+0xe61/0x3ce0
[  297.206207][T11228]  ip_route_output_key_hash+0x138/0x2e0
[  297.208173][T11228]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  297.210332][T11228]  ? __pfx_lock_release+0x10/0x10
[  297.212170][T11228]  ? trace_lock_acquire+0x14a/0x1d0
[  297.214040][T11228]  ? mark_lock+0xb5/0xc60
[  297.215558][T11228]  ? lockdep_hardirqs_on+0x7c/0x110
[  297.217427][T11228]  ip_route_output_flow+0x27/0x150
[  297.219220][T11228]  raw_sendmsg+0xc53/0x3ad0
[  297.220864][T11228]  ? hlock_class+0x4e/0x130
[  297.222546][T11228]  ? __pfx_raw_sendmsg+0x10/0x10
[  297.224359][T11228]  ? hlock_class+0x4e/0x130
[  297.226031][T11228]  ? __lock_acquire+0x163e/0x3ce0
[  297.227832][T11228]  ? __pfx___might_resched+0x10/0x10
[  297.229747][T11228]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  297.231860][T11228]  ? __pfx_aa_sk_perm+0x10/0x10
[  297.233640][T11228]  ? __import_iovec+0x1fd/0x6e0
[  297.235365][T11228]  ? __pfx_raw_sendmsg+0x10/0x10
[  297.237179][T11228]  ? inet_sendmsg+0x119/0x140
[  297.238902][T11228]  inet_sendmsg+0x119/0x140
[  297.240530][T11228]  ____sys_sendmsg+0x907/0xb40
[  297.242230][T11228]  ? __pfx_____sys_sendmsg+0x10/0x10
[  297.244080][T11228]  ? get_compat_msghdr+0x11b/0x170
[  297.245918][T11228]  ? __pfx___lock_acquire+0x10/0x10
[  297.247827][T11228]  ___sys_sendmsg+0x135/0x1e0
[  297.249572][T11228]  ? __pfx____sys_sendmsg+0x10/0x10
[  297.251450][T11228]  ? lock_acquire+0x2f/0xb0
[  297.253144][T11228]  ? __fget_files+0x40/0x3f0
[  297.254848][T11228]  ? __pfx___might_resched+0x10/0x10
[  297.256780][T11228]  ? fdget+0x176/0x210
[  297.258276][T11228]  __sys_sendmmsg+0x2a5/0x450
[  297.259963][T11228]  ? __pfx___sys_sendmmsg+0x10/0x10
[  297.261828][T11228]  ? vfs_write+0x14d/0x1140
[  297.263515][T11228]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  297.265703][T11228]  ? fput+0x30/0x390
[  297.267149][T11228]  ? ksys_write+0x1ad/0x260
[  297.268829][T11228]  ? __pfx_ksys_write+0x10/0x10
[  297.270585][T11228]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  297.272667][T11228]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  297.274985][T11228]  __do_fast_syscall_32+0x73/0x120
[  297.276876][T11228]  do_fast_syscall_32+0x32/0x80
[  297.278665][T11228]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  297.280929][T11228] RIP: 0023:0xf746e579
[  297.282432][T11228] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  297.289268][T11228] RSP: 002b:00000000f573556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  297.292186][T11228] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  297.295040][T11228] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  297.297894][T11228] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  297.300719][T11228] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  297.303558][T11228] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  297.306337][T11228]  </TASK>
[  297.307524][    C0] vkms_vblank_simulate: vblank timer overrun
[  297.894319][T11230] QAT: failed to copy from user cfg_data.
[  298.130976][T11234] netlink: 'syz.0.1397': attribute type 1 has an invalid length.
[  298.256386][   T39] kauditd_printk_skb: 52 callbacks suppressed
[  298.256402][   T39] audit: type=1326 audit(1729495642.921:84220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  298.268916][   T39] audit: type=1326 audit(1729495642.921:84221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  298.285529][   T39] audit: type=1326 audit(1729495642.921:84222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf746e579 code=0x7ffc0000
[  298.299591][   T39] audit: type=1326 audit(1729495642.921:84223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  298.305863][   T39] audit: type=1326 audit(1729495642.921:84224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  298.313008][   T39] audit: type=1326 audit(1729495642.931:84225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf746e579 code=0x7ffc0000
[  298.319767][   T39] audit: type=1326 audit(1729495642.931:84226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  298.332086][   T39] audit: type=1326 audit(1729495642.931:84227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  298.338315][   T39] audit: type=1326 audit(1729495642.931:84228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf746e579 code=0x7ffc0000
[  298.345238][   T39] audit: type=1326 audit(1729495642.931:84229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.0.1398" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  299.030121][ T5356] block nbd1: Receive control failed (result -32)
[  299.030721][T11239] block nbd1: shutting down sockets
[  299.121748][T11247] netlink: 'syz.0.1401': attribute type 1 has an invalid length.
[  299.123823][T11247] netlink: 88156 bytes leftover after parsing attributes in process `syz.0.1401'.
[  299.374671][T11256] netlink: 'syz.0.1403': attribute type 4 has an invalid length.
[  301.117722][T11266] overlayfs: missing 'lowerdir'
[  301.170615][T11268] netlink: 'syz.0.1407': attribute type 1 has an invalid length.
[  302.793824][ T5356] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  302.801004][ T5356] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  302.803804][ T5356] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  302.808726][ T5356] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  302.811687][ T5356] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  302.818624][ T5356] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  302.908266][T11290] chnl_net:caif_netlink_parms(): no params data found
[  302.965628][T11290] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.973168][T11290] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.975666][T11290] bridge_slave_0: entered allmulticast mode
[  302.979215][T11290] bridge_slave_0: entered promiscuous mode
[  302.982609][T11290] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.984546][T11290] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.988626][T11290] bridge_slave_1: entered allmulticast mode
[  302.990863][T11290] bridge_slave_1: entered promiscuous mode
[  303.013796][T11290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.019899][T11290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.064688][T11290] team0: Port device team_slave_0 added
[  303.070272][T11290] team0: Port device team_slave_1 added
[  303.110079][T11290] batman_adv: batadv0: Adding interface: batadv_slave_0
[  303.112685][T11290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.121073][T11290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  303.127371][T11290] batman_adv: batadv0: Adding interface: batadv_slave_1
[  303.129429][T11290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.137759][T11290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  303.171909][T11290] hsr_slave_0: entered promiscuous mode
[  303.173963][T11290] hsr_slave_1: entered promiscuous mode
[  303.175772][T11290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  303.178444][T11290] Cannot create hsr debugfs directory
[  303.297685][T11302] FAULT_INJECTION: forcing a failure.
[  303.297685][T11302] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.301201][T11302] CPU: 0 UID: 0 PID: 11302 Comm: syz.0.1415 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  303.303993][T11302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  303.306768][T11302] Call Trace:
[  303.307639][T11302]  <TASK>
[  303.308428][T11302]  dump_stack_lvl+0x16c/0x1f0
[  303.309662][T11302]  should_fail_ex+0x497/0x5b0
[  303.310964][T11302]  _copy_from_user+0x30/0xf0
[  303.312375][T11302]  get_compat_msghdr+0xa8/0x170
[  303.313675][T11302]  ? __pfx_get_compat_msghdr+0x10/0x10
[  303.315261][T11302]  ? __pfx___lock_acquire+0x10/0x10
[  303.317076][T11302]  ___sys_sendmsg+0x1b0/0x1e0
[  303.318729][T11302]  ? __pfx____sys_sendmsg+0x10/0x10
[  303.320555][T11302]  ? lock_acquire+0x2f/0xb0
[  303.322158][T11302]  ? __fget_files+0x40/0x3f0
[  303.323780][T11302]  ? __pfx___might_resched+0x10/0x10
[  303.325624][T11302]  ? fdget+0x176/0x210
[  303.327053][T11302]  __sys_sendmmsg+0x2a5/0x450
[  303.328699][T11302]  ? __pfx___sys_sendmmsg+0x10/0x10
[  303.330169][T11302]  ? vfs_write+0x14d/0x1140
[  303.331366][T11302]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  303.332947][T11302]  ? fput+0x30/0x390
[  303.333975][T11302]  ? ksys_write+0x1ad/0x260
[  303.335163][T11302]  ? __pfx_ksys_write+0x10/0x10
[  303.336450][T11302]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  303.337932][T11302]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  303.339934][T11302]  __do_fast_syscall_32+0x73/0x120
[  303.341292][T11302]  do_fast_syscall_32+0x32/0x80
[  303.342567][T11302]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  303.344622][T11302] RIP: 0023:0xf746e579
[  303.345977][T11302] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  303.352357][T11302] RSP: 002b:00000000f573556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  303.354652][T11302] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  303.356691][T11302] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  303.358735][T11302] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  303.360787][T11302] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  303.362842][T11302] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  303.364885][T11302]  </TASK>
[  303.426469][T11290] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.509310][T11290] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.601544][T11290] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.669537][T11304] overlayfs: missing 'lowerdir'
[  303.728005][T11290] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.880055][T11290] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  303.895042][T11290] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  303.900557][T11290] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  303.904467][T11290] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  303.937253][T11290] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.939110][T11290] bridge0: port 2(bridge_slave_1) entered forwarding state
[  303.941040][T11290] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.944009][T11290] bridge0: port 1(bridge_slave_0) entered forwarding state
[  303.956137][  T207] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.963311][  T207] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.091318][T11290] 8021q: adding VLAN 0 to HW filter on device bond0
[  304.113373][T11290] 8021q: adding VLAN 0 to HW filter on device team0
[  304.146489][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.148339][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  304.157782][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.159655][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  304.343729][T11317] netlink: 'syz.1.1420': attribute type 21 has an invalid length.
[  304.370346][T11290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  304.467207][T11290] veth0_vlan: entered promiscuous mode
[  304.471495][T11290] veth1_vlan: entered promiscuous mode
[  304.503006][T11290] veth0_macvtap: entered promiscuous mode
[  304.520493][T11290] veth1_macvtap: entered promiscuous mode
[  304.527378][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  304.530116][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.532536][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  304.535165][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.556170][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  304.569483][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.572051][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  304.596223][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.606939][T11290] batman_adv: batadv0: Interface activated: batadv_slave_0
[  304.614855][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.618394][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.621018][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.623721][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.636109][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.638848][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.646418][T11290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.649133][T11290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.676681][T11290] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.683726][ T5356] Bluetooth: Unknown BR/EDR signaling command 0x11
[  304.685729][ T5356] Bluetooth: Wrong link type (-22)
[  304.688005][ T5356] Bluetooth: Unknown BR/EDR signaling command 0x0c
[  304.689745][ T5356] Bluetooth: Wrong link type (-22)
[  304.690646][T11290] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.693679][T11290] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.726322][T11290] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.729296][T11290] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.826208][   T39] kauditd_printk_skb: 67 callbacks suppressed
[  304.826222][   T39] audit: type=1326 audit(1729495649.481:84297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  304.856141][   T39] audit: type=1326 audit(1729495649.481:84298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  304.861746][   T39] audit: type=1326 audit(1729495649.481:84299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf746e579 code=0x7ffc0000
[  304.896216][ T5356] Bluetooth: hci6: command tx timeout
[  304.906166][   T39] audit: type=1326 audit(1729495649.491:84300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  304.907064][  T207] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.913370][   T39] audit: type=1326 audit(1729495649.491:84301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf746e579 code=0x7ffc0000
[  304.915375][  T207] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.946102][   T39] audit: type=1326 audit(1729495649.491:84302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  304.953372][   T39] audit: type=1326 audit(1729495649.491:84303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  304.960899][   T39] audit: type=1326 audit(1729495649.491:84304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf746e579 code=0x7ffc0000
[  304.962019][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.966678][   T39] audit: type=1326 audit(1729495649.491:84305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  304.969194][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.974740][   T39] audit: type=1326 audit(1729495649.491:84306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.0.1423" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf746e579 code=0x7ffc0000
[  305.271627][   T67] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  305.276119][   T67] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  305.279226][   T67] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  305.288993][   T67] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  305.291721][   T67] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  305.294832][   T67] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  305.656321][T11334] chnl_net:caif_netlink_parms(): no params data found
[  305.789926][T11353] FAULT_INJECTION: forcing a failure.
[  305.789926][T11353] name failslab, interval 1, probability 0, space 0, times 0
[  305.799776][T11353] CPU: 1 UID: 0 PID: 11353 Comm: syz.1.1428 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  305.802580][T11353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  305.805343][T11353] Call Trace:
[  305.806222][T11353]  <TASK>
[  305.807010][T11353]  dump_stack_lvl+0x16c/0x1f0
[  305.808258][T11353]  should_fail_ex+0x497/0x5b0
[  305.809500][T11353]  should_failslab+0xc2/0x120
[  305.810729][T11353]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  305.812137][T11353]  ? dst_alloc+0x99/0x1a0
[  305.813272][T11353]  dst_alloc+0x99/0x1a0
[  305.814361][T11353]  rt_dst_alloc+0x35/0x3a0
[  305.815527][T11353]  ip_route_output_key_hash_rcu+0x8a5/0x2770
[  305.817090][T11353]  ip_route_output_key_hash+0x138/0x2e0
[  305.818528][T11353]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  305.820106][T11353]  ? __pfx_lock_release+0x10/0x10
[  305.821431][T11353]  ? trace_lock_acquire+0x14a/0x1d0
[  305.822787][T11353]  ? mark_lock+0xb5/0xc60
[  305.823915][T11353]  ? lockdep_hardirqs_on+0x7c/0x110
[  305.825279][T11353]  ip_route_output_flow+0x27/0x150
[  305.826610][T11353]  raw_sendmsg+0xc53/0x3ad0
[  305.827796][T11353]  ? __pfx_raw_sendmsg+0x10/0x10
[  305.829079][T11353]  ? hlock_class+0x4e/0x130
[  305.830306][T11353]  ? __lock_acquire+0x163e/0x3ce0
[  305.831618][T11353]  ? __pfx___might_resched+0x10/0x10
[  305.833000][T11353]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  305.834535][T11353]  ? __pfx_aa_sk_perm+0x10/0x10
[  305.835932][T11353]  ? __import_iovec+0x1fd/0x6e0
[  305.837208][T11353]  ? __pfx_raw_sendmsg+0x10/0x10
[  305.838579][T11353]  ? inet_sendmsg+0x119/0x140
[  305.839816][T11353]  inet_sendmsg+0x119/0x140
[  305.841201][T11353]  ____sys_sendmsg+0x907/0xb40
[  305.842436][T11353]  ? __pfx_____sys_sendmsg+0x10/0x10
[  305.843965][T11353]  ? get_compat_msghdr+0x11b/0x170
[  305.845911][T11353]  ? __pfx___lock_acquire+0x10/0x10
[  305.847816][T11353]  ___sys_sendmsg+0x135/0x1e0
[  305.849922][T11353]  ? __pfx____sys_sendmsg+0x10/0x10
[  305.851853][T11353]  ? lock_acquire+0x2f/0xb0
[  305.853558][T11353]  ? __fget_files+0x40/0x3f0
[  305.855258][T11353]  ? __pfx___might_resched+0x10/0x10
[  305.857190][T11353]  ? fdget+0x176/0x210
[  305.858688][T11353]  __sys_sendmmsg+0x2a5/0x450
[  305.860422][T11353]  ? __pfx___sys_sendmmsg+0x10/0x10
[  305.862322][T11353]  ? vfs_write+0x14d/0x1140
[  305.864011][T11353]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  305.866225][T11353]  ? fput+0x30/0x390
[  305.867745][T11353]  ? ksys_write+0x1ad/0x260
[  305.869426][T11353]  ? __pfx_ksys_write+0x10/0x10
[  305.871206][T11353]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  305.873276][T11353]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  305.875651][T11353]  __do_fast_syscall_32+0x73/0x120
[  305.877627][T11353]  do_fast_syscall_32+0x32/0x80
[  305.879465][T11353]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  305.881996][T11353] RIP: 0023:0xf73de579
[  305.883566][T11353] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  305.889288][T11353] RSP: 002b:00000000f56a556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  305.891468][T11353] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  305.893512][T11353] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  305.895520][T11353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.897559][T11353] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  305.899584][T11353] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.901648][T11353]  </TASK>
[  305.918885][T11334] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.923481][T11334] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.926650][T11334] bridge_slave_0: entered allmulticast mode
[  305.928927][T11334] bridge_slave_0: entered promiscuous mode
[  305.933536][T11334] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.936101][T11334] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.938303][T11334] bridge_slave_1: entered allmulticast mode
[  305.940547][T11334] bridge_slave_1: entered promiscuous mode
[  305.973813][T11334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  305.978484][T11334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  306.064068][T11334] team0: Port device team_slave_0 added
[  306.086567][T11334] team0: Port device team_slave_1 added
[  306.171274][T11334] batman_adv: batadv0: Adding interface: batadv_slave_0
[  306.173708][T11334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.196258][T11334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  306.216953][T11334] batman_adv: batadv0: Adding interface: batadv_slave_1
[  306.220329][T11334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.246081][T11334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.306575][T11334] hsr_slave_0: entered promiscuous mode
[  306.311461][T11334] hsr_slave_1: entered promiscuous mode
[  306.313326][T11334] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  306.315337][T11334] Cannot create hsr debugfs directory
[  306.532664][T11334] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.535791][T11334] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  306.625990][T11334] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.630304][T11334] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  306.737584][T11334] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.740290][T11334] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  306.839338][T11334] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.843095][T11334] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  306.986205][ T5356] Bluetooth: hci6: command tx timeout
[  307.022312][T11334] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  307.025616][T11334] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  307.051969][T11334] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  307.061801][T11334] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  307.155657][ T1438] IPVS: starting estimator thread 0...
[  307.229649][T11334] 8021q: adding VLAN 0 to HW filter on device bond0
[  307.248384][T11334] 8021q: adding VLAN 0 to HW filter on device team0
[  307.252440][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.254292][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.256091][T11362] IPVS: using max 34 ests per chain, 81600 per kthread
[  307.289596][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.291478][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.309228][T11334] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  307.316211][T11334] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  307.376226][ T5356] Bluetooth: hci7: command tx timeout
[  307.456620][T11372] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1433'.
[  307.612694][T11334] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.638688][T11334] veth0_vlan: entered promiscuous mode
[  307.658577][T11334] veth1_vlan: entered promiscuous mode
[  307.717926][T11334] veth0_macvtap: entered promiscuous mode
[  307.720800][T11334] veth1_macvtap: entered promiscuous mode
[  307.726870][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.729638][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.732012][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.734518][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.746167][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.750692][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.753535][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.766320][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.776143][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.778895][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.782167][T11334] batman_adv: batadv0: Interface activated: batadv_slave_0
[  307.785356][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.796139][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.806203][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.808857][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.811232][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.813924][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.816521][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.819597][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.823040][T11334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.826781][T11334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.835185][T11334] batman_adv: batadv0: Interface activated: batadv_slave_1
[  307.839462][T11334] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  307.841796][T11334] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  307.844041][T11334] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  307.847466][T11334] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  307.907535][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  307.910216][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  307.950251][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  307.952309][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.056132][ T5356] Bluetooth: hci6: command tx timeout
[  309.195328][T11401] @: renamed from vlan0 (while UP)
[  309.351166][T11404] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  309.354416][T11404] overlayfs: missing 'lowerdir'
[  309.456291][ T5356] Bluetooth: hci7: command tx timeout
[  309.839865][   T39] kauditd_printk_skb: 87 callbacks suppressed
[  309.839876][   T39] audit: type=1326 audit(1729495654.491:84394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  309.861177][   T39] audit: type=1326 audit(1729495654.511:84395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  309.871685][   T39] audit: type=1326 audit(1729495654.511:84396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  309.879763][   T39] audit: type=1326 audit(1729495654.511:84397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  309.887644][   T39] audit: type=1326 audit(1729495654.511:84398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  309.895821][   T39] audit: type=1326 audit(1729495654.511:84399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf73de579 code=0x7ffc0000
[  309.904190][   T39] audit: type=1326 audit(1729495654.511:84400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  309.915711][   T39] audit: type=1326 audit(1729495654.511:84401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  309.922030][   T39] audit: type=1326 audit(1729495654.511:84402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  309.928385][   T39] audit: type=1326 audit(1729495654.511:84403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11422 comm="syz.1.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  310.718098][T11439] overlayfs: missing 'lowerdir'
[  310.774373][T11443] input: syz0 as /devices/virtual/input/input16
[  310.841220][T11443] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  311.023206][T11450] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1454'.
[  311.025796][T11450] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  311.137157][ T5356] Bluetooth: hci6: command tx timeout
[  311.410426][T11452] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1455'.
[  311.420850][T11452] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1455'.
[  311.536149][ T5356] Bluetooth: hci7: command tx timeout
[  311.815774][T11466] netlink: 'syz.1.1459': attribute type 3 has an invalid length.
[  311.823141][T11466] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1459'.
[  311.833966][T11466] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1459'.
[  312.107943][T11477] FAULT_INJECTION: forcing a failure.
[  312.107943][T11477] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.117406][T11477] CPU: 0 UID: 0 PID: 11477 Comm: syz.1.1461 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  312.120221][T11477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  312.123035][T11477] Call Trace:
[  312.123921][T11477]  <TASK>
[  312.124715][T11477]  dump_stack_lvl+0x16c/0x1f0
[  312.125960][T11477]  should_fail_ex+0x497/0x5b0
[  312.127218][T11477]  _copy_from_user+0x30/0xf0
[  312.128457][T11477]  get_compat_msghdr+0xa8/0x170
[  312.129738][T11477]  ? __pfx_get_compat_msghdr+0x10/0x10
[  312.131166][T11477]  ? __pfx___lock_acquire+0x10/0x10
[  312.132553][T11477]  ___sys_sendmsg+0x1b0/0x1e0
[  312.133792][T11477]  ? __pfx____sys_sendmsg+0x10/0x10
[  312.135160][T11477]  ? lock_acquire+0x2f/0xb0
[  312.136366][T11477]  ? __fget_files+0x40/0x3f0
[  312.137579][T11477]  ? __pfx___might_resched+0x10/0x10
[  312.138967][T11477]  ? fdget+0x176/0x210
[  312.140052][T11477]  __sys_sendmmsg+0x2a5/0x450
[  312.141304][T11477]  ? __pfx___sys_sendmmsg+0x10/0x10
[  312.142671][T11477]  ? vfs_write+0x14d/0x1140
[  312.143889][T11477]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  312.145445][T11477]  ? fput+0x30/0x390
[  312.146490][T11477]  ? ksys_write+0x1ad/0x260
[  312.147684][T11477]  ? __pfx_ksys_write+0x10/0x10
[  312.148973][T11477]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  312.150438][T11477]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  312.152168][T11477]  __do_fast_syscall_32+0x73/0x120
[  312.153522][T11477]  do_fast_syscall_32+0x32/0x80
[  312.154801][T11477]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  312.156462][T11477] RIP: 0023:0xf73de579
[  312.157538][T11477] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  312.162528][T11477] RSP: 002b:00000000f56a556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  312.164711][T11477] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  312.166781][T11477] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  312.168862][T11477] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  312.170932][T11477] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  312.173008][T11477] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  312.175082][T11477]  </TASK>
[  312.479564][T11479] overlayfs: missing 'lowerdir'
[  312.544151][T11481] kAFS: unable to lookup cell '.,'
[  312.781502][T11485] fuse: Bad value for 'user_id'
[  312.783286][T11485] fuse: Bad value for 'user_id'
[  312.810659][T11489] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1466'.
[  312.942725][T11496] batadv0: entered promiscuous mode
[  312.944753][T11496] batadv_slave_0: entered promiscuous mode
[  312.946655][T11496] batadv_slave_0: left promiscuous mode
[  312.956244][T11496] batadv0: left promiscuous mode
[  313.194319][T11507] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1469'.
[  313.197820][T11507] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  313.197995][T11509] overlayfs: missing 'lowerdir'
[  313.507286][T11525] x_tables: duplicate underflow at hook 1
[  313.616167][ T5356] Bluetooth: hci7: command tx timeout
[  314.378620][T11541] FAULT_INJECTION: forcing a failure.
[  314.378620][T11541] name failslab, interval 1, probability 0, space 0, times 0
[  314.382098][T11541] CPU: 2 UID: 0 PID: 11541 Comm: syz.1.1480 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  314.384870][T11541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  314.388355][T11541] Call Trace:
[  314.389488][T11541]  <TASK>
[  314.390492][T11541]  dump_stack_lvl+0x16c/0x1f0
[  314.392084][T11541]  should_fail_ex+0x497/0x5b0
[  314.393561][T11541]  should_failslab+0xc2/0x120
[  314.395123][T11541]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  314.396715][T11541]  ? dst_alloc+0x99/0x1a0
[  314.398409][T11541]  dst_alloc+0x99/0x1a0
[  314.399873][T11541]  rt_dst_alloc+0x35/0x3a0
[  314.401269][T11541]  ip_route_output_key_hash_rcu+0x8a5/0x2770
[  314.403044][T11541]  ip_route_output_key_hash+0x138/0x2e0
[  314.404515][T11541]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  314.406097][T11541]  ? __pfx_lock_release+0x10/0x10
[  314.407481][T11541]  ? trace_lock_acquire+0x14a/0x1d0
[  314.408838][T11541]  ? mark_lock+0xb5/0xc60
[  314.410190][T11541]  ? lockdep_hardirqs_on+0x7c/0x110
[  314.410211][T11541]  ip_route_output_flow+0x27/0x150
[  314.410225][T11541]  raw_sendmsg+0xc53/0x3ad0
[  314.410236][T11541]  ? hlock_class+0x4e/0x130
[  314.410252][T11541]  ? __pfx_raw_sendmsg+0x10/0x10
[  314.410262][T11541]  ? hlock_class+0x4e/0x130
[  314.418606][T11541]  ? __lock_acquire+0x163e/0x3ce0
[  314.419925][T11541]  ? __pfx___might_resched+0x10/0x10
[  314.421420][T11541]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  314.423465][T11541]  ? __pfx_aa_sk_perm+0x10/0x10
[  314.425093][T11541]  ? __import_iovec+0x1fd/0x6e0
[  314.426674][T11541]  ? __pfx_raw_sendmsg+0x10/0x10
[  314.428118][T11541]  ? inet_sendmsg+0x119/0x140
[  314.429529][T11541]  inet_sendmsg+0x119/0x140
[  314.430712][T11541]  ____sys_sendmsg+0x907/0xb40
[  314.432066][T11541]  ? __pfx_____sys_sendmsg+0x10/0x10
[  314.433703][T11541]  ? get_compat_msghdr+0x11b/0x170
[  314.435420][T11541]  ? __pfx___lock_acquire+0x10/0x10
[  314.437163][T11541]  ___sys_sendmsg+0x135/0x1e0
[  314.438777][T11541]  ? __pfx____sys_sendmsg+0x10/0x10
[  314.440418][T11541]  ? lock_acquire+0x2f/0xb0
[  314.441930][T11541]  ? __fget_files+0x40/0x3f0
[  314.443503][T11541]  ? __pfx___might_resched+0x10/0x10
[  314.445308][T11541]  ? fdget+0x176/0x210
[  314.446696][T11541]  __sys_sendmmsg+0x2a5/0x450
[  314.448313][T11541]  ? __pfx___sys_sendmmsg+0x10/0x10
[  314.450069][T11541]  ? vfs_write+0x14d/0x1140
[  314.451623][T11541]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  314.453675][T11541]  ? fput+0x30/0x390
[  314.455013][T11541]  ? ksys_write+0x1ad/0x260
[  314.456556][T11541]  ? __pfx_ksys_write+0x10/0x10
[  314.458201][T11541]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  314.460063][T11541]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  314.462276][T11541]  __do_fast_syscall_32+0x73/0x120
[  314.464009][T11541]  do_fast_syscall_32+0x32/0x80
[  314.465666][T11541]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  314.467780][T11541] RIP: 0023:0xf73de579
[  314.469162][T11541] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  314.475649][T11541] RSP: 002b:00000000f56a556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  314.478442][T11541] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  314.481078][T11541] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  314.483705][T11541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  314.486339][T11541] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  314.489162][T11541] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  314.491827][T11541]  </TASK>
[  314.554861][T11543] overlayfs: missing 'lowerdir'
[  315.085899][T11563] No control pipe specified
[  315.103878][T11563] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  315.106908][T11563] overlayfs: missing 'lowerdir'
[  315.340724][   T39] kauditd_printk_skb: 87 callbacks suppressed
[  315.340740][   T39] audit: type=1326 audit(1729495660.001:84491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  315.350524][   T39] audit: type=1326 audit(1729495660.011:84492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  315.378691][   T39] audit: type=1326 audit(1729495660.021:84493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  315.388364][   T39] audit: type=1326 audit(1729495660.021:84494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  315.396253][   T39] audit: type=1326 audit(1729495660.021:84495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  315.411121][   T39] audit: type=1326 audit(1729495660.021:84496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  315.421330][   T39] audit: type=1326 audit(1729495660.021:84497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  315.427254][   T39] audit: type=1326 audit(1729495660.021:84498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  315.433097][   T39] audit: type=1326 audit(1729495660.021:84499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  315.446429][   T39] audit: type=1326 audit(1729495660.071:84500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1486" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7ffc0000
[  316.006379][T11582] overlayfs: missing 'lowerdir'
[  316.167518][T11593] input: syz0 as /devices/virtual/input/input17
[  316.451495][T11599] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1494'.
[  316.462912][T11599] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1494'.
[  316.744181][T11607] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1496'.
[  316.747689][T11607] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  317.118155][T11618] overlayfs: missing 'lowerdir'
[  318.401813][T11628] netfs: Couldn't get user pages (rc=-14)
[  318.633132][T11628] syz.1.1502[11628] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  318.633359][T11628] syz.1.1502[11628] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  318.636571][T11628] syz.1.1502[11628] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  319.247575][T11652] overlayfs: disabling nfs_export due to verity=require
[  319.252497][T11652] overlayfs: missing 'lowerdir'
[  319.438669][T11667] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1511'.
[  319.441569][T11667] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  320.233150][T11672] FAULT_INJECTION: forcing a failure.
[  320.233150][T11672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  320.239492][T11672] CPU: 1 UID: 0 PID: 11672 Comm: syz.3.1513 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  320.242369][T11672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  320.245117][T11672] Call Trace:
[  320.245970][T11672]  <TASK>
[  320.246748][T11672]  dump_stack_lvl+0x16c/0x1f0
[  320.247939][T11672]  should_fail_ex+0x497/0x5b0
[  320.249181][T11672]  _copy_from_user+0x30/0xf0
[  320.250395][T11672]  get_compat_msghdr+0xa8/0x170
[  320.251665][T11672]  ? __pfx_get_compat_msghdr+0x10/0x10
[  320.253110][T11672]  ? __pfx___lock_acquire+0x10/0x10
[  320.254526][T11672]  ___sys_sendmsg+0x1b0/0x1e0
[  320.255749][T11672]  ? __pfx____sys_sendmsg+0x10/0x10
[  320.257117][T11672]  ? lock_acquire+0x2f/0xb0
[  320.258303][T11672]  ? __fget_files+0x40/0x3f0
[  320.259508][T11672]  ? __pfx___might_resched+0x10/0x10
[  320.260877][T11672]  ? fdget+0x176/0x210
[  320.261939][T11672]  __sys_sendmmsg+0x2a5/0x450
[  320.263199][T11672]  ? __pfx___sys_sendmmsg+0x10/0x10
[  320.264604][T11672]  ? vfs_write+0x14d/0x1140
[  320.265799][T11672]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  320.267361][T11672]  ? fput+0x30/0x390
[  320.268406][T11672]  ? ksys_write+0x1ad/0x260
[  320.269588][T11672]  ? __pfx_ksys_write+0x10/0x10
[  320.270869][T11672]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  320.272366][T11672]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  320.274070][T11672]  __do_fast_syscall_32+0x73/0x120
[  320.275410][T11672]  do_fast_syscall_32+0x32/0x80
[  320.276698][T11672]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  320.278320][T11672] RIP: 0023:0xf7f4f579
[  320.279389][T11672] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  320.284342][T11672] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  320.286492][T11672] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  320.288567][T11672] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  320.290609][T11672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  320.292696][T11672] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  320.294742][T11672] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  320.296799][T11672]  </TASK>
[  320.297706][    C1] vkms_vblank_simulate: vblank timer overrun
[  320.476447][T11679] 9pnet_fd: Insufficient options for proto=fd
[  320.759867][T11692] FAULT_INJECTION: forcing a failure.
[  320.759867][T11692] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  320.760305][T11690] overlayfs: disabling nfs_export due to verity=require
[  320.763656][T11692] CPU: 0 UID: 0 PID: 11692 Comm: syz.0.1521 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  320.765816][T11690] overlayfs: missing 'lowerdir'
[  320.768572][T11692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  320.768585][T11692] Call Trace:
[  320.768589][T11692]  <TASK>
[  320.768594][T11692]  dump_stack_lvl+0x16c/0x1f0
[  320.768614][T11692]  should_fail_ex+0x497/0x5b0
[  320.768631][T11692]  _copy_from_user+0x30/0xf0
[  320.768642][T11692]  memdup_user+0x71/0xd0
[  320.768656][T11692]  strndup_user+0x78/0xe0
[  320.768668][T11692]  __ia32_sys_mount+0x138/0x310
[  320.768680][T11692]  ? __pfx___ia32_sys_mount+0x10/0x10
[  320.768694][T11692]  __do_fast_syscall_32+0x73/0x120
[  320.784360][T11692]  do_fast_syscall_32+0x32/0x80
[  320.785639][T11692]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  320.787272][T11692] RIP: 0023:0xf746e579
[  320.788350][T11692] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  320.793308][T11692] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  320.795464][T11692] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  320.797528][T11692] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  320.799566][T11692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  320.801614][T11692] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  320.803659][T11692] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  320.805755][T11692]  </TASK>
[  320.898876][   T39] kauditd_printk_skb: 100 callbacks suppressed
[  320.898925][   T39] audit: type=1326 audit(1729495665.561:84601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  320.930494][   T39] audit: type=1326 audit(1729495665.571:84602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  320.938238][   T39] audit: type=1326 audit(1729495665.571:84603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf746e579 code=0x7ffc0000
[  320.981663][   T39] audit: type=1326 audit(1729495665.571:84604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  320.989260][   T39] audit: type=1326 audit(1729495665.571:84605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  320.995072][   T39] audit: type=1326 audit(1729495665.571:84606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf746e579 code=0x7ffc0000
[  321.001113][   T39] audit: type=1326 audit(1729495665.571:84607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  321.009186][   T39] audit: type=1326 audit(1729495665.571:84608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  321.020511][   T39] audit: type=1326 audit(1729495665.571:84609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf746e579 code=0x7ffc0000
[  321.027873][   T39] audit: type=1326 audit(1729495665.571:84610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11693 comm="syz.0.1522" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  322.119978][T11719] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1529'.
[  322.127277][T11719] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  322.187998][T11721] FAULT_INJECTION: forcing a failure.
[  322.187998][T11721] name failslab, interval 1, probability 0, space 0, times 0
[  322.193073][T11721] CPU: 2 UID: 0 PID: 11721 Comm: syz.3.1530 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  322.195642][T11721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  322.198133][T11721] Call Trace:
[  322.198922][T11721]  <TASK>
[  322.199627][T11721]  dump_stack_lvl+0x16c/0x1f0
[  322.200775][T11721]  should_fail_ex+0x497/0x5b0
[  322.201879][T11721]  ? fs_reclaim_acquire+0xae/0x150
[  322.203078][T11721]  should_failslab+0xc2/0x120
[  322.204190][T11721]  __kmalloc_cache_noprof+0x6b/0x310
[  322.205437][T11721]  ? copy_mount_options+0x55/0x190
[  322.206641][T11721]  copy_mount_options+0x55/0x190
[  322.207804][T11721]  __ia32_sys_mount+0x1ad/0x310
[  322.208956][T11721]  ? __pfx___ia32_sys_mount+0x10/0x10
[  322.210218][T11721]  __do_fast_syscall_32+0x73/0x120
[  322.211763][T11721]  do_fast_syscall_32+0x32/0x80
[  322.213371][T11721]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  322.215383][T11721] RIP: 0023:0xf7f4f579
[  322.216696][T11721] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  322.222754][T11721] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  322.225388][T11721] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  322.227894][T11721] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  322.230412][T11721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  322.233066][T11721] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  322.235237][T11721] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  322.237345][T11721]  </TASK>
[  322.608064][T11729] overlayfs: disabling nfs_export due to verity=require
[  322.610264][T11729] overlayfs: missing 'lowerdir'
[  322.730897][T11737] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  322.869089][T11745] FAULT_INJECTION: forcing a failure.
[  322.869089][T11745] name failslab, interval 1, probability 0, space 0, times 0
[  322.873338][T11745] CPU: 1 UID: 0 PID: 11745 Comm: syz.2.1538 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  322.876450][T11745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  322.879216][T11745] Call Trace:
[  322.880093][T11745]  <TASK>
[  322.880963][T11745]  dump_stack_lvl+0x16c/0x1f0
[  322.882224][T11745]  should_fail_ex+0x497/0x5b0
[  322.883482][T11745]  should_failslab+0xc2/0x120
[  322.885083][T11745]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  322.886963][T11745]  ? dst_alloc+0x99/0x1a0
[  322.888449][T11745]  dst_alloc+0x99/0x1a0
[  322.889923][T11745]  rt_dst_alloc+0x35/0x3a0
[  322.891532][T11745]  ip_route_output_key_hash_rcu+0x8a5/0x2770
[  322.893723][T11745]  ip_route_output_key_hash+0x138/0x2e0
[  322.895726][T11745]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  322.897601][T11745]  ? __pfx_lock_release+0x10/0x10
[  322.899206][T11745]  ? trace_lock_acquire+0x14a/0x1d0
[  322.901084][T11745]  ? mark_lock+0xb5/0xc60
[  322.902636][T11745]  ? lockdep_hardirqs_on+0x7c/0x110
[  322.904477][T11745]  ip_route_output_flow+0x27/0x150
[  322.906200][T11745]  raw_sendmsg+0xc53/0x3ad0
[  322.907383][T11745]  ? hlock_class+0x4e/0x130
[  322.908594][T11745]  ? __pfx_raw_sendmsg+0x10/0x10
[  322.909878][T11745]  ? hlock_class+0x4e/0x130
[  322.911388][T11745]  ? __lock_acquire+0x163e/0x3ce0
[  322.913065][T11745]  ? __pfx___might_resched+0x10/0x10
[  322.914443][T11745]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  322.915996][T11745]  ? __pfx_aa_sk_perm+0x10/0x10
[  322.917288][T11745]  ? __import_iovec+0x1fd/0x6e0
[  322.918564][T11745]  ? __pfx_raw_sendmsg+0x10/0x10
[  322.919857][T11745]  ? inet_sendmsg+0x119/0x140
[  322.921413][T11745]  inet_sendmsg+0x119/0x140
[  322.923053][T11745]  ____sys_sendmsg+0x907/0xb40
[  322.924727][T11745]  ? __pfx_____sys_sendmsg+0x10/0x10
[  322.926104][T11745]  ? get_compat_msghdr+0x11b/0x170
[  322.927440][T11745]  ? __pfx___lock_acquire+0x10/0x10
[  322.928902][T11745]  ___sys_sendmsg+0x135/0x1e0
[  322.930341][T11745]  ? __pfx____sys_sendmsg+0x10/0x10
[  322.932272][T11745]  ? lock_acquire+0x2f/0xb0
[  322.933854][T11745]  ? __fget_files+0x40/0x3f0
[  322.935067][T11745]  ? __pfx___might_resched+0x10/0x10
[  322.936451][T11745]  ? fdget+0x176/0x210
[  322.937615][T11745]  __sys_sendmmsg+0x2a5/0x450
[  322.939248][T11745]  ? __pfx___sys_sendmmsg+0x10/0x10
[  322.940749][T11745]  ? vfs_write+0x14d/0x1140
[  322.942007][T11745]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  322.943610][T11745]  ? fput+0x30/0x390
[  322.944656][T11745]  ? ksys_write+0x1ad/0x260
[  322.945873][T11745]  ? __pfx_ksys_write+0x10/0x10
[  322.947141][T11745]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  322.948641][T11745]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  322.950420][T11745]  __do_fast_syscall_32+0x73/0x120
[  322.952316][T11745]  do_fast_syscall_32+0x32/0x80
[  322.954037][T11745]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  322.955850][T11745] RIP: 0023:0xf7f71579
[  322.957208][T11745] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  322.962199][T11745] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  322.964384][T11745] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  322.966441][T11745] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  322.968508][T11745] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  322.970550][T11745] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  322.972630][T11745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  322.974678][T11745]  </TASK>
[  322.975623][    C1] vkms_vblank_simulate: vblank timer overrun
[  323.506765][T11748] FAULT_INJECTION: forcing a failure.
[  323.506765][T11748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  323.510349][T11748] CPU: 1 UID: 0 PID: 11748 Comm: syz.0.1539 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  323.513160][T11748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  323.515964][T11748] Call Trace:
[  323.516877][T11748]  <TASK>
[  323.517662][T11748]  dump_stack_lvl+0x16c/0x1f0
[  323.518972][T11748]  should_fail_ex+0x497/0x5b0
[  323.520388][T11748]  _copy_from_user+0x30/0xf0
[  323.521624][T11748]  copy_mount_options+0x76/0x190
[  323.522946][T11748]  __ia32_sys_mount+0x1ad/0x310
[  323.524450][T11748]  ? __pfx___ia32_sys_mount+0x10/0x10
[  323.526412][T11748]  __do_fast_syscall_32+0x73/0x120
[  323.528315][T11748]  do_fast_syscall_32+0x32/0x80
[  323.530117][T11748]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  323.532162][T11748] RIP: 0023:0xf746e579
[  323.533715][T11748] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  323.540089][T11748] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  323.542391][T11748] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  323.544491][T11748] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  323.546558][T11748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  323.548822][T11748] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  323.551151][T11748] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  323.553241][T11748]  </TASK>
[  323.554118][    C1] vkms_vblank_simulate: vblank timer overrun
[  323.562400][T11748] overlayfs: disabling nfs_export due to verity=require
[  323.565710][T11748] overlayfs: missing 'lowerdir'
[  323.770400][T11754] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 58431 (only 8 groups)
[  323.934276][T11758] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1542'.
[  323.938202][T11758] netlink: 'syz.2.1542': attribute type 2 has an invalid length.
[  323.940387][T11758] netlink: 'syz.2.1542': attribute type 1 has an invalid length.
[  324.525286][T11760] binfmt_misc: register: failed to install interpreter file ./file0
[  324.756171][ T1438] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  324.883390][T11769] syz.2.1545: attempt to access beyond end of device
[  324.883390][T11769] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128
[  324.887867][T11769] gfs2: error -5 reading superblock
[  324.907372][ T1438] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  324.910005][ T1438] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  324.912332][ T1438] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  324.917258][ T1438] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  324.919760][ T1438] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.921911][ T1438] usb 5-1: Product: syz
[  324.923073][ T1438] usb 5-1: Manufacturer: syz
[  324.924355][ T1438] usb 5-1: SerialNumber: syz
[  324.929599][ T1438] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  324.931406][ T1438] cdc_ncm 5-1:1.0: bind() failure
[  325.466205][  T979] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  325.602874][ T1438] usb 5-1: USB disconnect, device number 11
[  325.720348][  T979] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  325.725105][  T979] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  325.728927][  T979] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  325.733199][  T979] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  325.736532][  T979] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.741100][  T979] usb 7-1: config 0 descriptor??
[  325.743209][T11774] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  326.007730][T11774] overlayfs: disabling nfs_export due to verity=require
[  326.010132][T11774] overlayfs: missing 'lowerdir'
[  326.012656][T11773] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1546'.
[  326.106368][  T979] usbhid 7-1:0.0: can't add hid device: -71
[  326.109583][  T979] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  326.113964][  T979] usb 7-1: USB disconnect, device number 18
[  327.245237][   T39] kauditd_printk_skb: 130 callbacks suppressed
[  327.245277][   T39] audit: type=1326 audit(1729495671.901:84741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.254674][   T39] audit: type=1326 audit(1729495671.911:84742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.286263][   T39] audit: type=1326 audit(1729495671.921:84743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.293472][   T39] audit: type=1326 audit(1729495671.921:84744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.321866][   T39] audit: type=1326 audit(1729495671.921:84745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.332183][   T39] audit: type=1326 audit(1729495671.931:84746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.338032][   T39] audit: type=1326 audit(1729495671.931:84747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.344044][   T39] audit: type=1326 audit(1729495671.931:84748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.364573][   T39] audit: type=1326 audit(1729495671.931:84749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.370361][   T39] audit: type=1326 audit(1729495671.931:84750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.1.1553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  327.836205][T11824] nbd0: detected capacity change from 0 to 12
[  327.841216][ T9921] block nbd0: Send control failed (result -89)
[  327.843492][T11824] block nbd0: NBD_DISCONNECT
[  327.845419][ T9921] block nbd0: Request send failed, requeueing
[  327.849063][ T9921] block nbd0: Disconnected due to user request.
[  327.856117][T11824] block nbd0: Send disconnect failed -89
[  327.860116][   T36] blk_print_req_error: 5 callbacks suppressed
[  327.860126][   T36] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.864226][   T36] buffer_io_error: 5 callbacks suppressed
[  327.864234][   T36] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.870012][ T9921] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.873445][ T9921] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.876536][ T9921] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.879744][ T9921] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.884614][ T9921] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.888538][ T9921] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.891723][ T9921] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.894991][ T9921] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.909661][ T9921] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.912013][ T9921] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.914052][ T9921] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.916718][ T9921] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.918787][ T9921] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.921140][ T9921] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.923128][ T9921] ldm_validate_partition_table(): Disk read failed.
[  327.924844][ T9921] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.927279][ T9921] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.929299][ T9921] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.931572][ T9921] Buffer I/O error on dev nbd0, logical block 0, async page read
[  327.933648][ T9921] Dev nbd0: unable to read RDB block 0
[  327.935192][ T9921]  nbd0: unable to read partition table
[  327.946814][ T9921] nbd0: partition table beyond EOD, truncated
[  327.955001][T11824] ldm_validate_partition_table(): Disk read failed.
[  327.966110][T11824] Dev nbd0: unable to read RDB block 0
[  327.967673][T11824]  nbd0: unable to read partition table
[  327.969186][T11824] nbd0: partition table beyond EOD, truncated
[  327.978550][ T9921] ldm_validate_partition_table(): Disk read failed.
[  327.983684][ T9921] Dev nbd0: unable to read RDB block 0
[  327.986324][ T9921]  nbd0: unable to read partition table
[  327.988354][ T9921] nbd0: partition table beyond EOD, truncated
[  328.760877][T11827] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  329.123026][T11852] xt_connbytes: Forcing CT accounting to be enabled
[  329.133343][T11852] xt_CT: You must specify a L4 protocol and not use inversions on it
[  329.150501][T11853] FAULT_INJECTION: forcing a failure.
[  329.150501][T11853] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  329.153903][T11853] CPU: 2 UID: 0 PID: 11853 Comm: syz.3.1564 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  329.156744][T11853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  329.159513][T11853] Call Trace:
[  329.160396][T11853]  <TASK>
[  329.161198][T11853]  dump_stack_lvl+0x16c/0x1f0
[  329.162471][T11853]  should_fail_ex+0x497/0x5b0
[  329.163704][T11853]  _copy_from_user+0x30/0xf0
[  329.164933][T11853]  get_compat_msghdr+0xa8/0x170
[  329.166261][T11853]  ? __pfx_get_compat_msghdr+0x10/0x10
[  329.167703][T11853]  ? __pfx___lock_acquire+0x10/0x10
[  329.169080][T11853]  ___sys_sendmsg+0x1b0/0x1e0
[  329.170324][T11853]  ? __pfx____sys_sendmsg+0x10/0x10
[  329.171714][T11853]  ? lock_acquire+0x2f/0xb0
[  329.172940][T11853]  ? __fget_files+0x40/0x3f0
[  329.174148][T11853]  ? __pfx___might_resched+0x10/0x10
[  329.175492][T11853]  ? fdget+0x176/0x210
[  329.176831][T11853]  __sys_sendmmsg+0x2a5/0x450
[  329.178439][T11853]  ? __pfx___sys_sendmmsg+0x10/0x10
[  329.180240][T11853]  ? vfs_write+0x14d/0x1140
[  329.181843][T11853]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  329.183843][T11853]  ? fput+0x30/0x390
[  329.184941][T11853]  ? ksys_write+0x1ad/0x260
[  329.186215][T11853]  ? __pfx_ksys_write+0x10/0x10
[  329.187534][T11853]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  329.189183][T11853]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  329.191008][T11853]  __do_fast_syscall_32+0x73/0x120
[  329.192536][T11853]  do_fast_syscall_32+0x32/0x80
[  329.194018][T11853]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  329.196134][T11853] RIP: 0023:0xf7f4f579
[  329.197246][T11853] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  329.202675][T11853] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  329.204845][T11853] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  329.206946][T11853] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  329.209013][T11853] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  329.211272][T11853] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  329.213387][T11853] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  329.215475][T11853]  </TASK>
[  329.706513][T11861] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1567'.
[  330.058266][T11867] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  330.075565][T11869] FAULT_INJECTION: forcing a failure.
[  330.075565][T11869] name failslab, interval 1, probability 0, space 0, times 0
[  330.080492][T11869] CPU: 0 UID: 0 PID: 11869 Comm: syz.2.1570 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  330.084213][T11869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  330.087800][T11869] Call Trace:
[  330.088954][T11869]  <TASK>
[  330.089979][T11869]  dump_stack_lvl+0x16c/0x1f0
[  330.091585][T11869]  should_fail_ex+0x497/0x5b0
[  330.093218][T11869]  ? fs_reclaim_acquire+0xae/0x150
[  330.094938][T11869]  should_failslab+0xc2/0x120
[  330.096542][T11869]  __kmalloc_noprof+0xcb/0x410
[  330.098131][T11869]  ? __pfx_lock_release+0x10/0x10
[  330.099782][T11869]  tomoyo_encode2+0x100/0x3e0
[  330.101365][T11869]  ? bpf_ksym_find+0x124/0x1c0
[  330.102625][T11869]  tomoyo_encode+0x2c/0x40
[  330.103788][T11869]  tomoyo_mount_acl+0x145/0x880
[  330.105036][T11869]  ? hlock_class+0x4e/0x130
[  330.106185][T11869]  ? __lock_acquire+0x163e/0x3ce0
[  330.107483][T11869]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  330.108891][T11869]  ? __pfx___lock_acquire+0x10/0x10
[  330.110238][T11869]  ? stack_trace_save+0x95/0xd0
[  330.111500][T11869]  ? __pfx_lock_release+0x10/0x10
[  330.112843][T11869]  ? trace_lock_acquire+0x14a/0x1d0
[  330.114191][T11869]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  330.115887][T11869]  ? tomoyo_mount_permission+0x146/0x410
[  330.117370][T11869]  ? lock_acquire+0x2f/0xb0
[  330.118563][T11869]  ? tomoyo_mount_permission+0x146/0x410
[  330.120023][T11869]  tomoyo_mount_permission+0x16b/0x410
[  330.121454][T11869]  ? tomoyo_mount_permission+0x146/0x410
[  330.122922][T11869]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  330.124500][T11869]  ? get_current_fs_domain+0x188/0x1f0
[  330.125920][T11869]  security_sb_mount+0x9b/0x260
[  330.127194][T11869]  path_mount+0x129/0x1f10
[  330.128374][T11869]  ? kmem_cache_free+0x152/0x4b0
[  330.129666][T11869]  ? __pfx_path_mount+0x10/0x10
[  330.130945][T11869]  ? putname+0x12e/0x170
[  330.132069][T11869]  __ia32_sys_mount+0x292/0x310
[  330.133356][T11869]  ? __pfx___ia32_sys_mount+0x10/0x10
[  330.134761][T11869]  __do_fast_syscall_32+0x73/0x120
[  330.136101][T11869]  do_fast_syscall_32+0x32/0x80
[  330.137474][T11869]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  330.139122][T11869] RIP: 0023:0xf7f71579
[  330.140201][T11869] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  330.145152][T11869] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  330.147311][T11869] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  330.149350][T11869] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  330.151415][T11869] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  330.153474][T11869] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  330.155513][T11869] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  330.157554][T11869]  </TASK>
[  330.296191][  T979] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  330.380865][T11875] team0: entered promiscuous mode
[  330.382665][T11875] team_slave_0: entered promiscuous mode
[  330.385721][T11875] team_slave_1: entered promiscuous mode
[  330.389552][T11875] overlayfs: disabling nfs_export due to verity=require
[  330.391386][T11875] overlayfs: missing 'lowerdir'
[  330.393544][T11874] team0: left promiscuous mode
[  330.395075][T11874] team_slave_0: left promiscuous mode
[  330.398840][T11874] team_slave_1: left promiscuous mode
[  330.446111][  T979] usb 6-1: Using ep0 maxpacket: 8
[  330.471225][  T979] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  330.473800][  T979] usb 6-1: config 246 descriptor has 1 excess byte, ignoring
[  330.476115][  T979] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42
[  330.478253][T11878] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1574'.
[  330.478495][  T979] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  330.493994][  T979] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  330.497207][  T979] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  330.500722][  T979] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  330.504366][  T979] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  330.506819][  T979] usb 6-1: config 246 descriptor has 1 excess byte, ignoring
[  330.508840][  T979] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42
[  330.511223][  T979] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  330.514231][  T979] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  330.517343][  T979] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  330.520262][  T979] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  330.524031][  T979] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  330.526386][  T979] usb 6-1: config 246 descriptor has 1 excess byte, ignoring
[  330.536124][  T979] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42
[  330.538735][  T979] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  330.541777][  T979] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  330.544638][  T979] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  330.556192][  T979] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  330.562392][  T979] usb 6-1: string descriptor 0 read error: -22
[  330.564060][  T979] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  330.566452][  T979] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.598534][  T979] adutux 6-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  330.766102][ T1414] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  330.916216][ T1414] usb 7-1: Using ep0 maxpacket: 32
[  330.929201][ T1414] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  330.934387][ T1414] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  330.944487][ T1414] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  330.952284][ T1414] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  330.959537][ T1414] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  330.968556][ T1414] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  330.981234][ T1414] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  330.985853][ T1414] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.000380][ T1414] usb 7-1: config 0 descriptor??
[  331.199656][ T1438] usb 6-1: USB disconnect, device number 15
[  331.215302][ T1414] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 19 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  331.228855][ T1414] usb 7-1: USB disconnect, device number 19
[  331.235315][ T1414] usblp0: removed
[  331.459976][T11898] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1577'.
[  331.462575][T11898] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  331.696186][ T1438] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  331.794204][T11902] FAULT_INJECTION: forcing a failure.
[  331.794204][T11902] name failslab, interval 1, probability 0, space 0, times 0
[  331.800008][T11902] CPU: 3 UID: 0 PID: 11902 Comm: syz.1.1580 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  331.802782][T11902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  331.805750][T11902] Call Trace:
[  331.806726][T11902]  <TASK>
[  331.807577][T11902]  dump_stack_lvl+0x16c/0x1f0
[  331.808806][T11902]  should_fail_ex+0x497/0x5b0
[  331.810029][T11902]  ? fs_reclaim_acquire+0xae/0x150
[  331.811350][T11902]  should_failslab+0xc2/0x120
[  331.812665][T11902]  __kmalloc_noprof+0xcb/0x410
[  331.813903][T11902]  ? __kmalloc_noprof+0x207/0x410
[  331.815224][T11902]  tomoyo_realpath_from_path+0xbf/0x710
[  331.816687][T11902]  ? tomoyo_fill_path_info+0x233/0x420
[  331.818059][T11902]  tomoyo_mount_acl+0x1af/0x880
[  331.819302][T11902]  ? hlock_class+0x4e/0x130
[  331.820439][T11902]  ? __lock_acquire+0x163e/0x3ce0
[  331.821704][T11902]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  331.823080][T11902]  ? __pfx___lock_acquire+0x10/0x10
[  331.824479][T11902]  ? stack_trace_save+0x95/0xd0
[  331.825685][T11902]  ? __pfx_lock_release+0x10/0x10
[  331.827006][T11902]  ? trace_lock_acquire+0x14a/0x1d0
[  331.828345][T11902]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  331.829946][T11902]  ? tomoyo_mount_permission+0x146/0x410
[  331.831372][T11902]  ? lock_acquire+0x2f/0xb0
[  331.832593][T11902]  ? tomoyo_mount_permission+0x146/0x410
[  331.834044][T11902]  tomoyo_mount_permission+0x16b/0x410
[  331.835438][T11902]  ? tomoyo_mount_permission+0x146/0x410
[  331.836900][T11902]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  331.838444][T11902]  ? get_current_fs_domain+0x188/0x1f0
[  331.839837][T11902]  security_sb_mount+0x9b/0x260
[  331.841257][T11902]  path_mount+0x129/0x1f10
[  331.842407][T11902]  ? kmem_cache_free+0x152/0x4b0
[  331.843682][T11902]  ? __pfx_path_mount+0x10/0x10
[  331.844953][T11902]  ? putname+0x12e/0x170
[  331.846094][T11902]  __ia32_sys_mount+0x292/0x310
[  331.846125][ T1438] usb 7-1: Using ep0 maxpacket: 32
[  331.847335][T11902]  ? __pfx___ia32_sys_mount+0x10/0x10
[  331.847364][T11902]  __do_fast_syscall_32+0x73/0x120
[  331.847380][T11902]  do_fast_syscall_32+0x32/0x80
[  331.850657][ T1438] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  331.851960][T11902]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  331.851979][T11902] RIP: 0023:0xf73de579
[  331.851989][T11902] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  331.851998][T11902] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  331.852008][T11902] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  331.853884][ T1438] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  331.855694][T11902] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  331.855703][T11902] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  331.855709][T11902] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  331.855715][T11902] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  331.855728][T11902]  </TASK>
[  331.864472][T11902] ERROR: Out of memory at tomoyo_realpath_from_path.
[  331.865755][ T1438] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  331.889732][ T1438] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  331.892928][ T1438] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  331.896247][ T1438] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  331.900530][ T1438] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  331.903552][ T1438] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.909876][ T1438] usb 7-1: config 0 descriptor??
[  332.114878][ T1438] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 20 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  332.381745][   T39] kauditd_printk_skb: 95 callbacks suppressed
[  332.381756][   T39] audit: type=1326 audit(1729495677.041:84846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.388773][   T39] audit: type=1326 audit(1729495677.041:84847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.394025][   T39] audit: type=1326 audit(1729495677.041:84848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.406153][   T39] audit: type=1326 audit(1729495677.041:84849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.411375][   T39] audit: type=1326 audit(1729495677.041:84850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.426137][   T39] audit: type=1326 audit(1729495677.041:84851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.431459][   T39] audit: type=1326 audit(1729495677.041:84852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.446374][   T39] audit: type=1326 audit(1729495677.041:84853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.452049][   T39] audit: type=1326 audit(1729495677.041:84854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.476183][   T39] audit: type=1326 audit(1729495677.041:84855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.1.1584" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  332.702664][ T5388] usb 7-1: USB disconnect, device number 20
[  332.705528][ T5388] usblp0: removed
[  333.207307][T11946] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1588'.
[  333.234131][T11939] tmpfs: Unknown parameter '0x0000000000000006ÿÿ'
[  333.235992][T11939] tmpfs: Unknown parameter '0x0000000000000006ÿÿ'
[  333.716508][    T9] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  333.867821][    T9] usb 7-1: config 0 has no interfaces?
[  333.869368][    T9] usb 7-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00
[  333.871640][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.888373][    T9] usb 7-1: config 0 descriptor??
[  334.052074][T11971] overlayfs: disabling nfs_export due to verity=require
[  334.053967][T11971] overlayfs: missing 'lowerdir'
[  334.306666][ T4805] usb 7-1: USB disconnect, device number 21
[  334.471309][T11973] syz.0.1594: attempt to access beyond end of device
[  334.471309][T11973] nbd0: rw=4096, sector=0, nr_sectors = 2 limit=0
[  334.511263][T11973] XFS (nbd0): SB validate failed with error -5.
[  335.357004][T11983] No control pipe specified
[  337.162147][T11994] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1596'.
[  337.164766][T11994] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  338.147791][T11998] FAULT_INJECTION: forcing a failure.
[  338.147791][T11998] name failslab, interval 1, probability 0, space 0, times 0
[  338.151121][T11998] CPU: 3 UID: 0 PID: 11998 Comm: syz.1.1598 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  338.153947][T11998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  338.156773][T11998] Call Trace:
[  338.157661][T11998]  <TASK>
[  338.158455][T11998]  dump_stack_lvl+0x16c/0x1f0
[  338.159718][T11998]  should_fail_ex+0x497/0x5b0
[  338.160993][T11998]  ? fs_reclaim_acquire+0xae/0x150
[  338.162347][T11998]  should_failslab+0xc2/0x120
[  338.163606][T11998]  __kmalloc_noprof+0xcb/0x410
[  338.164901][T11998]  ? __get_fs_type+0x21/0x170
[  338.166205][T11998]  tomoyo_encode2+0x100/0x3e0
[  338.167450][T11998]  tomoyo_encode+0x2c/0x40
[  338.168629][T11998]  tomoyo_mount_acl+0x314/0x880
[  338.169917][T11998]  ? hlock_class+0x4e/0x130
[  338.171117][T11998]  ? __lock_acquire+0x163e/0x3ce0
[  338.172474][T11998]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  338.173896][T11998]  ? __pfx___lock_acquire+0x10/0x10
[  338.175269][T11998]  ? stack_trace_save+0x95/0xd0
[  338.176567][T11998]  ? __pfx_lock_release+0x10/0x10
[  338.178016][T11998]  ? trace_lock_acquire+0x14a/0x1d0
[  338.179467][T11998]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  338.181200][T11998]  ? tomoyo_mount_permission+0x146/0x410
[  338.182681][T11998]  ? lock_acquire+0x2f/0xb0
[  338.183879][T11998]  ? tomoyo_mount_permission+0x146/0x410
[  338.185416][T11998]  tomoyo_mount_permission+0x16b/0x410
[  338.186838][T11998]  ? tomoyo_mount_permission+0x146/0x410
[  338.188310][T11998]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  338.189869][T11998]  ? get_current_fs_domain+0x188/0x1f0
[  338.191287][T11998]  security_sb_mount+0x9b/0x260
[  338.192585][T11998]  path_mount+0x129/0x1f10
[  338.193763][T11998]  ? kmem_cache_free+0x152/0x4b0
[  338.195065][T11998]  ? __pfx_path_mount+0x10/0x10
[  338.196353][T11998]  ? putname+0x12e/0x170
[  338.197469][T11998]  __ia32_sys_mount+0x292/0x310
[  338.198744][T11998]  ? __pfx___ia32_sys_mount+0x10/0x10
[  338.200156][T11998]  __do_fast_syscall_32+0x73/0x120
[  338.201503][T11998]  do_fast_syscall_32+0x32/0x80
[  338.202774][T11998]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  338.204434][T11998] RIP: 0023:0xf73de579
[  338.205546][T11998] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  338.210675][T11998] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  338.212861][T11998] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  338.214904][T11998] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  338.216953][T11998] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  338.219101][T11998] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  338.221175][T11998] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  338.223335][T11998]  </TASK>
[  338.571948][T12008] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[  338.574349][T12008] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  338.588517][T12008] vhci_hcd vhci_hcd.0: Device attached
[  338.770861][T12009] vhci_hcd: connection closed
[  338.773535][   T76] vhci_hcd: stop threads
[  338.776966][   T76] vhci_hcd: release socket
[  338.779278][   T76] vhci_hcd: disconnect device
[  338.826451][   T65] usb 15-1: new high-speed USB device number 2 using vhci_hcd
[  338.830220][   T65] usb 15-1: enqueue for inactive port 0
[  338.901374][   T65] vhci_hcd: vhci_device speed not set
[  340.351742][T12031] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1607'.
[  340.356984][T12031] netlink: 'syz.3.1607': attribute type 11 has an invalid length.
[  340.374934][T12031] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  340.377443][T12031] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  340.379685][T12031] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  340.381959][T12031] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  340.389588][T12031] vxlan0: entered promiscuous mode
[  340.402382][T12031] overlayfs: disabling nfs_export due to verity=require
[  340.405153][T12031] overlayfs: missing 'lowerdir'
[  340.681581][T12035] FAULT_INJECTION: forcing a failure.
[  340.681581][T12035] name failslab, interval 1, probability 0, space 0, times 0
[  340.702517][T12035] CPU: 2 UID: 0 PID: 12035 Comm: syz.0.1609 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  340.705367][T12035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  340.708153][T12035] Call Trace:
[  340.709034][T12035]  <TASK>
[  340.709823][T12035]  dump_stack_lvl+0x16c/0x1f0
[  340.711066][T12035]  should_fail_ex+0x497/0x5b0
[  340.712327][T12035]  ? fs_reclaim_acquire+0xae/0x150
[  340.713672][T12035]  should_failslab+0xc2/0x120
[  340.714908][T12035]  __kmalloc_cache_noprof+0x6b/0x310
[  340.716303][T12035]  ? alloc_fs_context+0x57/0x9c0
[  340.717593][T12035]  alloc_fs_context+0x57/0x9c0
[  340.718847][T12035]  path_mount+0xbfb/0x1f10
[  340.720019][T12035]  ? kmem_cache_free+0x152/0x4b0
[  340.721334][T12035]  ? __pfx_path_mount+0x10/0x10
[  340.722610][T12035]  ? putname+0x12e/0x170
[  340.723728][T12035]  __ia32_sys_mount+0x292/0x310
[  340.725010][T12035]  ? __pfx___ia32_sys_mount+0x10/0x10
[  340.726413][T12035]  ? rcu_is_watching+0x12/0xc0
[  340.727688][T12035]  __do_fast_syscall_32+0x73/0x120
[  340.729040][T12035]  do_fast_syscall_32+0x32/0x80
[  340.730321][T12035]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  340.731973][T12035] RIP: 0023:0xf746e579
[  340.733044][T12035] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  340.738023][T12035] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  340.740185][T12035] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  340.742232][T12035] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  340.744288][T12035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  340.746333][T12035] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  340.748395][T12035] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  340.750451][T12035]  </TASK>
[  340.816204][   T39] kauditd_printk_skb: 65 callbacks suppressed
[  340.816216][   T39] audit: type=1326 audit(1729495685.471:84921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  340.824593][   T39] audit: type=1326 audit(1729495685.471:84922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  340.936104][   T39] audit: type=1326 audit(1729495685.581:84923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  340.941655][   T39] audit: type=1326 audit(1729495685.581:84924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  340.952978][   T39] audit: type=1326 audit(1729495685.581:84925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  340.958676][   T39] audit: type=1326 audit(1729495685.581:84926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  340.965594][   T39] audit: type=1326 audit(1729495685.581:84927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  340.981357][   T39] audit: type=1326 audit(1729495685.581:84928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  340.993823][   T39] audit: type=1326 audit(1729495685.581:84929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  341.006215][   T39] audit: type=1326 audit(1729495685.581:84930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12036 comm="syz.1.1608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  341.833414][T12053] netlink: 'syz.3.1614': attribute type 25 has an invalid length.
[  342.183146][T12064] FAULT_INJECTION: forcing a failure.
[  342.183146][T12064] name failslab, interval 1, probability 0, space 0, times 0
[  342.195197][T12064] CPU: 3 UID: 0 PID: 12064 Comm: syz.0.1618 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  342.198019][T12064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  342.200848][T12064] Call Trace:
[  342.201723][T12064]  <TASK>
[  342.202500][T12064]  dump_stack_lvl+0x16c/0x1f0
[  342.203738][T12064]  should_fail_ex+0x497/0x5b0
[  342.204979][T12064]  ? fs_reclaim_acquire+0xae/0x150
[  342.206308][T12064]  should_failslab+0xc2/0x120
[  342.207535][T12064]  __kmalloc_cache_noprof+0x6b/0x310
[  342.208917][T12064]  ? ovl_init_fs_context+0x52/0x5d0
[  342.210268][T12064]  ovl_init_fs_context+0x52/0x5d0
[  342.211598][T12064]  ? __pfx_ovl_init_fs_context+0x10/0x10
[  342.213082][T12064]  alloc_fs_context+0x54a/0x9c0
[  342.214285][T12064]  path_mount+0xbfb/0x1f10
[  342.215442][T12064]  ? kmem_cache_free+0x152/0x4b0
[  342.216736][T12064]  ? __pfx_path_mount+0x10/0x10
[  342.217997][T12064]  ? putname+0x12e/0x170
[  342.219105][T12064]  __ia32_sys_mount+0x292/0x310
[  342.220489][T12064]  ? __pfx___ia32_sys_mount+0x10/0x10
[  342.221938][T12064]  __do_fast_syscall_32+0x73/0x120
[  342.223278][T12064]  do_fast_syscall_32+0x32/0x80
[  342.224559][T12064]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  342.226197][T12064] RIP: 0023:0xf746e579
[  342.227265][T12064] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  342.232243][T12064] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  342.234369][T12064] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  342.236388][T12064] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  342.238397][T12064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  342.240425][T12064] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  342.242510][T12064] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  342.244530][T12064]  </TASK>
[  342.445225][T12072] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  342.462062][T12072] overlayfs: disabling nfs_export due to verity=require
[  342.463848][T12072] overlayfs: missing 'lowerdir'
[  342.688670][T12078] FAULT_INJECTION: forcing a failure.
[  342.688670][T12078] name failslab, interval 1, probability 0, space 0, times 0
[  342.692060][T12078] CPU: 3 UID: 0 PID: 12078 Comm: syz.3.1621 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  342.694822][T12078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  342.697702][T12078] Call Trace:
[  342.698584][T12078]  <TASK>
[  342.699364][T12078]  dump_stack_lvl+0x16c/0x1f0
[  342.700622][T12078]  should_fail_ex+0x497/0x5b0
[  342.701865][T12078]  should_failslab+0xc2/0x120
[  342.703107][T12078]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  342.704518][T12078]  ? dst_alloc+0x99/0x1a0
[  342.705654][T12078]  dst_alloc+0x99/0x1a0
[  342.706751][T12078]  rt_dst_alloc+0x35/0x3a0
[  342.707926][T12078]  ip_route_output_key_hash_rcu+0x8a5/0x2770
[  342.709509][T12078]  ip_route_output_key_hash+0x138/0x2e0
[  342.710957][T12078]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  342.712586][T12078]  ? __pfx_lock_release+0x10/0x10
[  342.713912][T12078]  ? trace_lock_acquire+0x14a/0x1d0
[  342.715230][T12078]  ? mark_lock+0xb5/0xc60
[  342.716330][T12078]  ? lockdep_hardirqs_on+0x7c/0x110
[  342.717706][T12078]  ip_route_output_flow+0x27/0x150
[  342.719050][T12078]  raw_sendmsg+0xc53/0x3ad0
[  342.720181][T12078]  ? hlock_class+0x4e/0x130
[  342.721351][T12078]  ? __pfx_raw_sendmsg+0x10/0x10
[  342.722652][T12078]  ? hlock_class+0x4e/0x130
[  342.723848][T12078]  ? __lock_acquire+0x163e/0x3ce0
[  342.725185][T12078]  ? __pfx___might_resched+0x10/0x10
[  342.726565][T12078]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  342.728125][T12078]  ? __pfx_aa_sk_perm+0x10/0x10
[  342.729413][T12078]  ? __import_iovec+0x1fd/0x6e0
[  342.730706][T12078]  ? __pfx_raw_sendmsg+0x10/0x10
[  342.732026][T12078]  ? inet_sendmsg+0x119/0x140
[  342.733265][T12078]  inet_sendmsg+0x119/0x140
[  342.734468][T12078]  ____sys_sendmsg+0x907/0xb40
[  342.735723][T12078]  ? __pfx_____sys_sendmsg+0x10/0x10
[  342.737116][T12078]  ? get_compat_msghdr+0x11b/0x170
[  342.738464][T12078]  ? __pfx___lock_acquire+0x10/0x10
[  342.739828][T12078]  ___sys_sendmsg+0x135/0x1e0
[  342.741080][T12078]  ? __pfx____sys_sendmsg+0x10/0x10
[  342.742454][T12078]  ? lock_acquire+0x2f/0xb0
[  342.743654][T12078]  ? __fget_files+0x40/0x3f0
[  342.744884][T12078]  ? __pfx___might_resched+0x10/0x10
[  342.746270][T12078]  ? fdget+0x176/0x210
[  342.747347][T12078]  __sys_sendmmsg+0x2a5/0x450
[  342.748592][T12078]  ? __pfx___sys_sendmmsg+0x10/0x10
[  342.749951][T12078]  ? vfs_write+0x14d/0x1140
[  342.751154][T12078]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  342.752742][T12078]  ? fput+0x30/0x390
[  342.753779][T12078]  ? ksys_write+0x1ad/0x260
[  342.754974][T12078]  ? __pfx_ksys_write+0x10/0x10
[  342.756262][T12078]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  342.757718][T12078]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  342.759434][T12078]  __do_fast_syscall_32+0x73/0x120
[  342.760776][T12078]  do_fast_syscall_32+0x32/0x80
[  342.762055][T12078]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  342.763700][T12078] RIP: 0023:0xf7f4f579
[  342.764778][T12078] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  342.769725][T12078] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  342.771883][T12078] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020005240
[  342.773953][T12078] RDX: 0000000000000300 RSI: 000000000401eb94 RDI: 0000000000000000
[  342.776011][T12078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  342.778089][T12078] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  342.780147][T12078] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  342.782215][T12078]  </TASK>
[  343.823842][T12086] 9pnet_fd: p9_fd_create_tcp (12086): problem connecting socket to 127.0.0.1
[  344.370391][T12097] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1626'.
[  344.372868][T12097] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  344.637953][T12099] FAULT_INJECTION: forcing a failure.
[  344.637953][T12099] name failslab, interval 1, probability 0, space 0, times 0
[  344.641257][T12099] CPU: 2 UID: 0 PID: 12099 Comm: syz.1.1627 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  344.644015][T12099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  344.646786][T12099] Call Trace:
[  344.647662][T12099]  <TASK>
[  344.648619][T12099]  dump_stack_lvl+0x16c/0x1f0
[  344.650228][T12099]  should_fail_ex+0x497/0x5b0
[  344.651455][T12099]  ? fs_reclaim_acquire+0xae/0x150
[  344.652825][T12099]  should_failslab+0xc2/0x120
[  344.654371][T12099]  __kmalloc_cache_noprof+0x6b/0x310
[  344.655741][T12099]  ? ovl_init_fs_context+0x96/0x5d0
[  344.657123][T12099]  ? kasan_save_track+0x14/0x30
[  344.658518][T12099]  ovl_init_fs_context+0x96/0x5d0
[  344.659924][T12099]  ? __pfx_ovl_init_fs_context+0x10/0x10
[  344.661395][T12099]  alloc_fs_context+0x54a/0x9c0
[  344.662672][T12099]  path_mount+0xbfb/0x1f10
[  344.663845][T12099]  ? kmem_cache_free+0x152/0x4b0
[  344.665173][T12099]  ? __pfx_path_mount+0x10/0x10
[  344.666458][T12099]  ? putname+0x12e/0x170
[  344.667581][T12099]  __ia32_sys_mount+0x292/0x310
[  344.668945][T12099]  ? __pfx___ia32_sys_mount+0x10/0x10
[  344.670339][T12099]  __do_fast_syscall_32+0x73/0x120
[  344.671664][T12099]  do_fast_syscall_32+0x32/0x80
[  344.672957][T12099]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  344.674600][T12099] RIP: 0023:0xf73de579
[  344.675663][T12099] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  344.680708][T12099] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  344.682855][T12099] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  344.684990][T12099] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  344.687805][T12099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  344.690594][T12099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  344.693348][T12099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  344.695390][T12099]  </TASK>
[  344.770715][T12102] overlayfs: disabling nfs_export due to verity=require
[  344.772542][T12102] overlayfs: missing 'lowerdir'
[  345.292815][T12127] FAULT_INJECTION: forcing a failure.
[  345.292815][T12127] name failslab, interval 1, probability 0, space 0, times 0
[  345.296549][T12127] CPU: 2 UID: 0 PID: 12127 Comm: syz.1.1637 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  345.299809][T12127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  345.302970][T12127] Call Trace:
[  345.303834][T12127]  <TASK>
[  345.304613][T12127]  dump_stack_lvl+0x16c/0x1f0
[  345.305924][T12127]  should_fail_ex+0x497/0x5b0
[  345.307156][T12127]  ? fs_reclaim_acquire+0xae/0x150
[  345.308566][T12127]  should_failslab+0xc2/0x120
[  345.309953][T12127]  __kmalloc_cache_noprof+0x6b/0x310
[  345.311287][T12127]  ? ovl_init_fs_context+0x11f/0x5d0
[  345.312671][T12127]  ? kasan_save_track+0x14/0x30
[  345.313897][T12127]  ovl_init_fs_context+0x11f/0x5d0
[  345.315147][T12127]  ? __pfx_ovl_init_fs_context+0x10/0x10
[  345.316603][T12127]  alloc_fs_context+0x54a/0x9c0
[  345.317805][T12127]  path_mount+0xbfb/0x1f10
[  345.319287][T12127]  ? kmem_cache_free+0x152/0x4b0
[  345.321077][T12127]  ? __pfx_path_mount+0x10/0x10
[  345.322500][T12127]  ? putname+0x12e/0x170
[  345.323613][T12127]  __ia32_sys_mount+0x292/0x310
[  345.324941][T12127]  ? __pfx___ia32_sys_mount+0x10/0x10
[  345.326332][T12127]  __do_fast_syscall_32+0x73/0x120
[  345.327669][T12127]  do_fast_syscall_32+0x32/0x80
[  345.329306][T12127]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  345.331149][T12127] RIP: 0023:0xf73de579
[  345.332290][T12127] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  345.337273][T12127] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  345.339619][T12127] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  345.341749][T12127] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  345.343806][T12127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  345.345873][T12127] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  345.347922][T12127] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  345.350008][T12127]  </TASK>
[  346.197056][T12135] overlayfs: disabling nfs_export due to verity=require
[  346.198895][T12135] overlayfs: missing 'lowerdir'
[  348.532389][T12155] FAULT_INJECTION: forcing a failure.
[  348.532389][T12155] name failslab, interval 1, probability 0, space 0, times 0
[  348.537310][T12155] CPU: 3 UID: 0 PID: 12155 Comm: syz.2.1646 Not tainted 6.12.0-rc3-syzkaller-00454-gdb87114dcf13 #0
[  348.540127][T12155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  348.542891][T12155] Call Trace:
[  348.543769][T12155]  <TASK>
[  348.544558][T12155]  dump_stack_lvl+0x16c/0x1f0
[  348.545803][T12155]  should_fail_ex+0x497/0x5b0
[  348.547067][T12155]  ? fs_reclaim_acquire+0xae/0x150
[  348.548420][T12155]  should_failslab+0xc2/0x120
[  348.549659][T12155]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[  348.551310][T12155]  ? vfs_parse_fs_string+0xc4/0x150
[  348.552694][T12155]  kmemdup_nul+0x34/0xb0
[  348.553813][T12155]  vfs_parse_fs_string+0xc4/0x150
[  348.555130][T12155]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  348.557456][T12155]  ? ovl_next_opt+0x143/0x1c0
[  348.558702][T12155]  ? __pfx_ovl_next_opt+0x10/0x10
[  348.560043][T12155]  vfs_parse_monolithic_sep+0x171/0x1f0
[  348.561496][T12155]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  348.563186][T12155]  ? alloc_fs_context+0x59b/0x9c0
[  348.564693][T12155]  path_mount+0x69a/0x1f10
[  348.565863][T12155]  ? kmem_cache_free+0x152/0x4b0
[  348.567822][T12155]  ? __pfx_path_mount+0x10/0x10
[  348.569303][T12155]  ? putname+0x12e/0x170
[  348.570418][T12155]  __ia32_sys_mount+0x292/0x310
[  348.572601][T12155]  ? __pfx___ia32_sys_mount+0x10/0x10
[  348.574001][T12155]  __do_fast_syscall_32+0x73/0x120
[  348.576228][T12155]  do_fast_syscall_32+0x32/0x80
[  348.578123][T12155]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  348.580191][T12155] RIP: 0023:0xf7f71579
[  348.581262][T12155] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  348.586241][T12155] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  348.588421][T12155] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000100
[  348.590461][T12155] RDX: 0000000020000000 RSI: 0000000000000040 RDI: 0000000020000400
[  348.592563][T12155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  348.594612][T12155] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  348.596679][T12155] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  348.598689][T12155]  </TASK>
[  348.752302][   T39] kauditd_printk_skb: 66 callbacks suppressed
[  348.752311][   T39] audit: type=1326 audit(1729495693.411:84997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  348.761919][   T39] audit: type=1326 audit(1729495693.421:84998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  348.771236][   T39] audit: type=1326 audit(1729495693.431:84999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  348.780386][   T39] audit: type=1326 audit(1729495693.441:85000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  348.791058][   T39] audit: type=1326 audit(1729495693.441:85001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  348.796850][   T39] audit: type=1326 audit(1729495693.451:85002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  348.802619][   T39] audit: type=1326 audit(1729495693.451:85003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  348.808342][   T39] audit: type=1326 audit(1729495693.451:85004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  348.816186][   T39] audit: type=1326 audit(1729495693.451:85005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  348.840158][   T39] audit: type=1326 audit(1729495693.451:85006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12156 comm="syz.2.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  353.449194][   T67] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  353.458069][   T67] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  353.462650][   T67] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  353.466514][   T67] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  353.476201][   T67] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  353.496617][   T67] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  353.748134][T12180] chnl_net:caif_netlink_parms(): no params data found
[  354.015199][T12180] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.026289][T12180] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.028329][T12180] bridge_slave_0: entered allmulticast mode
[  354.030860][T12180] bridge_slave_0: entered promiscuous mode
[  354.044539][T12180] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.053689][T12180] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.064007][T12180] bridge_slave_1: entered allmulticast mode
[  354.075711][T12180] bridge_slave_1: entered promiscuous mode
[  354.248951][T12180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  354.266422][T12180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.358645][T12180] team0: Port device team_slave_0 added
[  354.371577][T12180] team0: Port device team_slave_1 added
[  354.417169][T12180] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.419505][T12180] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.429275][T12180] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.438783][T12180] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.447013][T12180] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.467069][T12180] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.557102][T12180] hsr_slave_0: entered promiscuous mode
[  354.561169][T12180] hsr_slave_1: entered promiscuous mode
[  354.568942][T12180] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  354.571101][T12180] Cannot create hsr debugfs directory
[  355.536471][ T5356] Bluetooth: hci8: command tx timeout
[  355.844696][   T67] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  355.866242][   T67] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  355.886374][   T67] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  355.916150][   T67] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  355.926395][   T67] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  355.936244][   T67] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  357.616317][   T67] Bluetooth: hci8: command tx timeout
[  358.026259][   T67] Bluetooth: hci9: command tx timeout
SYZFAIL: bad allocate request
allocated=0 size=4294966787/4294966792 (errno 9: Bad file descriptor)
[  359.696165][   T67] Bluetooth: hci8: command tx timeout
[  360.106170][   T67] Bluetooth: hci9: command tx timeout
[  360.727508][T12180] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  360.750880][T12180] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.776179][   T67] Bluetooth: hci8: command tx timeout
[  368.326393][T12180] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  368.329089][T12180] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0

VM DIAGNOSIS:
07:28:23  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000001 RBX=ffff888065367540 RCX=ffffffff893f0e25 RDX=ffff88801b740000
RSI=ffffffff893f0eea RDI=0000000000000007 RBP=ffff888050db9140 RSP=ffffc900004278b0
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff88806f5ce003 R13=ffffc90000427980 R14=ffff88802592d640 R15=0000000000000000
RIP=ffffffff893f7c1d RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000000db7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000fff Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0bfdc457bd750bbd 58e9f50bdc4fa51f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f116fd9cdc56bf4d baccbd0334b42778
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d0a8212491ab079a e2258e274eb38f85
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5764eb5bc9a2e29d 9800000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c200000000000000 0000000000000001
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001020304050607 08090a0b0c0d0e0f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cda419f600000000 0000008900000001
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8b08fbc7b6d2a337 3c9896281f29c1b8
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8a69b7d80b612c0f 36fd52ff68568ecc
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 45a611187c950d8b ecb7d19d15bb3f62
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4394c6daa001fd7b eefd8a2beca3c601
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cda419f600000000 0000008900000008
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8779fc74e77d77ee c37ed04c7b3ddee3
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d51d6d828f7c7c0 5462ca4bb8d51bd6
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8a69b7d80b612c0f 36fd52ff68568ecc
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c200000000000000 0000000000000001 c200000000000000 0000000000000001
info registers vcpu 1

CPU#1
RAX=1ffff110056a80aa RBX=dffffc0000000000 RCX=ffffffff88f13874 RDX=ffff8880295ca440
RSI=ffffffff88f1389f RDI=0000000000000005 RBP=ffff88802b540550 RSP=ffffc90000598c80
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff88802b5405d0 R13=ffff88802b540748 R14=ffff8880295ca440 R15=000000000000003c
RIP=ffffffff818cb85c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020029000 CR3=000000002b188000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcc0ff00 Opmask01=000000000000007f Opmask02=00000000fffeff7f Opmask03=8200002022100080
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 003d45444f4d5645 44003d524f4e494d
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdf4155400 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 00ff000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d16769ccd50e1555 7373269daebafc05
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737142 7373737373737373
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 722f766564752f62 696c2f7273752f00 534b4e494c564544 00454d414e564544
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4a414d003d454d 414e564544003d58 45444e494649003d 4550595456454400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4a414d0018454d 414e564544001858 45444e4946490018 4550595456454400
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000003130323a 396963682f396963 682f68746f6f7465 756c622f6c617574
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd26b851b30 000055eeddc9283e 0000000000000021 0000000000000032
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 000055eb837459e0 0000000000000200 307761726469682f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffffea0000035ac0 RCX=ffffffff81db8c70 RDX=ffff888021194880
RSI=0000000000000000 RDI=0000000000000007 RBP=ffffea0000035ac0 RSP=ffffc900234af5f8
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000001 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81db8c70 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f76e40 CR3=000000000db7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f740bff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000000 RBX=0000000000000000 RCX=1ffff110043a416a RDX=1ffff110043a416d
RSI=0000000000000022 RDI=ffff888021d20b60 RBP=0000000000000000 RSP=ffffc9000342f368
R8 =0000000000000000 R9 =0000000000000000 R10=000000000000000f R11=0000000000000002
R12=ffffffff8ddb7840 R13=ffff888021d20b58 R14=0000000000000022 R15=ffff888021d20000
RIP=ffffffff8169f491 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc7daa92d00 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005638bf2eb1c8 CR3=0000000000336000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000ffff3f01 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=6b3c334a6b3c334a 6b3c334a6b3c334a 6b3c334a6b3c334a 6b3c334a6b3c334a 6b3c334a6b3c334a 6b3c334a6b3c334a 6b3c334a6b3c334a 6b3c334a6b3c334a
ZMM22=bdabf597bdabf597 bdabf597bdabf597 bdabf597bdabf597 bdabf597bdabf597 bdabf597bdabf597 bdabf597bdabf597 bdabf597bdabf597 bdabf597bdabf597
ZMM23=cf203624cf203624 cf203624cf203624 cf203624cf203624 cf203624cf203624 cf203624cf203624 cf203624cf203624 cf203624cf203624 cf203624cf203624
ZMM24=d994c9ebd994c9eb d994c9ebd994c9eb d994c9ebd994c9eb d994c9ebd994c9eb d994c9ebd994c9eb d994c9ebd994c9eb d994c9ebd994c9eb d994c9ebd994c9eb
ZMM25=39775f4f39775f4f 39775f4f39775f4f 39775f4f39775f4f 39775f4f39775f4f 39775f4f39775f4f 39775f4f39775f4f 39775f4f39775f4f 39775f4f39775f4f
ZMM26=8b2689198b268919 8b2689198b268919 8b2689198b268919 8b2689198b268919 8b2689198b268919 8b2689198b268919 8b2689198b268919 8b2689198b268919
ZMM27=5216a6c15216a6c1 5216a6c15216a6c1 5216a6c15216a6c1 5216a6c15216a6c1 5216a6c15216a6c1 5216a6c15216a6c1 5216a6c15216a6c1 5216a6c15216a6c1
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=1f1200001f120000 1f1200001f120000 1f1200001f120000 1f1200001f120000 1f1200001f120000 1f1200001f120000 1f1200001f120000 1f1200001f120000