last executing test programs:

7.494044993s ago: executing program 2 (id=2435):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0x1002, 0x4, 0x3d8, 0xe0, 0xf802, 0xe0, 0x2f8, 0x2f8, 0x2f8, 0x4, 0x0, {[{{@uncond, 0xbc, 0xe0}, @unspec=@STANDARD={0x24, '\x00', 0x0, 0xff00}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@multicast, @rand_addr=0x64010102, @rand_addr=0x64010101, 0x4, 0x1}}}, {{@arp={@remote, @remote, 0xff000000, 0x80800000, 0x6, 0x4, {@mac=@multicast, {[0x0, 0x0, 0x0, 0x0, 0xff, 0xff]}}, {@mac=@local, {[0x0, 0xff, 0x0, 0xff, 0x0, 0xff]}}, 0x6, 0x81, 0x1, 0x1, 0xd13, 0xe106, 'pimreg1\x00', 'veth1_virt_wifi\x00', {0xff}, {0xff}, 0x0, 0x19}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private=0xa010102, @broadcast}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x424)

7.493787058s ago: executing program 2 (id=2436):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x4}) (async)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000500)={0x0, 0x1, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0})

7.418667391s ago: executing program 2 (id=2437):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0xdc3, 0x0)
syz_usb_disconnect(r0)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000040))
syz_open_procfs(0x0, &(0x7f0000000600)='fd/4\x00')

4.380240174s ago: executing program 2 (id=2456):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
open_tree(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x1, 0xffffffff)
r1 = socket$inet_sctp(0x2, 0x0, 0x84)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000040)={0x6, [0x311, 0x7, 0xbb, 0x5, 0x4, 0x98]}, &(0x7f0000000180)=0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x40000000000ead}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000300))
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$SNDCTL_SEQ_NRSYNTHS(r3, 0xc004510e, &(0x7f0000001280))
r4 = io_uring_setup(0x5, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = dup(r5)
bind$bt_l2cap(r6, 0x0, 0x0)
listen(r6, 0x0)
accept4$vsock_stream(r6, 0x0, 0x58, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000200)={'ah\x00'}, &(0x7f0000000240)=0x1e)
shutdown(r6, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder1\x00', 0x800, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000001640)=0x4f1d, 0x4)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x20004000)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs={0x40086303}], 0x0, 0x0, 0x0})

2.678690521s ago: executing program 2 (id=2470):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000850600000080ff6122314a00", @ANYRES32=r0, @ANYRESOCT=0x0], 0x3c}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x2, 0x0)
ptrace$poke(0x5, 0x0, 0x0, 0x440081f)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={<r2=>0x0}, &(0x7f00000001c0)=0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={r2, 0xffffffffffffffff, 0x0, 0xc7, &(0x7f00000003c0)='Jvev/fus\x1a\xb4Xf1\\\\q\x03\xe99\x05\x17 \xa9\xa2\xb1\x9f\x1d\x18\x81\xc6\x0e\x95\x912\x9bLc\xc2qh>\xe8\xf5\xc8\'}W\xbb\n\xf2`\x0f\xa2\xcfG\xe1NE\xee\x9f\t\x85\x9d(]U\x9f|\t3\xe5\x83fi\x9d$\xc6\xcb\xe0>\xf2\x94\xa8\x87\x7f,\x88\x13\xb6\"{\xf58\x9e\xe6\xa1\xf2:,\xdb\xe6\xc6=\v&\x8dp)>b\xa66\xcd\xc88\xf3;\xb6\xbe\xd7\x17\x85\xa9\xaay\xcf6\xeb\x03]\x13\xc1\xa5\x99\x1ft\xcb\xea\xea\xfd>\xba\x06OOD\x027\xbd;W\x8d\x1d\xfeJLV\xc5\x12\xff\xdc\x1a!\xbd\xce\xfa\x90\xd4\xe3_\x88\xbfp_\xe5\xeep\xad\xcb\xf8\xaaj\xeb\xaa\x0f\xff\x81\xe7\xc6R@\xfb\x14\xceQ\x86~\xafb'}, 0x30)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r3)
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088010000c800c000b80080009002a1455010dccbb4e5581aabd4437a866f367f6e8426423b8f8b9a3af56eab482f33930cf1bb07d28bb4c9eb01b13febef402322fdb3e66edc27c7b3e677120d41bd27bb59f9b7cfba120b38a83449fe6af33a4981bdb9666029d3e314776e6f250d36c93f30565d320ad6be702ec6a6368b19b690b336212652c2d552063c4ff7d596a827c0e"], 0x3c}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000600)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r7=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r6, 0xc03064b7, &(0x7f0000000480)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r6, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000300)=[0x0, 0x0], &(0x7f0000000200), 0x2, r7})
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000000000)=""/107, 0x6b}], 0x1)
read$char_usb(0xffffffffffffffff, &(0x7f0000001840)=""/4090, 0xffa)

2.419513006s ago: executing program 1 (id=2474):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
accept4$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14, 0x800)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB], 0x1c}}, 0x0)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000380)={0x4c, r2, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x1}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x27}, @IEEE802154_ATTR_COORD_REALIGN={0x5}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0xff}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0xffff}, @IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x24004040)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000ebffff054d564b"])
read$msr(r3, 0x0, 0x0)
userfaultfd(0x80801)
r8 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r8, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r8, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000440)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x58, r10, 0x1, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_FRAME={0x35, 0x33, @beacon={{{}, {}, @device_b}, 0x0, @random=0xd, 0x0, @void, @val, @val={0x3, 0x1}, @val={0x4, 0x6}, @void, @void, @void, @void, @void, @void, @void, @void, @void}}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x58}, 0x1, 0x0, 0x0, 0x8040}, 0x4)

2.259902263s ago: executing program 1 (id=2475):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
r1 = fsopen(&(0x7f0000000180)='btrfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x0, @rand_addr=0x64010101}]}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e05002720"], 0x8)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x143941)
r2 = syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x0, 0x10100}, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000dc0)={<r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r5, 0x1, 0x4c, &(0x7f0000000300), 0xd)
recvmmsg(r5, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000003c80)=""/204, 0xcc}], 0x1}, 0x7}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=""/39, 0x27}, 0x7}], 0x2, 0x40000060, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r2, 0x7a98, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(0x0, 0x7)
r6 = openat$vcsa(0xffffffffffffff9c, 0x0, 0xe7fd936cd574bc22, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r6, 0x84, 0x70, &(0x7f00000007c0)={0x0, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, [0x7fffffff, 0x7, 0x555, 0xf351, 0x9, 0x7, 0x1, 0x1, 0x6, 0x4, 0x4, 0x80, 0x2, 0x10001, 0xffffffffffffff00]}, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x40000110)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, 0xffffffffffffffff)
fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs(r8, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r9, 0xc0506617, &(0x7f0000000280)={@desc={0x1, 0x0, @auto="9b29fbb99cd27021"}})

2.259457752s ago: executing program 1 (id=2476):
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="2100000000000000000000000000180000040000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000001700"/28], 0x48)

2.177638002s ago: executing program 1 (id=2477):
socket$key(0xf, 0x3, 0x2)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmsg(r0, &(0x7f0000000200)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, 0x0}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={<r1=>0xffffffffffffffff, 0x3, 0x6, 0xffffffffffffffaf})
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00'})
sendmsg$nl_route(r2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newnexthop={0x21c, 0x68, 0x10, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x1, 0x0, 0x12}, [@NHA_ENCAP={0x158, 0x8, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x154, 0x1, {{0x2, {0x2f, 0xa, 0x4, 0x5, 0x40, 0x10, 0x9, [@private1, @ipv4={'\x00', '\xff\xff', @empty}, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0]}}, [@mcast1, @local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}, @private1, @loopback, @dev={0xfe, 0x80, '\x00', 0xc}, @ipv4={'\x00', '\xff\xff', @broadcast}, @dev={0xfe, 0x80, '\x00', 0x14}, @local, @local, @private1, @private1, @ipv4={'\x00', '\xff\xff', @multicast2}, @local]}}}, @NHA_ENCAP={0x50, 0x8, 0x0, 0x1, @RPL_IPTUNNEL_SRH={0x4c, 0x1, {0x7f, 0x48, 0x1, 0x8, 0x80000000, [@private0={0xfc, 0x0, '\x00', 0x1}, @private2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1]}}}, @NHA_FDB={0x4}, @NHA_FDB={0x4}, @NHA_GROUP={0x4c, 0x2, [{0x1, 0x2e}, {0x0, 0x4}, {0x0, 0x6}, {0x0, 0x2}, {0x2, 0xfe}, {0x1, 0xf}, {0x2, 0x9}, {0x2, 0x1}, {0x2, 0x6}]}, @NHA_OIF={0x8}]}, 0x21c}}, 0x0)
r3 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r3, 0x0, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000000c0), 0x10)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4", 0x15}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100)}}], 0x2, 0x0)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x14, r5, 0x2}, 0x14}, 0x1, 0x620b}, 0xc800)
sendmsg$L2TP_CMD_SESSION_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB], 0x28}}, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
r6 = inotify_init1(0x0)
r7 = inotify_init()
inotify_add_watch(r7, &(0x7f0000000040)='./control\x00', 0x5000410)
inotify_add_watch(r6, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000440), 0xc, 0x0}, 0x44000)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000100))
lsm_set_self_attr(0x65, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00'/32], 0x20, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x88, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bridge_slave_1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'team0\x00'}}]}, 0x88}}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)

2.176889941s ago: executing program 1 (id=2478):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
open_tree(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x1, 0xffffffff)
r1 = socket$inet_sctp(0x2, 0x0, 0x84)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000040)={0x6, [0x311, 0x7, 0xbb, 0x5, 0x4, 0x98]}, &(0x7f0000000180)=0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x40000000000ead}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000300))
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$SNDCTL_SEQ_NRSYNTHS(r3, 0xc004510e, &(0x7f0000001280))
r4 = io_uring_setup(0x5, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = dup(r5)
bind$bt_l2cap(r6, 0x0, 0x0)
listen(r6, 0x0)
accept4$vsock_stream(r6, 0x0, 0x58, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000200)={'ah\x00'}, &(0x7f0000000240)=0x1e)
shutdown(r6, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder1\x00', 0x800, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000001640)=0x4f1d, 0x4)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x20004000)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs={0x40086303}], 0x0, 0x0, 0x0})

2.05922799s ago: executing program 0 (id=2479):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newtaction={0xb4, 0x30, 0x1, 0x0, 0x0, {}, [{0xa0, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x30, 0x3, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0xb4}}, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000001ac0), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0xc1105511, &(0x7f0000000040))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
r5 = socket$alg(0x26, 0x5, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002000000085000000070000009500000000000000"], 0x0, 0x4, 0xc0, &(0x7f0000002380)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000680)="e0b9547ed387dbe9abc89b6f5bff", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000140)="c4145406f50add1f489e239b0a33e044174ac81c0ad60a59d613fd448b6694065ce5aac58424c9a2c04b1100987d44ee92025755f9cf589a8e", 0x39)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000000)={0x1000, 0x101000, 0x1})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x10012, r7, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000180)={0x3, 0x0, [{0x858, 0x0, 0x3}, {0xb91, 0x0, 0x1}, {0x85f, 0x0, 0x4}]})
write(0xffffffffffffffff, &(0x7f0000000040)="05000000010000", 0x7)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='bridge0\x00', 0x10)

1.709944185s ago: executing program 0 (id=2480):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000340)='mountstats\x00')
read$FUSE(r3, &(0x7f000000c1c0)={0x2020}, 0x2020)

1.40941543s ago: executing program 2 (id=2481):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x6}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x1, 0x34324152, 0x0, 0x0, [{0x3}, {}, {0x1}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sndseq(0xffffff9c, &(0x7f00000005c0), 0x800)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
connect$inet(r2, &(0x7f0000000400)={0x2, 0x4e21, @remote}, 0x10)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r5, &(0x7f0000000040)="05000000010000", 0x7)

998.737197ms ago: executing program 3 (id=2483):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
accept4$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14, 0x800)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB], 0x1c}}, 0x0)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000380)={0x4c, r2, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x1}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x27}, @IEEE802154_ATTR_COORD_REALIGN={0x5}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0xff}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0xffff}, @IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x24004040)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000ebffff054d564b"])
read$msr(r3, 0x0, 0x0)
userfaultfd(0x80801)
r8 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r8, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r8, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000440)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x58, r10, 0x1, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_FRAME={0x35, 0x33, @beacon={{{}, {}, @device_b}, 0x0, @random=0xd, 0x0, @void, @val, @val={0x3, 0x1}, @val={0x4, 0x6}, @void, @void, @void, @void, @void, @void, @void, @void, @void}}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x58}, 0x1, 0x0, 0x0, 0x8040}, 0x4)

796.439428ms ago: executing program 0 (id=2484):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
lseek(r2, 0x851, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r3, 0x6, 0x19, 0x0, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000003a80)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e24, @loopback}, 0x80, 0x0}}], 0x1, 0x40000a4)

796.031172ms ago: executing program 0 (id=2485):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
r1 = fsopen(&(0x7f0000000180)='btrfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x0, @rand_addr=0x64010101}]}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e05002720"], 0x8)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x143941)
r2 = syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x0, 0x10100}, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000dc0)={<r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r5, 0x1, 0x4c, &(0x7f0000000300), 0xd)
recvmmsg(r5, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000003c80)=""/204, 0xcc}], 0x1}, 0x7}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=""/39, 0x27}, 0x7}], 0x2, 0x40000060, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r2, 0x7a98, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(0x0, 0x7)
r6 = openat$vcsa(0xffffffffffffff9c, 0x0, 0xe7fd936cd574bc22, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r6, 0x84, 0x70, &(0x7f00000007c0)={0x0, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, [0x7fffffff, 0x7, 0x555, 0xf351, 0x9, 0x7, 0x1, 0x1, 0x6, 0x4, 0x4, 0x80, 0x2, 0x10001, 0xffffffffffffff00]}, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x40000110)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, 0xffffffffffffffff)
fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs(r8, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r9, 0xc0506617, &(0x7f0000000280)={@desc={0x1, 0x0, @auto="9b29fbb99cd27021"}})

746.304699ms ago: executing program 3 (id=2486):
bpf$MAP_CREATE(0x0, 0x0, 0x48)

745.508036ms ago: executing program 0 (id=2487):
r0 = socket$xdp(0x2c, 0x3, 0x0)
sendmsg$inet(r0, &(0x7f0000001480)={&(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000180)}, {&(0x7f00000001c0)="bd424cb8ba2c9fd3bc5ebd2172317cae36a3ae15624ffe424e763e0d95178fc9862f5548ba0b787c1a77e79f46e23801800517c8e4e26192bb15f0ace29a70b1fdeb11747b3b23663a930109a313b87f74430e300304cc66d53503283e1c57f7441203135d160491dfd106a289d39c261ace55d7ed5db5375440e39c47dd75ef60b598a6ca0acb277d7bd79e68b6ab4207b8f004", 0x94}, {&(0x7f00000002c0)="9016fff4069bd1f2cbb522e8682dcaf77bd649c76e90bbef7b0aa0cd14b2b4c518f563da5e78543cfc27675a7d12108389ea11bdb4beb80b9729ed2ccb292fe9545bd02f6306452afd3a868aa4961231564492bd422bb03df99d7f85562c174ce3c39aeb76070b0dc8db6dc24ac9279181b5bd22e036eec468e50adde0cef3db09ed1195587aa54331c0efa7f4", 0x8d}, {&(0x7f0000000380)="83f7075b9e258b02109dc9f163a464932243da0f4d336becc0cc45c8d9ded51e4d12c54af4c641c18e94b70420ff2a84d03f5bd81881b709df7c619481a698f8bb833182404e75bbe64bbc331fcde128e8b683163c70101cd26d5ae525fad7440529b61451c09fa45519b38451f047df734b", 0x72}, {&(0x7f0000000400)="e7fbc2f893ef3e98a20bb842e5e4abcf6c025819bfbbf1a71d90a24de01339971bb3f7ed6fc0a0fda553fd1a8b2dea5674e4e7f00ede70643dfac4ea6343e43150762bb08d45b6e54654bb2206a154d603260aff414868c777b698917b25d7edb8ec12560dbc17a138de6b5be17774d70c8ea0f14d1d39f7e6d3ef21b2e0b06c1f19c30da43fd4696f0667a56679a1dbf9d393b29714b6276e8dee2caf97da17fde3ac7441197727075379f671411d5dc3717881d85c0f4e09341ed8598b42646bade10770cdb9852517f368b2a0ed942e7164eb79ec13926cb80d74f6a798bcd34f7f5ffa033ca862dc122bec82e9ec7173385befc4522a38feeaa21b2e48f322c6412e28b6da9f1f461ecdd00154b833ca980ad609df9f4d3bb1834cb00b284a44a1c0cf6bfef9600d946e000f6c208635184ad89dda3ee603bb50bb0ebf475701024478af6e8663310160bb560f9a5339df597a84c08c2e0dc24cddf61c5f77d13abdb307615d2a521511e5b821fe5513692466914502b2f5922a14ed0e9ec5385aca21367295c71636f567dddeebf3a9bd5a1fd69618fb2c499356a3723f5b7f2abfcae3f87ac15904f538bd60b685bf2e759cd39b2ce42933b0e435aa0368a0524675b466fc609f8c987e9dbd025312a255336a6a422f778f23d7ccad9b03f1bc76f9e41754c7df3b057b5245bd47d65f1d28eb67e10cf6fe5606fccf1d575e3405a1b79d31ff564cfd6766220e35e355d6e62cd6dac9a3175e28a91ad56f3caa146c6a8a853846f635b4cef05a9e062aed7d038bccda88f64bf2164bdd30a30885a5bec3d4152a09e506cf5f7fe6fc561cf8fd015ecd43a54d7d1f48f69615317249b81d6398e64fa73089c58862cfeafa78a4ae7fedcd9ff6251e4f3cb24d01d8e5078eea55af101d58ff438283ac2968a8919aaf908c009a394c0e2e611f594a9fd5bbdc6cb74f5034aa797665667e6c0832ab70315aea7f1b0fab18a297153c31b474d30a50851527590db69109929f64aeab4ccf4fc13e792f0adc1b171f479407d3da49961cf59d78a8a76f96a4538baf0b85e2b60beb9d566a42a1f34ba1379f126e3486ec6f98235a928fd0df0d62b006a7651d2fa588a9cb8dbc16ebc5a39fb2fcf1bc0cc9fe163d4846d42824017ffdf73d45baeddc4c8bc4a91d6624f0b9abeda8edb4e2cddc03bd5169fff749f8e8fbd300cd25134ec38246282b7ed2d29c20a5ec10764fd1d77bc02e20077c28586a9e4a699c583cb110cc038fb966779e0e8d823ca006913ed672ca97d975bf4674ee11ffcb2c17479a8485f0a1181618fde192ecbcf048e661674078d4cf6062eae92f032d46500af047a0233273698fd5c2476ccf373d0e012b0bbc7ccd76b626c99c7b990236f7d2efebd3b3d6d64473620645281c571afd86d9713f1d2a20cf07932a729810b804279a556e37832acddfe6ab43a9fd0cef02cf68e774d2ccf7976836d0a54226c233e21755c1c8ad6647f2b6ae4345ac1e9f5e6c1e300ee2e17380e0e396acb2413a034a210819d4c4d6794b363f2109d29a093b8f0f579bb8e4a743badf9df95b1b866fa0afe729e8521ffd348c355cf9659cff11aba9ac66c4bc4a381f69a647b86b438c7206ad90b1957f1d6b49964f17f7f00dbcf143789783cd2eb7526f6f797a503c9738945c9ff8f6059b8c972d97daa2e89f1975e64186df6adb393f7c7799b3c18decc3fbd139d734b60bd96cc0319a9cd721e87da3623d91ee8779c04e2ce4a1845c610cd5d9bad39946b97b7e18547b457186d5ff63a07e742a857c1cdf241015d9078d8757e35e1d12861d6aa6065ea1e2f45b27c966c6535415af87170c9a9be9a6d6481c7d5e2ab3f9b8ccc5827c046c157cb508302fdd4d22c836bfa6012503e92c7790767d5c3f5422d7de56d6d0139fb67be265e98da964aac6e5ab722f22c6cf3ed017dbde3930892cfb93d251b58f8f0581c585dd57c219105161a3b15da59e22d186494e5db1ec1be08f440c6ffeebd66c825b69f60e406d7d1be1c768deec654b669b0aba0fc0d878729a358034675c6d1d09545f0ede56c25974bb3b3a1ad351fc2f3bb2b500ab98a12feae55762453ad52f70681ca67050eb001375307500e00244232c5eec8be6065961cad1501dd5a5e6ebe0e13d016fba6c915d6f6767ec1f91c65b8cedbc95b3f37077c3f0bc8b8429af2703cebe8ed87ac731b8b6a393989e04615641ba4394d911520f6f73c3b680942185e9a4a078585348e07882fb304d87f84ba8a1a7fec42c45d3f0bfa2030f8d14447bbc2d4d8e59fbe07e9d26260ee69a98667a2ecd2044fb1a5e3875a1bc1e05fb636b4350549afe1bd681bc2f08cb897662787c6f91b1943f191f03b51df6019eebef6601975de034d46522a2c27d73c9a849a80c2b396221c393a806453904162b46481921825e68868659a1a93fb159747a56d4041e68a1ffd61e8a1c98e1f96d6bee241336987508f8c558407906b7339d615da8f157eec8f9cd0eb996929cd766db239e92f526714814db4172830e7817a35859850744b0ee4756faca05d804866f5741e03472942993bf3b358994c300582ab09cb0ae5c18e02587267d21a46d9fe51835725ee5492d974fc74d9d0401f81bbecad91edfdb2379a5770c746888c6b8139d33d25a47a20121211432ae21c38bee714e57084704ed7963fc49207e86c96909ebd1627ab6d3cb6f17bdc828eec054c1af7bd1dfb2ec0d56ee52ac221e7e95959bc0b7aa9580115c4b2376ca463cd2aafd97afb7ca0b2f6be21e8f8ef51a3b4eff326093ab83e57e698e4227da1a6ad611ed6e084cdf7f0102ca69c5dcf98662c306c4d05d68d97a49ce144dfa33308334834b747a21c236874624b0b9422411d04353145f691974a5537550d876581ec75d83de661e2fa18162643b70181395c0211701eb7692ad7f06839c289f41263796b8cfffc330a3512f0413eb593e25cd26ae3c1b2548b4846aac8b73f946e307c37bbbef14832fa88b9e74bc64ad1b394185ccfbb4400004fa31fd3cb9298b61248fe5ccccb04824e2f03dfa3d53202a04fa9ce0a2f1dbb93d0463135fdabb195b4526313668edf5016168a147139da128fdcc0fff7306a196f35421e2aadb688b8059ada50e26a0c6dfa317d596cd8b7b35d6ddd8f1c9044898bd5c155f37685e6ad53567a2ea7acdfa86772eb569f2e86f2b3854ab09776442e6346eab1aa1dd25c7857a5eda1835be7b4f919111b709e96d173c9e36ff3090ccbde57c863293d7fc1ba4a21e8ad19abd69faf8b7874ee4dc7f105de0fbf5dcba1075367c36bff8368b080f73a6ed7172c03bd5d99b3f8e7e283f3c365b84cd6670944b9514951f7c4bd5bbda505bd088ae128c3c0a780b8f963187063d21a241cc15eab460e92fcd22f57f46d90880a0557d9a5dfef64e23a408013adde7e24967aad903ce861ddbc167c96ffd5eaba3492b954d1affa472bd80feb68bfa0259845f11ecbb81032145b577807a0a1fb90c3580ddadc3d3235acec622584fe8a22e0647e42493c239c4573ced1324c71f87c51f4a08cad820a901d7baa842f6e846ccf064e4c3c7211746aa995b23876064ca0446db5887bb4897d7a9fd8eff05b7213c8ea867c1b37947a880548fbf85e6f9337cb99227828000230caccdf874d7d4d00aa4f55730bcfe115fab64bab9b496d8fa82fb8f559e65825842bb3b6ba6f1bf0a5de7b4099feb76c37d7f3587a895a51cd968a97ee5654a602ec5aca9fe063053998d5771aec5d20868a25d135ae0aaaad678eb1b44b4a2ff4c5da5a94096a3d1f4b7c64de6d5ac526ae2fbcea3a6d0a6297dc33900091b4dd9aae91f9c900f9d1095ba948740b0a741296ebfbe327b4a2d414dfed686b67b7aab075b7335c0e2013da89fef0b17eb05498de2df812671e91f2fa3dbb632f62a1788da7f618138a54ef0095711eecdbb0aab982f596a918de290d7208b4c4c304e78a8430fa56cd25bb1356056bd7870dc3217da4eefc709dd3d9e8c6a11adc9ed4d1b9b46309bda23685cea22eb9dd9a65370a38c3dc3f214218f85670788c4ed4bef275fb079d7a8c315d0fc3f9b8e01368afc370276144755cc463d2176f40e4cf26c251cd8b0b164c4238783d432c88215a3f6bdb8a27e6ad6810ba6cdfe455d6d89905ce169ceae7623532849ecbdd066e416703f118335ef8d230b07d738486b63ee3ce43c48f90e0ebbe46ba9aa32973128cc19151c2550c50e47edc9e46b3ad4a9e7dc335d0e70f455cc8f84fb4c5cd80d93bfd84f604da8f045f5d3e892f58db985f5f806faf10ba4262f54d5bbd20615ae9b374ac1ae8a55c779c7be6430f8404526139003d68d970cc7564f0884ddc3ed532fa57e0c04277915c7587f601d2232135bcc1602f6c95725d1910dd4e1ba903966b343115dc2dc93e0d08f993c93f12187ba3539d6300162ac4b4eb0b92ba68bd25f630baca7a63c2a8d06eeab39c6abded5face14efbe7605b39333eca0a1d56bd733e5c5479430a12a3d5ae9740162adf9ae26d5936b5132b9fe1103618adeddf9244cdca5ac6b0528297657a421ce27c68cd4da03e789870cbff101090b154ce6c7df74581c12315554319e617c66a76c8dd3169817af8f26f7c51a7f53bd541e795325975518ec29a48df37cdf87769f9d47225443afd7ceb7369b5d5fae72bb3ffafa26f200da3ef4576216b2bf31f1de48ef3afd09a3367d2262738b7367618fda5c431386735eaa7cba9da5ee90d8456d171c127f5f553b5fe244931b338b6ff2b829bf823c5a6b8c3563f2358757bd9b234c8f989e8c68bef2a7257e04179255c4227c31b124f391bf5f9878e68495c3626a1f16195ca4e13c9a01cf891c748739269c886452ce2f791c3b7bf8d3341e08b0e46ed7f59ae0e72738f476cf88338edd1b2f3f7ea82671b4db6287a00ff4481b413a6d3bb225ae5a1b35157c92d312fc7adb97d3ff2c161de1bbc7b1aaeb67f72d4edab36af7285b191ee412430fdfbc6615f4ec9380567760bd8c02959ca64ee142d6bc8f89a364bbf00aac8e2a6b2e5c1ae71f3a1a25d7429cf76cca4eb6de929baa0cd625802f2fc8db5742a3573728c6ed0f7152cc494fbed176d2843028d29782bfbb838a4d5d7e3ef126ee5e5c11e567f24ac818673a8c222d7c7a97de581358f82c72a1e4ff2a7f480547f0ebc6575602bc60ff38ce390f08ee1fedd0e9d381baa8d155adb2c81e65909aeadc80e76f98bdc2036fae5c9c9f1e6a50904b6e197127b0e90955a12f3ce592e0e544c53e668ed774d849bfaeab085e638f40c77b8e2f62521740adc1eaacbb9cef586bc7732a5e5e7405f90b104ba7c2d173808e2b06ebccb7f24c93fa977032fb28cf78170e546c29bdc717933919a24a0e99cef3fe97e1e0553eb7b14e714252bae66aff33e72dc532e2b69780692e52b8e327a7103b2330ed8e82bf4b3ea6d2f0c3f1fe3d7487fc95d735692b583c6ee6b7ece4d48bd12007a4dd4bcaf71b8541bfc0274daf0069d4d31ddc394842a20ce9b31f28e5267816ad48612877a18ade32524d508e8854a3301c5e90f581edf46a8dd3251ed48aac369a9fe24a6200575c322c36636efa9c42a164d2a7b6fd5bdf3caaf79f07978ae2e80c92d7930f1388c885fe5c13dc3fddf8ecd708df707de251a724817e99574dd64101cc81e0c1f2ec6f1feec1ea90273257ae0f26bb0671c76c5566f960438e15809884cd5f59d8d35d5a7f080733eb1fc7199f211769ffc412f8", 0x1000}], 0x5, &(0x7f0000001440)=[@ip_tos_u8={{0xd}}], 0x10}, 0x800)
sendmsg(r0, &(0x7f0000001680)={&(0x7f00000014c0)=@ieee802154={0x24, @short={0x2, 0x0, 0xaaa0}}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001540)="496b9365a82e4fb626d3265805ebb4402dabb236d420cb775cf665cfa11b7ae978790b14a283dba480652a0332dd93a673e87046fcc7177c50b0f013bc59df7fac06a4779ebdf308ee394dbd68140e1912b0de55", 0x54}], 0x1, &(0x7f0000001600)=[{0x58, 0x1, 0xffffffff, "7eac6c2313733597d91ceeafc0b0cc79da34c7523104c8e2c3d1867310074123ac0f65872ab6ec236b80f5f8a0411206bf25fe33c8f3a5c7d4e40e0823b94cd26756c460ee9d6bb442"}], 0x58}, 0x20008001)
socket$kcm(0x29, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000016c0)={<r1=>0xffffffffffffffff})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001740), 0xffffffffffffffff)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, &(0x7f0000001840))
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000001900)={'ip6gre0\x00', &(0x7f0000001880)={'ip6_vti0\x00', <r4=>0x0, 0x4, 0xe, 0x5, 0x551, 0x0, @empty, @local, 0x40, 0x8, 0x6, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000019c0)={'ip6tnl0\x00', &(0x7f0000001940)={'ip6_vti0\x00', <r5=>0x0, 0x0, 0x1, 0x22, 0x8000, 0x11, @dev={0xfe, 0x80, '\x00', 0x14}, @dev={0xfe, 0x80, '\x00', 0x39}, 0x7800, 0x700, 0xfffffffd, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000001a80)={'ip6_vti0\x00', &(0x7f0000001a00)={'syztnl0\x00', <r6=>0x0, 0x4, 0x5, 0x1, 0x1, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private2={0xfc, 0x2, '\x00', 0x1}, 0x700, 0x7f01, 0x3, 0x4}})
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000001ac0)={@private2, <r7=>0x0}, &(0x7f0000001b00)=0x14)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000001d00)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001b40)={0x160, r3, 0x324, 0x70bd26, 0x25dfdbfc, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x88, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}, @ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x7}, @ETHTOOL_A_CHANNELS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x5}, @ETHTOOL_A_CHANNELS_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0xcd}]}, 0x160}, 0x1, 0x0, 0x0, 0x4008010}, 0x1)
syz_usb_connect(0x4, 0x4eb, &(0x7f0000001d40)={{0x12, 0x1, 0x300, 0xe1, 0xbd, 0xb6, 0xff, 0x812, 0x3101, 0x6a3a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4d9, 0x2, 0xe, 0xea, 0x20, 0xfa, [{{0x9, 0x4, 0x4b, 0x80, 0xc, 0x8a, 0xbc, 0xf0, 0xfe, [], [{{0x9, 0x5, 0xf, 0x2, 0x238, 0x6, 0xa3, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x9, 0x6}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x7}]}}, {{0x9, 0x5, 0x0, 0x10, 0x0, 0xb, 0x5, 0x80, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x9}, @generic={0x18, 0x4, "4e4a3b8eb3f3c45c83d92dfe6d010f4d8efe4e6f03a6"}]}}, {{0x9, 0x5, 0x84, 0x8, 0x40, 0x5, 0x0, 0x2}}, {{0x9, 0x5, 0x80, 0xc, 0x8, 0x1, 0x80, 0x8}}, {{0x9, 0x5, 0x7, 0x10, 0x3ff, 0x3, 0x0, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x81, 0xa}]}}, {{0x9, 0x5, 0xe, 0x4, 0x20, 0x8, 0x7, 0x46, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x7, 0x200}, @generic={0xd0, 0x3b, "1bf97c74eb30799252aaeee142ccc5b5b696e6b178db4c32ff3653d96721bded922946ce9a7ee85ca8d1ca1cb17a3f2e386520d92be7b5748a9d51f64052d9b3595cee019a7c1a2ee67d63161493462283b95fd59a3f67fb1cb327fc6ca6f2531640ceb6bddad3baa14eb478e369fb84fcd5cca1108f54ff8c5c46fa9d4eafb01ce1f7e702fb26ecf6b005a7619cce9980431f9d09f0ac19b94155965da5c2b2c8a3b7aeac0a97fb558ee5251bc4be61024a299e9773ade19a1d22786bb338ceac28d80f30e29e1b32fd9215403d"}]}}, {{0x9, 0x5, 0x7, 0x0, 0x8, 0x2, 0x2, 0x12, [@generic={0x34, 0xe, "816a13ba1b46e46e5b1b7a716ae26a23b042845cd0256b6edcd0f0ae954d6e1bc86b9f01e773502dc20423aaea57f1424fb9"}, @generic={0x8, 0xa, "f1b729d5ec4b"}]}}, {{0x9, 0x5, 0xc, 0x1, 0x8, 0x9, 0xa, 0x4, [@generic={0x18, 0x5, "231215f5768076da299baa1512518233f02bcaa94dc3"}]}}, {{0x9, 0x5, 0xd, 0x35747c6d8ae8f05, 0x400, 0x7, 0x8}}, {{0x9, 0x5, 0x6, 0x3, 0x8, 0x4, 0x2, 0x10}}, {{0x9, 0x5, 0x4, 0x1, 0x8, 0x1c, 0xb7, 0x3}}, {{0x9, 0x5, 0x89, 0x2, 0x8, 0x7, 0xe, 0x8}}]}}, {{0x9, 0x4, 0xba, 0x2, 0x7, 0xff, 0xff, 0xff, 0x6, [], [{{0x9, 0x5, 0x4, 0x0, 0x40, 0x81, 0xd0, 0x85, [@generic={0x75, 0xa, "4c58e38ff469d282fa66c7c68d91b16c554ba3d53579e878188c6b44e03a173ffc728bf5642b752fee8c9a788cb1e0a36226544b6013529c5d9025b1a30d34c7578dda4a65afb07b24597f165acf13361a5a440a0c584b0249cc16523265f2a923634a32d733ee0987d50b615512b143bb35c6"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x1a}]}}, {{0x9, 0x5, 0x9, 0x0, 0x8, 0x0, 0x8, 0x1, [@generic={0x50, 0x24, "91b9aaae6a4049a1ca5e46bab228cc8b96040657f8c072f08e802f74778abc5ed66326d5e28cf2b9f81a344e31385fd6832ae9e4c449f15f140754708735b2b550a1dea8edbc40409c1d6720c6a9"}, @generic={0xd8, 0x0, "ca6b7760707cb244acd31d7461ef74ce13637f8279e620fb58e7b1add034ca4324dd7c6a52f05bf74b1d5d7e561cb06cefe5f3da82f0b78193e33a56a4b52f7f0f0a0ea81d09afa9ad49feb6be593046dd4c045ac03fd94b263a6cd1998ebf3f01c4a8087efad386774c5977b6180475327e4b5b7920a3168debce761e75bb77c26c5772e6b470d40a6041019b243c64539cc5c6f4b35a2988c27ea11971657532706ed54ece5771ea98d2aa4d904b672048ffbbd2c5611b5a70ade35b5431c0d8f08463f3f338350a0ff5307cfc7189934a8e5f79ba"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x400, 0x2, 0x5, 0x7, [@generic={0x2, 0xf}, @uac_iso={0x7, 0x25, 0x1, 0x180, 0x7, 0x2}]}}, {{0x9, 0x5, 0xd, 0x3, 0x400, 0x7, 0x9, 0x9, [@generic={0x93, 0x11, "cd4061355039af9973c6dfe2f1469cf6cb55537eca77c918148e85193d3c18e4ab83d21ecad99dd249d85b2e4ad59793eb0527527abcbf57488ed72e9ff048e1d04bfa61dc7d5556c30ac29497c54b14337d125fb07e8e9c4efb665f56720dfd7d7988b6e11f4356e0e48e1abc649bd12e2c8e1ef2070feccedc5dbe097062e756633a48e6db98f5a03d70e475dd7f0810"}]}}, {{0x9, 0x5, 0x0, 0x8, 0x8, 0xc0, 0xda, 0x1c, [@generic={0x66, 0x22, "a21d14b56ced16c5f3f891d75bd4bfdcf079b28459584d11666e9933dfb4bcf1658c92847f1e89443d1a3e27c5d3e28a8ba5a44025734faea0976f20e65dc069291c8766717b57ec0691c7f72959577d2a6ffe003a26d49ca28dabfce9f1e77619f33cdf"}]}}, {{0x9, 0x5, 0xe, 0x8, 0x838, 0xa7, 0x30, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xa5, 0x8}]}}, {{0x9, 0x5, 0x8, 0x10, 0x3ff, 0x5, 0xd, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x6, 0x2}]}}]}}]}}]}}, &(0x7f0000002700)={0xa, &(0x7f0000002380)={0xa, 0x6, 0x250, 0x3, 0x2, 0xe, 0xff}, 0x102, &(0x7f00000023c0)={0x5, 0xf, 0x102, 0x2, [@generic={0xe9, 0x10, 0x4, "700f04989ebe68980fc6a10034792576ac05b4bbe249bdaaccacbbfab94d240f9ceecadc3a68105ee749c5796955f631dcf52edac75fb0e98f2a5a743707ebf6d8a68ec60162ff77d9bb50cc3a1fbea36512c0bb400fa8c98a736e9ac73b3c51b4bd04a00ffbf0c7e5db5f4299783992dceb61fe2afeaaee6c8845d21ff5d1ac231e45059b59d4c48243ee57ef6538518e0152267b310aeb23314866edced78249388e98bfbf0b41da725f10bc3c0fd8153e8b90d72aa4e78d997a701b332b5ff5b2f644455904c1b108a4c6d5a0054d03e6f0cd025ed30ea9a5b06f6413989ed5ce12d030c8"}, @ss_container_id={0x14, 0x10, 0x4, 0x67, "ca23ddbda7f5a38f66278dabbdfd79c3"}]}, 0x5, [{0xc1, &(0x7f0000002500)=@string={0xc1, 0x3, "5803412b5d6ebdf8d02fe4c6cd80bd7ffbf596e0404b42056d34ac1e0bd29e769aa51e222926f669871be740dd5ab1fdf65febe28e1ec1e347a1e9266c9ebb84a86c1bd426bc604343ea0cfd603542b434cb20dc5fbf9fdc2daa50dbf968d57bab15fe133f0761b0a1625d9b1030e14d884f047bc9ffeab4e9c8f1f2c522280446eab2b5d1202ff781c0c0d2b19843c6abf95de194ce4c02a9654526bde0d20b257f2d909f5fa843bed1988dc398e50a15e10d8615f7e7c56cae8dbb521cfd"}}, {0x4, &(0x7f0000002600)=@lang_id={0x4, 0x3, 0x3409}}, {0x4, &(0x7f0000002640)=@lang_id={0x4, 0x3, 0xc0c}}, {0x4, &(0x7f0000002680)=@lang_id={0x4, 0x3, 0x809}}, {0x4, &(0x7f00000026c0)=@lang_id={0x4, 0x3, 0x3409}}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = accept4$packet(0xffffffffffffffff, &(0x7f0000002780)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000027c0)=0x14, 0x800)
setsockopt$packet_drop_memb(r9, 0x107, 0x2, &(0x7f0000002800)={0x0, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000002840)={'veth1_to_hsr\x00'})
r10 = openat$binfmt_format(0xffffff9c, &(0x7f0000002880)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
lseek(r10, 0x4b, 0x1)

745.185436ms ago: executing program 3 (id=2488):
socket$key(0xf, 0x3, 0x2)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmsg(r0, &(0x7f0000000200)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, 0x0}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={<r1=>0xffffffffffffffff, 0x3, 0x6, 0xffffffffffffffaf})
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00'})
sendmsg$nl_route(r2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newnexthop={0x21c, 0x68, 0x10, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x1, 0x0, 0x12}, [@NHA_ENCAP={0x158, 0x8, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x154, 0x1, {{0x2, {0x2f, 0xa, 0x4, 0x5, 0x40, 0x10, 0x9, [@private1, @ipv4={'\x00', '\xff\xff', @empty}, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0]}}, [@mcast1, @local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}, @private1, @loopback, @dev={0xfe, 0x80, '\x00', 0xc}, @ipv4={'\x00', '\xff\xff', @broadcast}, @dev={0xfe, 0x80, '\x00', 0x14}, @local, @local, @private1, @private1, @ipv4={'\x00', '\xff\xff', @multicast2}, @local]}}}, @NHA_ENCAP={0x50, 0x8, 0x0, 0x1, @RPL_IPTUNNEL_SRH={0x4c, 0x1, {0x7f, 0x48, 0x1, 0x8, 0x80000000, [@private0={0xfc, 0x0, '\x00', 0x1}, @private2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1]}}}, @NHA_FDB={0x4}, @NHA_FDB={0x4}, @NHA_GROUP={0x4c, 0x2, [{0x1, 0x2e}, {0x0, 0x4}, {0x0, 0x6}, {0x0, 0x2}, {0x2, 0xfe}, {0x1, 0xf}, {0x2, 0x9}, {0x2, 0x1}, {0x2, 0x6}]}, @NHA_OIF={0x8}]}, 0x21c}}, 0x0)
r3 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r3, 0x0, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000000c0), 0x10)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4", 0x15}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100)}}], 0x2, 0x0)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x14, r5, 0x2}, 0x14}, 0x1, 0x620b}, 0xc800)
sendmsg$L2TP_CMD_SESSION_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB], 0x28}}, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
r6 = inotify_init1(0x0)
r7 = inotify_init()
inotify_add_watch(r7, &(0x7f0000000040)='./control\x00', 0x5000410)
inotify_add_watch(r6, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000440), 0xc, 0x0}, 0x44000)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000100))
lsm_set_self_attr(0x65, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00'/32], 0x20, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x88, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bridge_slave_1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'team0\x00'}}]}, 0x88}}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)

681.141666ms ago: executing program 3 (id=2489):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newtaction={0xb4, 0x30, 0x1, 0x0, 0x0, {}, [{0xa0, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x30, 0x3, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0xb4}}, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000001ac0), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0xc1105511, &(0x7f0000000040))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
r5 = socket$alg(0x26, 0x5, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002000000085000000070000009500000000000000"], 0x0, 0x4, 0xc0, &(0x7f0000002380)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000680)="e0b9547ed387dbe9abc89b6f5bff", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000140)="c4145406f50add1f489e239b0a33e044174ac81c0ad60a59d613fd448b6694065ce5aac58424c9a2c04b1100987d44ee92025755f9cf589a8e", 0x39)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000000)={0x1000, 0x101000, 0x1})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x10012, r7, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000180)={0x3, 0x0, [{0x858, 0x0, 0x3}, {0xb91, 0x0, 0x1}, {0x85f, 0x0, 0x4}]})
write(0xffffffffffffffff, &(0x7f0000000040)="05000000010000", 0x7)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='bridge0\x00', 0x10)

479.403268ms ago: executing program 1 (id=2490):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000000300)=""/102400, 0x19000)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x1000)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040))
r2 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000780))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x0, 0x0)
lsm_set_self_attr(0x65, &(0x7f0000000240)=ANY=[@ANYRESDEC=r3], 0x20, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000019300)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, &(0x7f0000000180)=0x2)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RELDISP(r4, 0x5605)
socket$inet(0x2, 0x0, 0x2)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000080))
ioctl$VIDIOC_LOG_STATUS(0xffffffffffffffff, 0x5646, 0x0)

479.06662ms ago: executing program 3 (id=2491):
open(0x0, 0x400145042, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_clone(0x40000000, 0x0, 0x51, 0x0, 0x0, 0x0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
listen(0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00')
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000200)='htcp\x00', 0x5)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x400076d, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xf}}, 0x8)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg(r1, 0x0, 0x104)
socket$l2tp(0x2, 0x2, 0x73)
open_tree(0xffffffffffffff9c, 0x0, 0x1801)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = openat$snapshot(0xffffffffffffff9c, 0x0, 0x20001, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r2, 0x330b)
mkdir(0x0, 0x0)
open(0x0, 0x121342, 0x0)
mount(&(0x7f0000000280)=@sr0, 0x0, &(0x7f0000000240)='hpfs\x00', 0x808001, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
landlock_restrict_self(0xffffffffffffffff, 0x0)
modify_ldt$write(0x1, &(0x7f0000000040)={0x400}, 0x10)

190.005995ms ago: executing program 0 (id=2492):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000340)='mountstats\x00')
read$FUSE(r3, &(0x7f000000c1c0)={0x2020}, 0x2020)

0s ago: executing program 3 (id=2493):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f0000000280)={@desc={0x1, 0x0, @desc3}, 0x21, 0x0, '\x00', @c})
r5 = syz_open_procfs(0x0, &(0x7f0000000300)='net/vlan/vlan0\x00')
ioctl$SIOCSIFMTU(r0, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40})
r6 = inotify_init1(0x0)
fcntl$setown(r6, 0x8, 0xffffffffffffffff)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x2c, 0x0, 0xb, 0x801, 0x0, 0x0, {0x7}, [@NFTA_COMPAT_REV={0x8}, @NFTA_COMPAT_NAME={0x8, 0x1, 'bpf\x00'}, @NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x100000}]}, 0x2c}}, 0x0)
fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs(r8, &(0x7f0000000200)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r9, 0x40046604, 0x0)
write$cgroup_type(r9, &(0x7f0000000000), 0x9)
lseek(r5, 0x0, 0x0)

kernel console output (not intermixed with test programs):

nted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  341.289022][T11997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  341.291767][T11997] Call Trace:
[  341.292634][T11997]  <TASK>
[  341.293424][T11997]  dump_stack_lvl+0x16c/0x1f0
[  341.294735][T11997]  should_fail_ex+0x497/0x5b0
[  341.296117][T11997]  ? fs_reclaim_acquire+0xae/0x150
[  341.297442][T11997]  should_failslab+0xc2/0x120
[  341.298676][T11997]  kmem_cache_alloc_node_noprof+0x71/0x310
[  341.300186][T11997]  ? __alloc_skb+0x2b3/0x380
[  341.301382][T11997]  __alloc_skb+0x2b3/0x380
[  341.302581][T11997]  ? __pfx___alloc_skb+0x10/0x10
[  341.303873][T11997]  ? __phys_addr_symbol+0x30/0x80
[  341.305244][T11997]  pfkey_sendmsg+0x47f/0x840
[  341.306604][T11997]  ____sys_sendmsg+0x9ae/0xb40
[  341.307843][T11997]  ? __pfx_____sys_sendmsg+0x10/0x10
[  341.309212][T11997]  ? get_compat_msghdr+0x11b/0x170
[  341.310558][T11997]  ? __pfx___lock_acquire+0x10/0x10
[  341.311911][T11997]  ___sys_sendmsg+0x135/0x1e0
[  341.313134][T11997]  ? __pfx____sys_sendmsg+0x10/0x10
[  341.314483][T11997]  ? lock_acquire+0x2f/0xb0
[  341.315723][T11997]  ? __fget_files+0x40/0x3f0
[  341.316954][T11997]  ? fdget+0x176/0x210
[  341.318017][T11997]  __sys_sendmsg+0x117/0x1f0
[  341.319235][T11997]  ? __pfx___sys_sendmsg+0x10/0x10
[  341.320562][T11997]  ? __fget_files+0x244/0x3f0
[  341.321790][T11997]  __do_fast_syscall_32+0x73/0x120
[  341.323190][T11997]  do_fast_syscall_32+0x32/0x80
[  341.324450][T11997]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  341.326278][T11997] RIP: 0023:0xf747e579
[  341.327672][T11997] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  341.333932][T11997] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  341.336724][T11997] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  341.339384][T11997] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  341.342061][T11997] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  341.344513][T11997] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  341.346798][T11997] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  341.349327][T11997]  </TASK>
[  341.405358][T11999] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  341.407162][T11999] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  341.412102][T11999] vhci_hcd vhci_hcd.0: Device attached
[  341.450700][T12001] siw: device registration error -23
[  341.521009][T12008] siw: device registration error -23
[  341.598668][ T5358] vhci_hcd: vhci_device speed not set
[  341.668823][ T5358] usb 13-1: new full-speed USB device number 4 using vhci_hcd
[  341.971729][T12022] can0: slcan on ttyS3.
[  342.255992][T12002] vhci_hcd: connection reset by peer
[  342.269053][T11275] vhci_hcd: stop threads
[  342.270555][T11275] vhci_hcd: release socket
[  342.283417][T11275] vhci_hcd: disconnect device
[  342.520606][T12010] can0 (unregistered): slcan off ttyS3.
[  342.932312][T12045] xt_TPROXY: Can be used only with -p tcp or -p udp
[  343.431940][T12053] siw: device registration error -23
[  343.509463][T12057] FAULT_INJECTION: forcing a failure.
[  343.509463][T12057] name failslab, interval 1, probability 0, space 0, times 0
[  343.513369][T12057] CPU: 3 UID: 0 PID: 12057 Comm: syz.3.1895 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  343.516161][T12057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  343.518941][T12057] Call Trace:
[  343.519928][T12057]  <TASK>
[  343.520736][T12057]  dump_stack_lvl+0x16c/0x1f0
[  343.522042][T12057]  should_fail_ex+0x497/0x5b0
[  343.523293][T12057]  ? fs_reclaim_acquire+0xae/0x150
[  343.524627][T12057]  should_failslab+0xc2/0x120
[  343.525863][T12057]  __kmalloc_noprof+0xcb/0x410
[  343.527120][T12057]  io_alloc_async_data+0x9d/0x150
[  343.528440][T12057]  io_prep_rw+0x30d/0xb70
[  343.529982][T12057]  io_prep_rwv+0xa8/0x350
[  343.531210][T12057]  ? __pfx_io_prep_rwv+0x10/0x10
[  343.532539][T12057]  ? __mutex_lock+0x1a6/0x9c0
[  343.533843][T12057]  io_submit_sqes+0x8aa/0x2530
[  343.535316][T12057]  __do_sys_io_uring_enter+0xc0f/0x1170
[  343.536826][T12057]  ? __fget_files+0x244/0x3f0
[  343.538085][T12057]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  343.539775][T12057]  ? fput+0x30/0x390
[  343.540801][T12057]  ? ksys_write+0x1ad/0x260
[  343.542131][T12057]  ? __pfx_ksys_write+0x10/0x10
[  343.543402][T12057]  __do_fast_syscall_32+0x73/0x120
[  343.544925][T12057]  do_fast_syscall_32+0x32/0x80
[  343.546261][T12057]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  343.547881][T12057] RIP: 0023:0xf7f0f579
[  343.548937][T12057] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  343.553915][T12057] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  343.556314][T12057] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000000047ba
[  343.558348][T12057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  343.560528][T12057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  343.562576][T12057] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  343.564698][T12057] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  343.566955][T12057]  </TASK>
[  343.653188][T12061] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.676502][T12061] batman_adv: batadv0: Interface deactivated: dummy0
[  343.695754][T12062] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  343.697501][T12062] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  343.702637][T12062] vhci_hcd vhci_hcd.0: Device attached
[  343.705332][T12063] vhci_hcd: cannot find the pending unlink 5
[  343.783677][T12061] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.794531][T12061] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.876638][T12061] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  343.884877][T12061] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  343.887919][T12061] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  343.891702][T12061] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  343.968548][T12063] vhci_hcd: connection closed
[  343.968709][T11349] vhci_hcd: stop threads
[  343.971016][T11349] vhci_hcd: release socket
[  343.972184][T11349] vhci_hcd: disconnect device
[  344.338672][T10874] vhci_hcd: vhci_device speed not set
[  344.941816][T12108] xt_policy: neither incoming nor outgoing policy selected
[  346.586709][   T39] audit: type=1800 audit(1728721470.202:6753): pid=12138 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1915" name="/" dev="fuse" ino=1 res=0 errno=0
[  346.828817][ T5358] vhci_hcd: vhci_device speed not set
[  346.868146][T12156] 9pnet_fd: Insufficient options for proto=fd
[  346.870325][T12156] 9pnet_fd: Insufficient options for proto=fd
[  346.874942][T12156] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  348.293383][T12184] nftables ruleset with unbound chain
[  348.329743][T12186] FAULT_INJECTION: forcing a failure.
[  348.329743][T12186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.334282][T12186] CPU: 3 UID: 0 PID: 12186 Comm: syz.3.1931 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  348.338127][T12186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  348.342040][T12186] Call Trace:
[  348.343238][T12186]  <TASK>
[  348.344254][T12186]  dump_stack_lvl+0x16c/0x1f0
[  348.345628][T12186]  should_fail_ex+0x497/0x5b0
[  348.347155][T12186]  _copy_to_user+0x30/0xc0
[  348.348745][T12186]  simple_read_from_buffer+0xd0/0x160
[  348.350477][T12186]  proc_fail_nth_read+0x198/0x270
[  348.352189][T12186]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  348.354099][T12186]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  348.355998][T12186]  vfs_read+0x1ce/0xbd0
[  348.357432][T12186]  ? __fget_files+0x23a/0x3f0
[  348.359179][T12186]  ? fdget_pos+0x24c/0x360
[  348.360702][T12186]  ? __pfx_lock_release+0x10/0x10
[  348.362503][T12186]  ? trace_lock_acquire+0x14a/0x1d0
[  348.364396][T12186]  ? __pfx_vfs_read+0x10/0x10
[  348.366038][T12186]  ? __pfx___mutex_lock+0x10/0x10
[  348.367743][T12186]  ? __fget_files+0x244/0x3f0
[  348.368966][T12186]  ksys_read+0x12f/0x260
[  348.370272][T12186]  ? __pfx_ksys_read+0x10/0x10
[  348.371923][T12186]  __do_fast_syscall_32+0x73/0x120
[  348.373700][T12186]  do_fast_syscall_32+0x32/0x80
[  348.375369][T12186]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  348.376987][T12186] RIP: 0023:0xf7f0f579
[  348.378071][T12186] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  348.384232][T12186] RSP: 002b:00000000f56965a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  348.387054][T12186] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5696620
[  348.389650][T12186] RDX: 000000000000000f RSI: 00000000f739bff4 RDI: 0000000000000000
[  348.392225][T12186] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  348.394839][T12186] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  348.397407][T12186] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  348.400028][T12186]  </TASK>
[  348.454900][T12189] IPVS: persistence engine module ip_vs_pe_@ not found
[  348.763504][T12205] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1936'.
[  348.805568][T12203] dvmrp0: entered allmulticast mode
[  348.870746][T12204] syzkaller0: entered promiscuous mode
[  348.872484][T12204] syzkaller0: entered allmulticast mode
[  348.874085][T12205] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  348.967977][T12205] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.973918][T12205] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.985743][T12212] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1939'.
[  348.988243][T12212] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1939'.
[  348.994089][T12212] FAULT_INJECTION: forcing a failure.
[  348.994089][T12212] name failslab, interval 1, probability 0, space 0, times 0
[  348.997300][T12212] CPU: 3 UID: 0 PID: 12212 Comm: syz.1.1939 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  349.000078][T12212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  349.002971][T12212] Call Trace:
[  349.003845][T12212]  <TASK>
[  349.004622][T12212]  dump_stack_lvl+0x16c/0x1f0
[  349.005860][T12212]  should_fail_ex+0x497/0x5b0
[  349.007106][T12212]  ? fs_reclaim_acquire+0xae/0x150
[  349.008438][T12212]  should_failslab+0xc2/0x120
[  349.009668][T12212]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[  349.011318][T12212]  ? kstrdup_const+0x63/0x80
[  349.012532][T12212]  kstrdup+0x3c/0x80
[  349.013560][T12212]  kstrdup_const+0x63/0x80
[  349.014735][T12212]  kvasprintf_const+0x10f/0x1a0
[  349.016012][T12212]  kobject_set_name_vargs+0x5a/0x140
[  349.017391][T12212]  dev_set_name+0xc8/0x100
[  349.018570][T12212]  ? __pfx_dev_set_name+0x10/0x10
[  349.020046][T12212]  ? __init_waitqueue_head+0xca/0x150
[  349.021447][T12212]  netdev_register_kobject+0xc5/0x3f0
[  349.022884][T12212]  register_netdevice+0x1473/0x1e20
[  349.024250][T12212]  ? __pfx_register_netdevice+0x10/0x10
[  349.025695][T12212]  ? vxlan_config_apply+0x53a/0x7d0
[  349.027059][T12212]  __vxlan_dev_create+0x7c6/0xa30
[  349.028373][T12212]  ? __pfx___vxlan_dev_create+0x10/0x10
[  349.029810][T12212]  ? __pfx_vxlan_nl2conf+0x10/0x10
[  349.031151][T12212]  vxlan_newlink+0xd1/0x130
[  349.032336][T12212]  ? __pfx_vxlan_newlink+0x10/0x10
[  349.033792][T12212]  ? sized_strscpy+0xae/0x290
[  349.035027][T12212]  ? kasan_save_track+0x14/0x30
[  349.036310][T12212]  ? rtnl_create_link+0xa2e/0xf10
[  349.037628][T12212]  ? __pfx_vxlan_newlink+0x10/0x10
[  349.038982][T12212]  __rtnl_newlink+0x119c/0x1920
[  349.040266][T12212]  ? __pfx___rtnl_newlink+0x10/0x10
[  349.041634][T12212]  rtnl_newlink+0x67/0xa0
[  349.042794][T12212]  ? __pfx_rtnl_newlink+0x10/0x10
[  349.044115][T12212]  rtnetlink_rcv_msg+0x3c7/0xea0
[  349.045423][T12212]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  349.046858][T12212]  ? __pfx___dev_queue_xmit+0x10/0x10
[  349.048265][T12212]  netlink_rcv_skb+0x165/0x410
[  349.049523][T12212]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  349.050944][T12212]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  349.052325][T12212]  ? netlink_deliver_tap+0x1ae/0xcf0
[  349.053686][T12212]  netlink_unicast+0x53c/0x7f0
[  349.054952][T12212]  ? __pfx_netlink_unicast+0x10/0x10
[  349.056324][T12212]  ? __phys_addr_symbol+0x30/0x80
[  349.057642][T12212]  ? __check_object_size+0x488/0x710
[  349.059035][T12212]  netlink_sendmsg+0x8b8/0xd70
[  349.060298][T12212]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.061678][T12212]  ? lock_acquire+0x2f/0xb0
[  349.062907][T12212]  ____sys_sendmsg+0x9ae/0xb40
[  349.064161][T12212]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.065537][T12212]  ? get_compat_msghdr+0x11b/0x170
[  349.066886][T12212]  ? __pfx___lock_acquire+0x10/0x10
[  349.068249][T12212]  ___sys_sendmsg+0x135/0x1e0
[  349.069484][T12212]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.070860][T12212]  ? lock_acquire+0x2f/0xb0
[  349.072057][T12212]  ? __fget_files+0x40/0x3f0
[  349.073272][T12212]  ? fdget+0x176/0x210
[  349.074355][T12212]  __sys_sendmsg+0x117/0x1f0
[  349.075573][T12212]  ? __pfx___sys_sendmsg+0x10/0x10
[  349.076916][T12212]  ? __fget_files+0x244/0x3f0
[  349.078164][T12212]  __do_fast_syscall_32+0x73/0x120
[  349.079504][T12212]  do_fast_syscall_32+0x32/0x80
[  349.080784][T12212]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  349.082448][T12212] RIP: 0023:0xf747e579
[  349.083526][T12212] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  349.088489][T12212] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  349.090649][T12212] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  349.092701][T12212] RDX: 0000000004000000 RSI: 0000000000000000 RDI: 0000000000000000
[  349.094755][T12212] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  349.096802][T12212] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  349.098855][T12212] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  349.100907][T12212]  </TASK>
[  351.301359][T12249] vivid-000: =================  START STATUS  =================
[  351.303414][T12249] vivid-000: Radio HW Seek Mode: Bounded
[  351.304855][T12249] vivid-000: Radio Programmable HW Seek: false
[  351.306486][T12249] vivid-000: RDS Rx I/O Mode: Block I/O
[  351.307925][T12249] vivid-000: Generate RBDS Instead of RDS: false
[  351.308667][ T5354] Bluetooth: hci3: unexpected cc 0x2027 length: 2 > 1
[  351.310172][T12249] vivid-000: RDS Reception: 
[  351.312204][ T5354] Bluetooth: hci3: unexpected event for opcode 0x2027
[  351.312214][T12249] true
[  351.316256][T12249] vivid-000: RDS Program Type: 0 inactive
[  351.317867][T12249] vivid-000: RDS PS Name:  inactive
[  351.320930][T12249] vivid-000: RDS Radio Text:  inactive
[  351.322523][T12249] vivid-000: RDS Traffic Announcement: false inactive
[  351.324715][T12249] vivid-000: RDS Traffic Program: false inactive
[  351.326599][T12249] vivid-000: RDS Music: false inactive
[  351.332163][T12249] vivid-000: ==================  END STATUS  ==================
[  351.393023][T12249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1952'.
[  351.395627][T12249] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1952'.
[  351.402494][T12255] FAULT_INJECTION: forcing a failure.
[  351.402494][T12255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.406005][T12255] CPU: 0 UID: 0 PID: 12255 Comm: syz.3.1954 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  351.408763][T12255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  351.411533][T12255] Call Trace:
[  351.412397][T12255]  <TASK>
[  351.413168][T12255]  dump_stack_lvl+0x16c/0x1f0
[  351.414403][T12255]  should_fail_ex+0x497/0x5b0
[  351.415622][T12255]  strncpy_from_user+0x3b/0x2a0
[  351.416880][T12255]  getname_flags.part.0+0x8f/0x550
[  351.418283][T12255]  getname_flags+0x93/0xf0
[  351.419441][T12255]  do_readlinkat+0xb5/0x390
[  351.420791][T12255]  ? __pfx_do_readlinkat+0x10/0x10
[  351.422128][T12255]  ? ksys_write+0x1ad/0x260
[  351.423300][T12255]  ? __pfx_ksys_write+0x10/0x10
[  351.424548][T12255]  __ia32_sys_readlink+0x76/0xc0
[  351.425822][T12255]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  351.427506][T12255]  __do_fast_syscall_32+0x73/0x120
[  351.428821][T12255]  do_fast_syscall_32+0x32/0x80
[  351.430124][T12255]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  351.431740][T12255] RIP: 0023:0xf7f0f579
[  351.432787][T12255] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  351.437669][T12255] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000055
[  351.439792][T12255] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000020000200
[  351.441769][T12255] RDX: 00000000000000ed RSI: 0000000000000000 RDI: 0000000000000000
[  351.443810][T12255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  351.445837][T12255] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  351.447878][T12255] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  351.450173][T12255]  </TASK>
[  351.952696][T12262] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1956'.
[  352.185001][T12269] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  352.482964][T12281] netlink: 'syz.3.1962': attribute type 1 has an invalid length.
[  352.723305][T12283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  352.726406][T12283] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  353.553249][T12304] lo speed is unknown, defaulting to 1000
[  353.681525][T12308] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1971'.
[  353.691281][T12308] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1971'.
[  353.696629][T12308] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  353.703991][T12308] CIFS mount error: No usable UNC path provided in device string!
[  353.703991][T12308] 
[  353.706967][T12308] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  353.737442][T12309] FAULT_INJECTION: forcing a failure.
[  353.737442][T12309] name failslab, interval 1, probability 0, space 0, times 0
[  353.741054][T12309] CPU: 2 UID: 0 PID: 12309 Comm: syz.3.1972 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  353.744347][T12309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  353.747120][T12309] Call Trace:
[  353.747989][T12309]  <TASK>
[  353.748770][T12309]  dump_stack_lvl+0x16c/0x1f0
[  353.750015][T12309]  should_fail_ex+0x497/0x5b0
[  353.751238][T12309]  ? fs_reclaim_acquire+0xae/0x150
[  353.752562][T12309]  should_failslab+0xc2/0x120
[  353.753788][T12309]  __kmalloc_noprof+0xcb/0x410
[  353.755058][T12309]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  353.756512][T12309]  tomoyo_realpath_from_path+0xbf/0x710
[  353.757942][T12309]  ? tomoyo_path_number_perm+0x232/0x5b0
[  353.759412][T12309]  tomoyo_path_number_perm+0x245/0x5b0
[  353.760820][T12309]  ? tomoyo_path_number_perm+0x232/0x5b0
[  353.762292][T12309]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  353.763853][T12309]  ? trace_lock_acquire+0x14a/0x1d0
[  353.765195][T12309]  ? lock_acquire+0x2f/0xb0
[  353.766387][T12309]  ? __fget_files+0x40/0x3f0
[  353.767582][T12309]  ? __fget_files+0x244/0x3f0
[  353.768799][T12309]  security_file_ioctl_compat+0x9b/0x240
[  353.770642][T12309]  __do_compat_sys_ioctl+0x52/0x2b0
[  353.772126][T12309]  __do_fast_syscall_32+0x73/0x120
[  353.773468][T12309]  do_fast_syscall_32+0x32/0x80
[  353.774747][T12309]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  353.776388][T12309] RIP: 0023:0xf7f0f579
[  353.777459][T12309] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  353.782668][T12309] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  353.784888][T12309] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000541b
[  353.787057][T12309] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  353.789143][T12309] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  353.791447][T12309] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  353.793949][T12309] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  353.796633][T12309]  </TASK>
[  353.799148][T12309] ERROR: Out of memory at tomoyo_realpath_from_path.
[  353.909347][   T39] audit: type=1326 audit(1728721477.532:6754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  353.917290][   T39] audit: type=1326 audit(1728721477.532:6755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  353.924945][   T39] audit: type=1326 audit(1728721477.532:6756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  353.930576][   T39] audit: type=1326 audit(1728721477.532:6757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  353.936213][   T39] audit: type=1326 audit(1728721477.532:6758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  353.957529][   T39] audit: type=1326 audit(1728721477.532:6759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  353.963259][   T39] audit: type=1326 audit(1728721477.532:6760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  353.970775][   T39] audit: type=1326 audit(1728721477.532:6761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  353.976170][   T39] audit: type=1326 audit(1728721477.532:6762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  353.982480][   T39] audit: type=1326 audit(1728721477.532:6763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12315 comm="syz.3.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  354.482837][T12354] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  354.482837][T12354]    program syz.0.1977 not setting count and/or reply_len properly
[  354.691852][T12317] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  354.693907][T12317] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  354.721400][T12317] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  354.723231][T12317] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  354.790612][T12317] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  354.792312][T12317] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  355.229165][T12369] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1982'.
[  355.263364][T12384] FAULT_INJECTION: forcing a failure.
[  355.263364][T12384] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.267685][T12384] CPU: 1 UID: 0 PID: 12384 Comm: syz.2.1986 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  355.271532][T12384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  355.275167][T12384] Call Trace:
[  355.276287][T12384]  <TASK>
[  355.277290][T12384]  dump_stack_lvl+0x16c/0x1f0
[  355.278987][T12384]  should_fail_ex+0x497/0x5b0
[  355.280596][T12384]  _copy_to_user+0x30/0xc0
[  355.282126][T12384]  simple_read_from_buffer+0xd0/0x160
[  355.283936][T12384]  proc_fail_nth_read+0x198/0x270
[  355.285627][T12384]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  355.287495][T12384]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  355.289368][T12384]  vfs_read+0x1ce/0xbd0
[  355.290783][T12384]  ? __fget_files+0x23a/0x3f0
[  355.292351][T12384]  ? fdget_pos+0x24c/0x360
[  355.293838][T12384]  ? __pfx_lock_release+0x10/0x10
[  355.295539][T12384]  ? trace_lock_acquire+0x14a/0x1d0
[  355.297245][T12384]  ? __pfx_vfs_read+0x10/0x10
[  355.298825][T12384]  ? __pfx___mutex_lock+0x10/0x10
[  355.300517][T12384]  ? __fget_files+0x244/0x3f0
[  355.302119][T12384]  ksys_read+0x12f/0x260
[  355.303536][T12384]  ? __pfx_ksys_read+0x10/0x10
[  355.305140][T12384]  __do_fast_syscall_32+0x73/0x120
[  355.306873][T12384]  do_fast_syscall_32+0x32/0x80
[  355.308503][T12384]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  355.310618][T12384] RIP: 0023:0xf7f88579
[  355.311996][T12384] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  355.317798][T12384] RSP: 002b:00000000f57065a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  355.319988][T12384] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5706620
[  355.322080][T12384] RDX: 000000000000000f RSI: 00000000f740bff4 RDI: 0000000000000000
[  355.324121][T12384] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  355.326106][T12384] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  355.328108][T12384] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  355.330170][T12384]  </TASK>
[  355.331074][    C1] vkms_vblank_simulate: vblank timer overrun
[  355.376978][T12394] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1990'.
[  355.383256][T12394] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1990'.
[  355.441626][T12402] netlink: 'syz.2.1993': attribute type 10 has an invalid length.
[  355.444769][T12402] hsr0: entered promiscuous mode
[  355.447486][T12402] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  355.451793][T12402] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  355.454486][T12402] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  355.457611][T12402] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  355.864997][T12424] siw: device registration error -23
[  356.252853][T12430] siw: device registration error -23
[  356.409006][T12441] Cannot find set identified by id 0 to match
[  356.434290][T12443] loop9: detected capacity change from 0 to 7
[  356.448653][T12443]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  356.450941][T12443] loop9: partition table partially beyond EOD, truncated
[  356.453681][T12443] loop9: p1 size 1139518251 extends beyond EOD, truncated
[  356.632109][T12451] siw: device registration error -23
[  356.685898][T12453] netlink: 'syz.1.2010': attribute type 1 has an invalid length.
[  356.688433][T12453] netlink: 636 bytes leftover after parsing attributes in process `syz.1.2010'.
[  357.140302][T12456] netlink: 'syz.3.2011': attribute type 1 has an invalid length.
[  357.175901][T12456] bond1: entered promiscuous mode
[  357.193586][T12456] bond1: (slave veth3): Enslaving as an active interface with a down link
[  357.196290][T12456] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2011'.
[  357.201518][T12456] bond1 (unregistering): (slave veth3): Releasing active interface
[  357.208115][T12456] bond1 (unregistering): Released all slaves
[  357.247103][T12457] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2011'.
[  357.331845][T12467] FAULT_INJECTION: forcing a failure.
[  357.331845][T12467] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  357.335134][T12467] CPU: 2 UID: 0 PID: 12467 Comm: syz.2.2015 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  357.337846][T12467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  357.340565][T12467] Call Trace:
[  357.341425][T12467]  <TASK>
[  357.342209][T12467]  dump_stack_lvl+0x16c/0x1f0
[  357.343426][T12467]  should_fail_ex+0x497/0x5b0
[  357.344644][T12467]  _copy_from_iter+0x29b/0x13e0
[  357.345898][T12467]  ? __pfx__copy_from_iter+0x10/0x10
[  357.347255][T12467]  ? __virt_addr_valid+0x1a4/0x590
[  357.348570][T12467]  ? __virt_addr_valid+0x5e/0x590
[  357.349864][T12467]  ? __phys_addr_symbol+0x30/0x80
[  357.351167][T12467]  ? __check_object_size+0x488/0x710
[  357.352523][T12467]  file_tty_write.constprop.0+0x48d/0x9a0
[  357.353995][T12467]  vfs_write+0x6b5/0x1140
[  357.355109][T12467]  ? __pfx_tty_write+0x10/0x10
[  357.356340][T12467]  ? trace_lock_acquire+0x14a/0x1d0
[  357.357673][T12467]  ? __pfx_vfs_write+0x10/0x10
[  357.358925][T12467]  ? __fget_files+0x40/0x3f0
[  357.360140][T12467]  ksys_write+0x12f/0x260
[  357.361256][T12467]  ? __pfx_ksys_write+0x10/0x10
[  357.362523][T12467]  __do_fast_syscall_32+0x73/0x120
[  357.363843][T12467]  do_fast_syscall_32+0x32/0x80
[  357.365092][T12467]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  357.366712][T12467] RIP: 0023:0xf7f88579
[  357.367762][T12467] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  357.372632][T12467] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  357.374750][T12467] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002080
[  357.376754][T12467] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000
[  357.378778][T12467] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  357.380798][T12467] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  357.382836][T12467] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  357.384958][T12467]  </TASK>
[  357.401117][T12470] random: crng reseeded on system resumption
[  357.408257][T12470] 9pnet_fd: Insufficient options for proto=fd
[  358.483961][T12532] FAULT_INJECTION: forcing a failure.
[  358.483961][T12532] name failslab, interval 1, probability 0, space 0, times 0
[  358.486952][T12532] CPU: 1 UID: 0 PID: 12532 Comm: syz.0.2033 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  358.489503][T12532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.492108][T12532] Call Trace:
[  358.493035][T12532]  <TASK>
[  358.493769][T12532]  dump_stack_lvl+0x16c/0x1f0
[  358.494979][T12532]  should_fail_ex+0x497/0x5b0
[  358.496219][T12532]  ? fs_reclaim_acquire+0xae/0x150
[  358.497454][T12532]  should_failslab+0xc2/0x120
[  358.498603][T12532]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  358.499868][T12532]  ? __kernfs_new_node+0xd3/0x890
[  358.501195][T12532]  __kernfs_new_node+0xd3/0x890
[  358.502518][T12532]  ? __pfx___kernfs_new_node+0x10/0x10
[  358.503950][T12532]  ? __pfx_lock_release+0x10/0x10
[  358.505182][T12532]  ? kernfs_add_one+0x39d/0x520
[  358.506392][T12532]  ? up_write+0x1b2/0x520
[  358.507448][T12532]  kernfs_new_node+0x186/0x240
[  358.508656][T12532]  __kernfs_create_file+0x53/0x350
[  358.509979][T12532]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  358.511374][T12532]  internal_create_group+0x565/0xe50
[  358.512745][T12532]  ? __pfx_internal_create_group+0x10/0x10
[  358.514260][T12532]  ? kernfs_create_link+0x1bd/0x240
[  358.515603][T12532]  internal_create_groups+0x9d/0x150
[  358.516971][T12532]  device_add+0x6d3/0x1a70
[  358.518143][T12532]  ? __pfx_device_add+0x10/0x10
[  358.519404][T12532]  ? __init_waitqueue_head+0xca/0x150
[  358.520792][T12532]  netdev_register_kobject+0x187/0x3f0
[  358.522227][T12532]  register_netdevice+0x1473/0x1e20
[  358.523576][T12532]  ? __pfx_register_netdevice+0x10/0x10
[  358.525004][T12532]  ip6_tnl_create2+0x79/0xe0
[  358.526220][T12532]  ip6_tnl_newlink+0x1bf/0x380
[  358.527465][T12532]  ? __pfx_ip6_tnl_newlink+0x10/0x10
[  358.528829][T12532]  ? rtnl_create_link+0xa2e/0xf10
[  358.530144][T12532]  ? __pfx_ip6_tnl_newlink+0x10/0x10
[  358.531503][T12532]  __rtnl_newlink+0x119c/0x1920
[  358.532770][T12532]  ? __pfx___rtnl_newlink+0x10/0x10
[  358.534133][T12532]  rtnl_newlink+0x67/0xa0
[  358.535229][T12532]  ? __pfx_rtnl_newlink+0x10/0x10
[  358.536470][T12532]  rtnetlink_rcv_msg+0x3c7/0xea0
[  358.537776][T12532]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  358.539196][T12532]  ? __pfx___lock_acquire+0x10/0x10
[  358.540548][T12532]  netlink_rcv_skb+0x165/0x410
[  358.541946][T12532]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  358.543461][T12532]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  358.544954][T12532]  ? netlink_deliver_tap+0x1ae/0xcf0
[  358.546337][T12532]  netlink_unicast+0x53c/0x7f0
[  358.547585][T12532]  ? __pfx_netlink_unicast+0x10/0x10
[  358.548964][T12532]  ? __phys_addr_symbol+0x30/0x80
[  358.550281][T12532]  ? __check_object_size+0x488/0x710
[  358.551661][T12532]  netlink_sendmsg+0x8b8/0xd70
[  358.552906][T12532]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.554299][T12532]  ? lock_acquire+0x2f/0xb0
[  358.555497][T12532]  ____sys_sendmsg+0x9ae/0xb40
[  358.556743][T12532]  ? __pfx_____sys_sendmsg+0x10/0x10
[  358.558161][T12532]  ? get_compat_msghdr+0x11b/0x170
[  358.559529][T12532]  ? __pfx___lock_acquire+0x10/0x10
[  358.560880][T12532]  ___sys_sendmsg+0x135/0x1e0
[  358.562121][T12532]  ? __pfx____sys_sendmsg+0x10/0x10
[  358.563472][T12532]  ? lock_acquire+0x2f/0xb0
[  358.564655][T12532]  ? __fget_files+0x40/0x3f0
[  358.565862][T12532]  ? fdget+0x176/0x210
[  358.566938][T12532]  __sys_sendmsg+0x117/0x1f0
[  358.568146][T12532]  ? __pfx___sys_sendmsg+0x10/0x10
[  358.569478][T12532]  ? __fget_files+0x244/0x3f0
[  358.570717][T12532]  __do_fast_syscall_32+0x73/0x120
[  358.572037][T12532]  do_fast_syscall_32+0x32/0x80
[  358.573292][T12532]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.574912][T12532] RIP: 0023:0xf7fb3579
[  358.575962][T12532] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  358.580828][T12532] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  358.582987][T12532] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[  358.585014][T12532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  358.587024][T12532] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.589035][T12532] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  358.591057][T12532] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.593072][T12532]  </TASK>
[  358.594004][    C1] vkms_vblank_simulate: vblank timer overrun
[  358.630823][T12538] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2035'.
[  359.649532][T12562] FAULT_INJECTION: forcing a failure.
[  359.649532][T12562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  359.653076][T12562] CPU: 3 UID: 0 PID: 12562 Comm: syz.3.2042 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  359.656083][T12562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  359.658802][T12562] Call Trace:
[  359.659638][T12562]  <TASK>
[  359.660382][T12562]  dump_stack_lvl+0x16c/0x1f0
[  359.661559][T12562]  should_fail_ex+0x497/0x5b0
[  359.662731][T12562]  _copy_to_user+0x30/0xc0
[  359.663749][T12562]  simple_read_from_buffer+0xd0/0x160
[  359.665056][T12562]  proc_fail_nth_read+0x198/0x270
[  359.666227][T12562]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  359.667643][T12562]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  359.669102][T12562]  vfs_read+0x1ce/0xbd0
[  359.670200][T12562]  ? __fget_files+0x23a/0x3f0
[  359.671432][T12562]  ? fdget_pos+0x24c/0x360
[  359.672582][T12562]  ? __pfx_lock_release+0x10/0x10
[  359.673891][T12562]  ? trace_lock_acquire+0x14a/0x1d0
[  359.675257][T12562]  ? __pfx_vfs_read+0x10/0x10
[  359.676471][T12562]  ? __pfx___mutex_lock+0x10/0x10
[  359.677757][T12562]  ? __fget_files+0x244/0x3f0
[  359.678987][T12562]  ksys_read+0x12f/0x260
[  359.680260][T12562]  ? __pfx_ksys_read+0x10/0x10
[  359.681508][T12562]  __do_fast_syscall_32+0x73/0x120
[  359.682839][T12562]  do_fast_syscall_32+0x32/0x80
[  359.684095][T12562]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  359.685727][T12562] RIP: 0023:0xf7f0f579
[  359.686801][T12562] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  359.691754][T12562] RSP: 002b:00000000f56965a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  359.693887][T12562] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5696620
[  359.695928][T12562] RDX: 000000000000000f RSI: 00000000f739bff4 RDI: 0000000000000000
[  359.697915][T12562] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  359.699887][T12562] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  359.701876][T12562] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  359.703864][T12562]  </TASK>
[  360.461212][T12584] vivid-007: disconnect
[  360.798140][T12587] netlink: 'syz.2.2049': attribute type 1 has an invalid length.
[  360.800838][T12587] netlink: 157116 bytes leftover after parsing attributes in process `syz.2.2049'.
[  360.803668][T12587] nbd: couldn't find device at index 16
[  361.157650][T12579] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2047'.
[  361.583911][T12606] netlink: 'syz.2.2053': attribute type 10 has an invalid length.
[  361.585979][T12606] ipvlan1: entered promiscuous mode
[  361.595365][T12606] team0: Device ipvlan1 failed to register rx_handler
[  361.608079][T12606] autofs: Bad value for 'fd'
[  361.625021][   T39] kauditd_printk_skb: 483 callbacks suppressed
[  361.625032][   T39] audit: type=1804 audit(1728721485.249:7247): pid=12606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2053" name="/newroot/132/bus/bus" dev="overlay" ino=753 res=1 errno=0
[  361.654343][T12610] bridge_slave_1: left allmulticast mode
[  361.656209][T12610] bridge_slave_1: left promiscuous mode
[  361.658166][T12610] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.892586][T12613] A link change request failed with some changes committed already. Interface vxcan1 may have been left with an inconsistent configuration, please check.
[  361.923094][T12615] netlink: 'syz.2.2057': attribute type 10 has an invalid length.
[  361.986484][T12617] overlay: filesystem on ./bus not supported
[  362.240738][T12639] FAULT_INJECTION: forcing a failure.
[  362.240738][T12639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  362.247808][T12639] CPU: 3 UID: 0 PID: 12639 Comm: syz.3.2066 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  362.250542][T12639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  362.253266][T12639] Call Trace:
[  362.254136][T12639]  <TASK>
[  362.254897][T12639]  dump_stack_lvl+0x16c/0x1f0
[  362.256118][T12639]  should_fail_ex+0x497/0x5b0
[  362.257339][T12639]  _copy_to_user+0x30/0xc0
[  362.258496][T12639]  simple_read_from_buffer+0xd0/0x160
[  362.259875][T12639]  proc_fail_nth_read+0x198/0x270
[  362.261167][T12639]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  362.262602][T12639]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  362.264012][T12639]  vfs_read+0x1ce/0xbd0
[  362.265083][T12639]  ? __fget_files+0x23a/0x3f0
[  362.266296][T12639]  ? fdget_pos+0x24c/0x360
[  362.267445][T12639]  ? __pfx_lock_release+0x10/0x10
[  362.268742][T12639]  ? trace_lock_acquire+0x14a/0x1d0
[  362.270268][T12639]  ? __pfx_vfs_read+0x10/0x10
[  362.271559][T12639]  ? __pfx___mutex_lock+0x10/0x10
[  362.272853][T12639]  ? __fget_files+0x244/0x3f0
[  362.274077][T12639]  ksys_read+0x12f/0x260
[  362.275174][T12639]  ? __pfx_ksys_read+0x10/0x10
[  362.276415][T12639]  __do_fast_syscall_32+0x73/0x120
[  362.277729][T12639]  do_fast_syscall_32+0x32/0x80
[  362.278976][T12639]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  362.280595][T12639] RIP: 0023:0xf7f0f579
[  362.281663][T12639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  362.286540][T12639] RSP: 002b:00000000f56965a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  362.288662][T12639] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5696620
[  362.290671][T12639] RDX: 000000000000000f RSI: 00000000f739bff4 RDI: 0000000000000000
[  362.292678][T12639] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  362.294674][T12639] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  362.296678][T12639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  362.298701][T12639]  </TASK>
[  362.322630][T12642] overlay: filesystem on ./bus not supported
[  362.468870][T12651] openvswitch: netlink: Missing key (keys=40, expected=100)
[  362.472296][T12651] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2071'.
[  362.475098][T12651] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  362.477303][T12651] batman_adv: batadv0: Removing interface: batadv_slave_0
[  362.483988][T12651] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  362.486057][T12651] batman_adv: batadv0: Removing interface: batadv_slave_1
[  362.690641][T12654] input: syz1 as /devices/virtual/input/input77
[  362.715823][T12654] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2072'.
[  364.274537][T12669] sp0: Synchronizing with TNC
[  364.656481][T12677] : entered promiscuous mode
[  364.720066][T12681] ubi0: attaching mtd0
[  364.725677][T12681] ubi0: scanning is finished
[  364.729250][T12681] ubi0: empty MTD device detected
[  364.766225][T12681] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  364.771443][T12681] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  364.775509][T12681] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  364.777399][T12681] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  364.779630][T12681] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  364.781715][T12681] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  364.783830][T12681] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2213168261
[  364.786824][T12681] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  364.794395][T12682] ubi0: background thread "ubi_bgt0d" started, PID 12682
[  364.875287][T12689] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2083'.
[  364.894795][T12687] overlay: ./bus is not a directory
[  364.897782][T12687] FAULT_INJECTION: forcing a failure.
[  364.897782][T12687] name failslab, interval 1, probability 0, space 0, times 0
[  364.906412][T12687] CPU: 0 UID: 0 PID: 12687 Comm: syz.0.2082 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  364.910038][T12687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  364.912783][T12687] Call Trace:
[  364.913654][T12687]  <TASK>
[  364.914432][T12687]  dump_stack_lvl+0x16c/0x1f0
[  364.915706][T12687]  should_fail_ex+0x497/0x5b0
[  364.916937][T12687]  ? fs_reclaim_acquire+0xae/0x150
[  364.918287][T12687]  should_failslab+0xc2/0x120
[  364.919511][T12687]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  364.920916][T12687]  ? p9_tag_alloc+0x9c/0x870
[  364.922155][T12687]  p9_tag_alloc+0x9c/0x870
[  364.923326][T12687]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  364.924846][T12687]  ? __pfx_p9_tag_alloc+0x10/0x10
[  364.926217][T12687]  ? hlock_class+0x4e/0x130
[  364.927402][T12687]  ? __lock_acquire+0x163e/0x3ce0
[  364.928720][T12687]  p9_client_prepare_req+0x19f/0x4d0
[  364.930450][T12687]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  364.931974][T12687]  ? hlock_class+0x4e/0x130
[  364.933162][T12687]  ? mark_lock+0xb5/0xc60
[  364.934315][T12687]  ? __pfx___lock_acquire+0x10/0x10
[  364.935732][T12687]  p9_client_rpc+0x1c3/0xc10
[  364.936926][T12687]  ? __pfx_p9_client_rpc+0x10/0x10
[  364.938245][T12687]  ? find_held_lock+0x2d/0x110
[  364.939432][T12687]  ? p9_fid_create+0x26a/0x470
[  364.940643][T12687]  ? __pfx_lock_release+0x10/0x10
[  364.941950][T12687]  ? mark_held_locks+0x9f/0xe0
[  364.943165][T12687]  ? trace_9p_fid_ref+0x174/0x1f0
[  364.944450][T12687]  p9_client_walk+0x1ad/0x540
[  364.945726][T12687]  ? __pfx_p9_client_walk+0x10/0x10
[  364.947527][T12687]  ? v9fs_fid_lookup+0xe9/0xec0
[  364.948806][T12687]  v9fs_create+0x196/0x640
[  364.949976][T12687]  ? __pfx_v9fs_create+0x10/0x10
[  364.951213][T12687]  ? map_id_up+0x290/0x370
[  364.952368][T12687]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  364.953891][T12687]  v9fs_vfs_atomic_open+0x29d/0x930
[  364.955224][T12687]  ? generic_permission+0x22a/0x680
[  364.956555][T12687]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[  364.957995][T12687]  ? security_inode_permission+0xbf/0x260
[  364.959424][T12687]  ? inode_permission+0xdd/0x5f0
[  364.960675][T12687]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[  364.962138][T12687]  lookup_open.isra.0+0xc9f/0x14c0
[  364.963432][T12687]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  364.964830][T12687]  ? rcu_is_watching+0x12/0xc0
[  364.966279][T12687]  ? lock_acquire+0x2f/0xb0
[  364.967801][T12687]  ? path_openat+0x153e/0x2d60
[  364.968999][T12687]  ? __pfx_down_write+0x10/0x10
[  364.970250][T12687]  ? mnt_get_write_access+0x20c/0x300
[  364.971610][T12687]  path_openat+0x904/0x2d60
[  364.972778][T12687]  ? __pfx_path_openat+0x10/0x10
[  364.974035][T12687]  ? __pfx___lock_acquire+0x10/0x10
[  364.975340][T12687]  do_filp_open+0x1dc/0x430
[  364.976672][T12687]  ? __pfx_do_filp_open+0x10/0x10
[  364.977958][T12687]  ? find_held_lock+0x2d/0x110
[  364.979244][T12687]  ? _raw_spin_unlock+0x28/0x50
[  364.980473][T12687]  ? alloc_fd+0x2d7/0x6c0
[  364.981577][T12687]  do_sys_openat2+0x17a/0x1e0
[  364.982799][T12687]  ? __pfx_do_sys_openat2+0x10/0x10
[  364.984127][T12687]  ? __fget_files+0x244/0x3f0
[  364.985306][T12687]  __ia32_compat_sys_openat+0x16e/0x210
[  364.987164][T12687]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  364.988816][T12687]  ? ksys_write+0x1ad/0x260
[  364.990005][T12687]  __do_fast_syscall_32+0x73/0x120
[  364.991305][T12687]  do_fast_syscall_32+0x32/0x80
[  364.992536][T12687]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  364.994134][T12687] RIP: 0023:0xf7fb3579
[  364.995155][T12687] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  364.999999][T12687] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  365.002142][T12687] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000040
[  365.004132][T12687] RDX: 000000000000275a RSI: 0000000000000000 RDI: 0000000000000000
[  365.006345][T12687] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  365.008687][T12687] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  365.010673][T12687] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  365.012643][T12687]  </TASK>
[  365.228003][T12704] fuse: Unknown parameter 'Ú:ÂFÝS¿á)9ÍÕ¢œ*;¶ÊÍ77M^uÆ·ÖÙ7 Ë]G…¥:d•FÐ:ç]ò#ù´qáîlF(WöM‘/Täê¨t{ÉoZ†N‰AJÚqÖê߯�ÎgjöÍÚݽ+Ж´„>¾ î¥0¾�T×÷Í`š´¼äôS07s90ƒÐ�q£�ÁgÅ’¶.93i¦ÜòÀW”�ñÝ'
[  365.238023][ T5351] block nbd0: Wrong magic (0x28000000)
[  365.905251][T12694] block nbd0: shutting down sockets
[  366.056576][T12718] syz.0.2091: vmalloc error: size 1842069504, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  366.062668][T12718] CPU: 0 UID: 0 PID: 12718 Comm: syz.0.2091 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  366.066325][T12718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  366.070062][T12718] Call Trace:
[  366.070966][T12718]  <TASK>
[  366.071969][T12718]  dump_stack_lvl+0x16c/0x1f0
[  366.073196][T12718]  warn_alloc+0x24d/0x3a0
[  366.074370][T12718]  ? __pfx_warn_alloc+0x10/0x10
[  366.075637][T12718]  ? __pfx_stack_trace_save+0x10/0x10
[  366.077295][T12718]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  366.079139][T12718]  ? kasan_save_stack+0x42/0x60
[  366.080788][T12718]  ? kasan_save_stack+0x33/0x60
[  366.082250][T12718]  ? kasan_save_track+0x14/0x30
[  366.083894][T12718]  ? __kasan_kmalloc+0xaa/0xb0
[  366.085499][T12718]  ? vb2_vmalloc_alloc+0xe2/0x3d0
[  366.087181][T12718]  ? vb2_core_create_bufs+0x558/0xab0
[  366.088979][T12718]  ? vb2_create_bufs+0x566/0x780
[  366.090655][T12718]  ? vb2_ioctl_create_bufs+0x244/0x3e0
[  366.092508][T12718]  __vmalloc_node_range_noprof+0x11a7/0x15a0
[  366.094552][T12718]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  366.096275][T12718]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  366.098406][T12718]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  366.100145][T12718]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  366.102002][T12718]  vmalloc_user_noprof+0x6b/0x90
[  366.103669][T12718]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  366.105391][T12718]  vb2_vmalloc_alloc+0x11e/0x3d0
[  366.107068][T12718]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  366.108883][T12718]  __vb2_queue_alloc+0x896/0x1230
[  366.110597][T12718]  ? vbi_out_queue_setup+0x1e3/0x2b0
[  366.112422][T12718]  vb2_core_create_bufs+0x558/0xab0
[  366.114211][T12718]  ? __pfx_vbi_out_queue_setup+0x10/0x10
[  366.116109][T12718]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  366.118025][T12718]  ? __pfx_mark_lock+0x10/0x10
[  366.119646][T12718]  ? __pfx_mark_lock+0x10/0x10
[  366.121281][T12718]  vb2_create_bufs+0x566/0x780
[  366.122922][T12718]  ? __pfx_vb2_create_bufs+0x10/0x10
[  366.124713][T12718]  ? irqentry_exit+0x3b/0x90
[  366.126297][T12718]  ? lockdep_hardirqs_on+0x7c/0x110
[  366.128057][T12718]  vb2_ioctl_create_bufs+0x244/0x3e0
[  366.129859][T12718]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  366.131868][T12718]  vidioc_create_bufs+0x7d/0xf0
[  366.133514][T12718]  v4l_create_bufs+0x198/0x270
[  366.135149][T12718]  __video_do_ioctl+0xaf0/0xf00
[  366.136806][T12718]  ? __pfx___video_do_ioctl+0x10/0x10
[  366.138609][T12718]  ? trace_kmalloc+0x2d/0xe0
[  366.140198][T12718]  ? __kmalloc_noprof+0x207/0x410
[  366.141981][T12718]  video_usercopy+0x426/0x1500
[  366.143726][T12718]  ? __pfx___video_do_ioctl+0x10/0x10
[  366.145574][T12718]  ? __pfx_video_usercopy+0x10/0x10
[  366.147417][T12718]  v4l2_ioctl+0x1ba/0x250
[  366.148964][T12718]  v4l2_compat_ioctl32+0x214/0x2c0
[  366.150706][T12718]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  366.152589][T12718]  __do_compat_sys_ioctl+0x259/0x2b0
[  366.154384][T12718]  __do_fast_syscall_32+0x73/0x120
[  366.156119][T12718]  do_fast_syscall_32+0x32/0x80
[  366.157764][T12718]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  366.159896][T12718] RIP: 0023:0xf7fb3579
[  366.161286][T12718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  366.170111][T12718] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  366.170138][T12718] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0f8565c
[  366.170146][T12718] RDX: 00000000200002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  366.170153][T12718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  366.170160][T12718] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  366.170167][T12718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  366.170182][T12718]  </TASK>
[  366.179678][T12718] Mem-Info:
[  366.179750][T12718] active_anon:3195 inactive_anon:4216 isolated_anon:0
[  366.179750][T12718]  active_file:10488 inactive_file:28885 isolated_file:0
[  366.179750][T12718]  unevictable:2 dirty:561 writeback:0
[  366.179750][T12718]  slab_reclaimable:5164 slab_unreclaimable:61842
[  366.179750][T12718]  mapped:24854 shmem:4983 pagetables:640
[  366.179750][T12718]  sec_pagetables:334 bounce:0
[  366.179750][T12718]  kernel_misc_reclaimable:0
[  366.179750][T12718]  free:60000 free_pcp:5208 free_cma:0
[  366.179845][T12718] Node 0 active_anon:0kB inactive_anon:1736kB active_file:8kB inactive_file:0kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:1616kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9800kB pagetables:1428kB sec_pagetables:1264kB all_unreclaimable? no
[  366.179886][T12718] Node 1 active_anon:12832kB inactive_anon:15128kB active_file:41944kB inactive_file:115540kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:97800kB dirty:2244kB writeback:0kB shmem:18396kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3052kB pagetables:1132kB sec_pagetables:72kB all_unreclaimable? no
[  366.179988][T12718] Node 0 DMA free:932kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:92kB local_pcp:8kB free_cma:0kB
[  366.180175][T12718] lowmem_reserve[]: 0 273 0 0 0
[  366.180272][T12718] Node 0 DMA32 free:21316kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:0kB inactive_anon:1732kB active_file:8kB inactive_file:0kB unevictable:4kB writepending:0kB present:1032196kB managed:306280kB mlocked:0kB bounce:0kB free_pcp:3952kB local_pcp:376kB free_cma:0kB
[  366.180353][T12718] lowmem_reserve[]: 0 0 0 0 0
[  366.180390][T12718] Node 1 DMA32 free:217752kB boost:8192kB min:55336kB low:67120kB high:78904kB reserved_highatomic:0KB active_anon:12832kB inactive_anon:15128kB active_file:41944kB inactive_file:115540kB unevictable:4kB writepending:2244kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:16684kB local_pcp:1336kB free_cma:0kB
[  366.180483][T12718] lowmem_reserve[]: 0 0 0 0 0
[  366.180518][T12718] Node 0 DMA: 65*4kB (U) 12*8kB (U) 10*16kB (U) 13*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 932kB
[  366.181408][T12718] Node 0 DMA32: 622*4kB (UMH) 290*8kB (UMEH) 34*16kB (UEH) 30*32kB (UH) 51*64kB (UMEH) 24*128kB (UMEH) 10*256kB (UM) 3*512kB (UM) 0*1024kB 2*2048kB (U) 0*4096kB = 20840kB
[  366.182200][T12718] Node 1 DMA32: 747*4kB (UME) 622*8kB (UM) 334*16kB (UME) 147*32kB (UME) 206*64kB (UME) 127*128kB (UM) 107*256kB (UME) 73*512kB (UME) 41*1024kB (UME) 15*2048kB (UME) 8*4096kB (UM) = 217692kB
[  366.261871][T12718] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  366.264400][T12718] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  366.266749][T12718] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  366.269247][T12718] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  366.271643][T12718] 44900 total pagecache pages
[  366.272866][T12718] 548 pages in swap cache
[  366.274000][T12718] Free swap  = 114900kB
[  366.275093][T12718] Total swap = 124996kB
[  366.276343][T12718] 524155 pages RAM
[  366.277727][T12718] 0 pages HighMem/MovableOnly
[  366.279561][T12718] 206682 pages reserved
[  366.281116][T12718] 0 pages cma reserved
[  366.423954][T12724] input: syz0 as /devices/virtual/input/input79
[  366.971866][T12733] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2096'.
[  367.029215][T12730] batman_adv: batadv1: Interface deactivated: netdevsim0
[  367.031150][T12730] batman_adv: batadv1: Removing interface: netdevsim0
[  368.279205][    C3] Illegal XDP return value 16128 on prog  (id 339) dev bond_slave_0, expect packet loss!
[  369.206951][T11362] Bluetooth: hci6: Frame reassembly failed (-84)
[  369.211977][T11362] Bluetooth: hci6: Frame reassembly failed (-84)
[  369.471562][T12781] lo speed is unknown, defaulting to 1000
[  370.558061][T12789] netlink: 'syz.3.2109': attribute type 1 has an invalid length.
[  370.586391][T12789] 8021q: adding VLAN 0 to HW filter on device bond2
[  370.589672][T12789] bond1: (slave bond2): making interface the new active one
[  370.591754][T12789] bond1: (slave bond2): Enslaving as an active interface with an up link
[  370.769468][T12795] usb usb9: usbfs: process 12795 (syz.3.2111) did not claim interface 0 before use
[  370.801396][T12795] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  370.811709][T12795] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  370.820559][T12795] kvm: requested 95542 ns i8254 timer period limited to 200000 ns
[  370.824037][T12795] kvm: requested 82971 ns i8254 timer period limited to 200000 ns
[  370.827219][T12795] kvm: requested 96381 ns i8254 timer period limited to 200000 ns
[  370.830855][T12795] kvm: requested 90514 ns i8254 timer period limited to 200000 ns
[  370.833906][T12795] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  370.836788][T12795] kvm: requested 84647 ns i8254 timer period limited to 200000 ns
[  370.841772][T12795] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  370.844595][T12795] kvm: requested 85485 ns i8254 timer period limited to 200000 ns
[  371.239187][ T5354] Bluetooth: hci6: command 0x1003 tx timeout
[  371.240034][ T5351] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  371.353902][T12811] af_packet: tpacket_rcv: packet too big, clamped from 65007 to 3966. macoff=82
[  371.819203][T12814] lo speed is unknown, defaulting to 1000
[  372.332721][ T5354] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  372.336905][ T5354] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  372.349625][ T5354] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  372.362163][ T5354] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  372.365672][ T5354] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  372.369163][ T5354] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  372.374627][ T5351] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  372.377842][ T5351] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  372.381588][ T5351] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  372.384473][ T5351] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  372.388773][ T5351] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  372.391113][ T5351] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  372.412727][T12824] lo speed is unknown, defaulting to 1000
[  372.502162][T12824] chnl_net:caif_netlink_parms(): no params data found
[  372.576541][T11362] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.650296][T12824] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.653089][T12824] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.656222][T12824] bridge_slave_0: entered allmulticast mode
[  372.661773][T12824] bridge_slave_0: entered promiscuous mode
[  372.690733][T11362] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.697439][T12824] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.700631][T12824] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.703099][T12824] bridge_slave_1: entered allmulticast mode
[  372.707989][T12824] bridge_slave_1: entered promiscuous mode
[  372.728880][T12824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  372.732450][T12824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  372.763503][T12824] team0: Port device team_slave_0 added
[  372.781724][T11362] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.795759][T12824] team0: Port device team_slave_1 added
[  372.816302][T12824] batman_adv: batadv0: Adding interface: batadv_slave_0
[  372.818264][T12824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.826022][T12824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  372.829954][T12824] batman_adv: batadv0: Adding interface: batadv_slave_1
[  372.831832][T12824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.838427][T12824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  372.871576][T11362] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.877938][T12824] hsr_slave_0: entered promiscuous mode
[  372.879965][T12824] hsr_slave_1: entered promiscuous mode
[  372.881943][T12824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  372.883878][T12824] Cannot create hsr debugfs directory
[  373.019666][T11362] bond1: left allmulticast mode
[  373.021035][T11362] bond1: left promiscuous mode
[  373.022477][T11362] bridge0: port 3(bond1) entered disabled state
[  373.026461][T11362] bridge_slave_1: left allmulticast mode
[  373.027958][T11362] bridge_slave_1: left promiscuous mode
[  373.033316][T11362] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.043468][T11362] bridge_slave_0: left allmulticast mode
[  373.044939][T11362] bridge_slave_0: left promiscuous mode
[  373.046633][T11362] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.198794][T11362] dvmrp8 (unregistering): left allmulticast mode
[  373.218959][T11362] dvmrp0 (unregistering): left allmulticast mode
[  373.484288][T11362] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  373.489379][T11362] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  373.492949][T11362] bond0 (unregistering): Released all slaves
[  373.497177][T11362] bond1 (unregistering): Released all slaves
[  373.503180][T11362] bond2 (unregistering): (slave bond3): Releasing backup interface
[  373.506796][T11362] bond2 (unregistering): Released all slaves
[  373.598210][T11362] bond3 (unregistering): Released all slaves
[  373.693825][T11362] : left promiscuous mode
[  374.078326][T12824] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  374.082680][T12824] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  374.086051][T12824] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  374.102601][T12824] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  374.203483][T12824] 8021q: adding VLAN 0 to HW filter on device bond0
[  374.209534][T12824] 8021q: adding VLAN 0 to HW filter on device team0
[  374.217051][T11370] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.218987][T11370] bridge0: port 1(bridge_slave_0) entered forwarding state
[  374.221653][T11370] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.223473][T11370] bridge0: port 2(bridge_slave_1) entered forwarding state
[  374.280680][T11362] hsr_slave_0: left promiscuous mode
[  374.283365][T11362] hsr_slave_1: left promiscuous mode
[  374.285405][T11362] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  374.287326][T11362] batman_adv: batadv0: Removing interface: batadv_slave_0
[  374.294156][T11362] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  374.296142][T11362] batman_adv: batadv0: Removing interface: batadv_slave_1
[  374.337327][T11362] veth1_macvtap: left promiscuous mode
[  374.342697][T11362] veth0_macvtap: left promiscuous mode
[  374.344248][T11362] veth1_vlan: left promiscuous mode
[  374.345645][T11362] veth0_vlan: left promiscuous mode
[  374.440458][ T5354] Bluetooth: hci5: command tx timeout
[  375.213360][T11362] team0 (unregistering): Port device team_slave_1 removed
[  375.308384][T11362] team0 (unregistering): Port device team_slave_0 removed
[  375.953614][T12866] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2128'.
[  375.983665][T12883] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2129'.
[  376.051099][T12824] 8021q: adding VLAN 0 to HW filter on device batadv0
[  376.069278][T12824] veth0_vlan: entered promiscuous mode
[  376.073071][T12824] veth1_vlan: entered promiscuous mode
[  376.086675][T12824] veth0_macvtap: entered promiscuous mode
[  376.089604][T12824] veth1_macvtap: entered promiscuous mode
[  376.095101][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  376.097793][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.100881][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  376.103570][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.106619][T12824] batman_adv: batadv0: Interface activated: batadv_slave_0
[  376.110717][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.113405][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.115914][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.119745][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.123426][T12824] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.127977][T12824] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  376.130802][T12824] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  376.133040][T12824] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  376.135273][T12824] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.198254][T11377] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.201203][T11377] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.228319][T11368] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.231381][T11368] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.388949][T12895] lo speed is unknown, defaulting to 1000
[  376.508593][ T5354] Bluetooth: hci5: command tx timeout
[  376.628963][T12901] random: crng reseeded on system resumption
[  377.345605][T12910] FAULT_INJECTION: forcing a failure.
[  377.345605][T12910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  377.352769][T12910] CPU: 3 UID: 0 PID: 12910 Comm: syz.1.2135 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  377.355725][T12910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  377.358609][T12910] Call Trace:
[  377.359560][T12910]  <TASK>
[  377.360343][T12910]  dump_stack_lvl+0x16c/0x1f0
[  377.361580][T12910]  should_fail_ex+0x497/0x5b0
[  377.362900][T12910]  _copy_from_user+0x30/0xf0
[  377.364101][T12910]  get_compat_msghdr+0xa8/0x170
[  377.365358][T12910]  ? __pfx_get_compat_msghdr+0x10/0x10
[  377.366741][T12910]  ? find_held_lock+0x2d/0x110
[  377.367997][T12910]  ___sys_recvmsg+0x193/0x1a0
[  377.369246][T12910]  ? __pfx____sys_recvmsg+0x10/0x10
[  377.370613][T12910]  ? lock_acquire+0x2f/0xb0
[  377.371799][T12910]  ? __fget_files+0x40/0x3f0
[  377.373005][T12910]  ? __pfx___might_resched+0x10/0x10
[  377.374375][T12910]  ? fdget+0x176/0x210
[  377.375444][T12910]  do_recvmmsg+0x51a/0x750
[  377.376697][T12910]  ? __pfx_do_recvmmsg+0x10/0x10
[  377.378102][T12910]  ? __pfx_lock_release+0x10/0x10
[  377.379414][T12910]  ? vfs_write+0x14d/0x1140
[  377.380604][T12910]  ? __fget_files+0x244/0x3f0
[  377.381842][T12910]  __sys_recvmmsg+0x21e/0x280
[  377.383066][T12910]  ? __pfx___sys_recvmmsg+0x10/0x10
[  377.384414][T12910]  ? __pfx_ksys_write+0x10/0x10
[  377.385692][T12910]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  377.387397][T12910]  ? lockdep_hardirqs_on+0x7c/0x110
[  377.388772][T12910]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  377.390517][T12910]  __do_fast_syscall_32+0x73/0x120
[  377.391884][T12910]  do_fast_syscall_32+0x32/0x80
[  377.393191][T12910]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  377.394894][T12910] RIP: 0023:0xf7f16579
[  377.396037][T12910] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  377.401419][T12910] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  377.403588][T12910] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000500
[  377.405625][T12910] RDX: 0000000004000359 RSI: 0000000000000000 RDI: 0000000000000000
[  377.407669][T12910] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  377.409709][T12910] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  377.411724][T12910] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  377.413817][T12910]  </TASK>
[  377.533610][ T5405] IPVS: starting estimator thread 0...
[  377.628764][T12914] IPVS: using max 34 ests per chain, 81600 per kthread
[  378.029291][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  378.289602][T12920] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2138'.
[  378.296246][T12920] input: syz0 as /devices/virtual/input/input80
[  378.356530][T12923] tipc: Started in network mode
[  378.357860][T12923] tipc: Node identity dea8137c8c3f, cluster identity 4711
[  378.362692][T12923] tipc: Enabled bearer <eth:xfrm0>, priority 10
[  378.403917][T12928] xt_hashlimit: max too large, truncated to 1048576
[  378.405891][T12928] xt_hashlimit: overflow, try lower: 0/0
[  378.409084][T12928] netlink: 'syz.2.2140': attribute type 8 has an invalid length.
[  378.598724][ T5354] Bluetooth: hci5: command tx timeout
[  378.658636][   T35] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  378.808598][   T35] usb 7-1: Using ep0 maxpacket: 32
[  378.811221][   T35] usb 7-1: config 0 has no interfaces?
[  378.812709][   T35] usb 7-1: New USB device found, idVendor=1b96, idProduct=9f0a, bcdDevice= 0.15
[  378.818600][   T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.821523][   T35] usb 7-1: config 0 descriptor??
[  379.320668][T12954] FAULT_INJECTION: forcing a failure.
[  379.320668][T12954] name failslab, interval 1, probability 0, space 0, times 0
[  379.323894][T12954] CPU: 1 UID: 0 PID: 12954 Comm: syz.3.2149 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  379.326864][T12954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  379.330588][T12954] Call Trace:
[  379.331632][T12954]  <TASK>
[  379.332562][T12954]  dump_stack_lvl+0x16c/0x1f0
[  379.333920][T12954]  should_fail_ex+0x497/0x5b0
[  379.334989][T12954]  ? fs_reclaim_acquire+0xae/0x150
[  379.336338][T12954]  should_failslab+0xc2/0x120
[  379.337744][T12954]  kmem_cache_alloc_node_noprof+0x71/0x310
[  379.339592][T12954]  ? __alloc_skb+0x2b3/0x380
[  379.341017][T12954]  __alloc_skb+0x2b3/0x380
[  379.342346][T12954]  ? __pfx___alloc_skb+0x10/0x10
[  379.343838][T12954]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  379.345345][T12954]  netlink_ack+0x164/0xb20
[  379.346647][T12954]  netlink_rcv_skb+0x327/0x410
[  379.348035][T12954]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  379.349678][T12954]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  379.351348][T12954]  ? netlink_deliver_tap+0x1ae/0xcf0
[  379.353126][T12954]  netlink_unicast+0x53c/0x7f0
[  379.354637][T12954]  ? __pfx_netlink_unicast+0x10/0x10
[  379.356362][T12954]  ? __phys_addr_symbol+0x30/0x80
[  379.357856][T12954]  ? __check_object_size+0x488/0x710
[  379.359475][T12954]  netlink_sendmsg+0x8b8/0xd70
[  379.361006][T12954]  ? __pfx_netlink_sendmsg+0x10/0x10
[  379.362783][T12954]  ? lock_acquire+0x2f/0xb0
[  379.364197][T12954]  ____sys_sendmsg+0x9ae/0xb40
[  379.365402][T12954]  ? __pfx_____sys_sendmsg+0x10/0x10
[  379.366876][T12954]  ? get_compat_msghdr+0x11b/0x170
[  379.368488][T12954]  ? __pfx___lock_acquire+0x10/0x10
[  379.370263][T12954]  ___sys_sendmsg+0x135/0x1e0
[  379.371893][T12954]  ? __pfx____sys_sendmsg+0x10/0x10
[  379.373705][T12954]  ? lock_acquire+0x2f/0xb0
[  379.375289][T12954]  ? __fget_files+0x40/0x3f0
[  379.376886][T12954]  ? fdget+0x176/0x210
[  379.378248][T12954]  __sys_sendmsg+0x117/0x1f0
[  379.379779][T12954]  ? __pfx___sys_sendmsg+0x10/0x10
[  379.381795][T12954]  ? __fget_files+0x244/0x3f0
[  379.383417][T12954]  __do_fast_syscall_32+0x73/0x120
[  379.385081][T12954]  do_fast_syscall_32+0x32/0x80
[  379.386708][T12954]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  379.387885][T12947] netlink: 'syz.1.2147': attribute type 20 has an invalid length.
[  379.388762][T12954] RIP: 0023:0xf7f0f579
[  379.388778][T12954] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  379.388792][T12954] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  379.400067][T12954] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200
[  379.402256][T12954] RDX: 0000000000008050 RSI: 0000000000000000 RDI: 0000000000000000
[  379.404824][T12954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  379.407231][T12954] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  379.409768][T12954] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  379.411708][T12954]  </TASK>
usb_generic_handle_packet: ctrl buffer too small (16384 > 4096)
[  379.480532][   T35] tipc: Node number set to 1385632636
[  379.584172][T12961] IPVS: length: 20 != 8
[  380.669194][ T5351] Bluetooth: hci5: command tx timeout
[  381.137945][T12977] mac80211_hwsim hwsim26 wlan0: entered promiscuous mode
[  381.142266][T12977] macsec1: entered allmulticast mode
[  381.144527][T12977] mac80211_hwsim hwsim26 wlan0: entered allmulticast mode
[  381.148357][T12977] mac80211_hwsim hwsim26 wlan0: left allmulticast mode
[  381.151240][T12977] mac80211_hwsim hwsim26 wlan0: left promiscuous mode
[  381.283559][T12980] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2157'.
[  381.335760][T12987] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2159'.
[  381.404618][ T5703] usb 7-1: USB disconnect, device number 10
[  382.748599][ T5351] Bluetooth: hci5: command 0x0405 tx timeout
[  383.050949][T13028] netlink: 1008 bytes leftover after parsing attributes in process `syz.3.2170'.
[  383.679699][T13038] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  383.685053][T13038] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  383.688229][T13038] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  383.765381][T13038] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  383.768322][T13038] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  383.771139][T13038] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  383.790924][T13036] lo speed is unknown, defaulting to 1000
[  383.881471][T13036] chnl_net:caif_netlink_parms(): no params data found
[  383.944794][T13036] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.946764][T13036] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.949473][T13036] bridge_slave_0: entered allmulticast mode
[  383.951550][T13036] bridge_slave_0: entered promiscuous mode
[  383.954157][T13036] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.956035][T13036] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.957944][T13036] bridge_slave_1: entered allmulticast mode
[  383.965459][T13036] bridge_slave_1: entered promiscuous mode
[  383.987193][T13036] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.994658][T13036] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  384.022086][T13036] team0: Port device team_slave_0 added
[  384.024869][T13036] team0: Port device team_slave_1 added
[  384.047389][T13036] batman_adv: batadv0: Adding interface: batadv_slave_0
[  384.050277][T13036] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.056907][T13036] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  384.063597][T13036] batman_adv: batadv0: Adding interface: batadv_slave_1
[  384.065421][T13036] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.073170][T13036] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  384.102191][T13036] hsr_slave_0: entered promiscuous mode
[  384.104840][T13036] hsr_slave_1: entered promiscuous mode
[  384.106725][T13036] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  384.112704][T13036] Cannot create hsr debugfs directory
[  384.208613][T13033] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  384.261643][T13051] dns_resolver: Unsupported server list version (0)
[  384.571980][T13036] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  384.575348][T13036] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  384.580097][T13036] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  384.583438][T13036] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  384.596718][T13036] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.598690][T13036] bridge0: port 2(bridge_slave_1) entered forwarding state
[  384.600774][T13036] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.602625][T13036] bridge0: port 1(bridge_slave_0) entered forwarding state
[  384.634577][T13036] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.645752][T11370] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.651930][T11370] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.683372][T13036] 8021q: adding VLAN 0 to HW filter on device team0
[  384.687947][T11362] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.689852][T11362] bridge0: port 1(bridge_slave_0) entered forwarding state
[  384.694328][T11377] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.696187][T11377] bridge0: port 2(bridge_slave_1) entered forwarding state
[  384.791601][T13036] 8021q: adding VLAN 0 to HW filter on device batadv0
[  384.814651][T13036] veth0_vlan: entered promiscuous mode
[  384.819421][T13036] veth1_vlan: entered promiscuous mode
[  384.830900][T13036] veth0_macvtap: entered promiscuous mode
[  384.834996][T13036] veth1_macvtap: entered promiscuous mode
[  384.842634][T13036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.845773][T13036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.848283][T13036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.851112][T13036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.853613][T13036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.856388][T13036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.861049][T13036] batman_adv: batadv0: Interface activated: batadv_slave_0
[  384.865698][T13036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.868406][T13036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.872056][T13036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.874735][T13036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.877317][T13036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.877984][T13072] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2179'.
[  384.880383][T13036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.885952][T13036] batman_adv: batadv0: Interface activated: batadv_slave_1
[  384.892700][T13036] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  384.895288][T13036] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  384.897587][T13036] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  384.900105][T13036] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  384.928397][T11377] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  384.934919][T11377] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  384.944578][T11370] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  384.946737][T11370] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  384.988627][ T5351] Bluetooth: hci5: command 0x0405 tx timeout
[  384.998415][T13074] overlay: ./bus is not a directory
[  385.095194][T13078] batman_adv: batadv0: Adding interface: dummy0
[  385.096823][T13078] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.108612][T13078] batman_adv: batadv0: Interface activated: dummy0
[  385.112809][T13078] dummy0: mtu less than device minimum
[  385.408592][T13085] syzkaller0: entered promiscuous mode
[  385.410805][T13085] syzkaller0: entered allmulticast mode
[  385.672104][T13099] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  385.673878][T13099] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  385.688669][T13099] vhci_hcd vhci_hcd.0: Device attached
[  385.765135][T13103] __vm_enough_memory: pid: 13103, comm: syz.3.2188, bytes: 4294963200 not enough memory for the allocation
[  385.788691][ T5354] Bluetooth: hci6: command tx timeout
[  385.860215][   T62] vhci_hcd: vhci_device speed not set
[  385.918644][   T62] usb 13-1: new full-speed USB device number 5 using vhci_hcd
[  386.588585][T13100] vhci_hcd: connection reset by peer
[  386.590680][T11368] vhci_hcd: stop threads
[  386.591916][T11368] vhci_hcd: release socket
[  386.599630][T11368] vhci_hcd: disconnect device
[  386.864602][T13113] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2189'.
[  386.987086][T13114] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  387.278694][T10874] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  387.458544][T10874] usb 7-1: Using ep0 maxpacket: 8
[  387.462328][T10874] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  387.465606][T10874] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  387.467666][T10874] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  387.470530][T10874] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  387.473514][T10874] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  387.476710][T10874] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  387.479875][T10874] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  387.485147][T10874] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  387.487364][T10874] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  387.489592][T10874] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  387.492176][T10874] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  387.495307][T10874] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  387.498387][T10874] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  387.501748][T10874] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  387.508742][T10874] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  387.512741][T10874] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  387.514773][T10874] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  387.517295][T10874] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  387.520468][T10874] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  387.524554][T10874] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  387.527711][T10874] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  387.564604][T10874] usb 7-1: string descriptor 0 read error: -22
[  387.567079][T10874] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  387.569763][T10874] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.581311][T10874] adutux 7-1:246.0: ADU100  now attached to /dev/usb/adutux1
[  387.878759][ T5354] Bluetooth: hci6: command tx timeout
[  388.564984][T13119] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2191'.
[  388.569149][T13118] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2191'.
[  388.642947][T13137] ipvlan2: entered promiscuous mode
[  388.645963][T13137] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  388.650497][T13137] team0: Device ipvlan2 is already an upper device of the team interface
[  389.770065][ T5404] usb 7-1: USB disconnect, device number 11
[  389.876959][T13157] Cannot find add_set index 2 as target
[  389.978550][ T5354] Bluetooth: hci6: command tx timeout
[  390.173742][T13164] cgroup: release_agent respecified
[  390.692173][T13173] FAULT_INJECTION: forcing a failure.
[  390.692173][T13173] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  390.695444][T13173] CPU: 1 UID: 0 PID: 13173 Comm: syz.3.2206 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  390.698020][T13173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  390.700575][T13173] Call Trace:
[  390.701430][T13173]  <TASK>
[  390.702178][T13173]  dump_stack_lvl+0x16c/0x1f0
[  390.703345][T13173]  should_fail_ex+0x497/0x5b0
[  390.704525][T13173]  _copy_from_user+0x30/0xf0
[  390.705711][T13173]  input_event_from_user+0x22d/0x3b0
[  390.707078][T13173]  ? __pfx_input_event_from_user+0x10/0x10
[  390.708463][T13173]  ? input_inject_event+0x193/0x370
[  390.709721][T13173]  evdev_write+0x377/0x750
[  390.710851][T13173]  ? __pfx_evdev_write+0x10/0x10
[  390.712083][T13173]  ? bpf_lsm_file_permission+0x9/0x10
[  390.713430][T13173]  ? security_file_permission+0x71/0x210
[  390.714834][T13173]  ? __pfx_evdev_write+0x10/0x10
[  390.716027][T13173]  vfs_write+0x28e/0x1140
[  390.717117][T13173]  ? __fget_files+0x23a/0x3f0
[  390.718303][T13173]  ? __pfx_lock_release+0x10/0x10
[  390.719562][T13173]  ? trace_lock_acquire+0x14a/0x1d0
[  390.720885][T13173]  ? __pfx_vfs_write+0x10/0x10
[  390.722103][T13173]  ? lock_acquire+0x2f/0xb0
[  390.723242][T13173]  ? __fget_files+0x40/0x3f0
[  390.724420][T13173]  ? __fget_files+0x244/0x3f0
[  390.725622][T13173]  ksys_write+0x1fa/0x260
[  390.726722][T13173]  ? __pfx_ksys_write+0x10/0x10
[  390.727937][T13173]  __do_fast_syscall_32+0x73/0x120
[  390.729224][T13173]  do_fast_syscall_32+0x32/0x80
[  390.730452][T13173]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  390.732033][T13173] RIP: 0023:0xf7f0f579
[  390.733096][T13173] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  390.737835][T13173] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  390.739825][T13173] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  390.741980][T13173] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000
[  390.743954][T13173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  390.745897][T13173] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  390.747828][T13173] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  390.749890][T13173]  </TASK>
[  391.078788][   T62] vhci_hcd: vhci_device speed not set
[  391.744512][T13198] netlink: 'syz.3.2216': attribute type 1 has an invalid length.
[  391.766381][T13198] 8021q: adding VLAN 0 to HW filter on device bond5
[  391.770046][T13198] bond4: (slave bond5): making interface the new active one
[  391.772308][T13198] bond4: (slave bond5): Enslaving as an active interface with an up link
[  391.858644][T13209] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2214'.
[  391.864582][T13209] usb usb9: usbfs: process 13209 (syz.1.2214) did not claim interface 0 before use
[  392.028659][ T5354] Bluetooth: hci6: command tx timeout
[  392.093069][T13215] pimreg: entered allmulticast mode
[  392.107638][T13215] pimreg: left allmulticast mode
[  392.130884][T13220] overlayfs: failed to resolve './bus/file0': -2
[  392.809277][T13234] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  393.225952][T13243] Cannot find set identified by id 0 to match
[  393.983175][T13251] lo speed is unknown, defaulting to 1000
[  395.047345][T13281] FAULT_INJECTION: forcing a failure.
[  395.047345][T13281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  395.051537][T13281] CPU: 0 UID: 0 PID: 13281 Comm: syz.3.2240 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  395.054318][T13281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  395.057070][T13281] Call Trace:
[  395.057952][T13281]  <TASK>
[  395.058753][T13281]  dump_stack_lvl+0x16c/0x1f0
[  395.059990][T13281]  should_fail_ex+0x497/0x5b0
[  395.061221][T13281]  _copy_from_user+0x30/0xf0
[  395.062444][T13281]  get_compat_msghdr+0xa8/0x170
[  395.063707][T13281]  ? __pfx_get_compat_msghdr+0x10/0x10
[  395.065115][T13281]  ? find_held_lock+0x2d/0x110
[  395.066367][T13281]  ___sys_recvmsg+0x193/0x1a0
[  395.067594][T13281]  ? __pfx____sys_recvmsg+0x10/0x10
[  395.068949][T13281]  ? __pfx___might_resched+0x10/0x10
[  395.070325][T13281]  ? fdget+0x176/0x210
[  395.071398][T13281]  do_recvmmsg+0x51a/0x750
[  395.072569][T13281]  ? __pfx_do_recvmmsg+0x10/0x10
[  395.073866][T13281]  ? __pfx_lock_release+0x10/0x10
[  395.075181][T13281]  ? vfs_write+0x14d/0x1140
[  395.076374][T13281]  ? __fget_files+0x244/0x3f0
[  395.077610][T13281]  __sys_recvmmsg+0x21e/0x280
[  395.078841][T13281]  ? __pfx___sys_recvmmsg+0x10/0x10
[  395.080187][T13281]  ? __pfx_ksys_write+0x10/0x10
[  395.081475][T13281]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  395.083094][T13281]  ? lockdep_hardirqs_on+0x7c/0x110
[  395.084450][T13281]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  395.086155][T13281]  __do_fast_syscall_32+0x73/0x120
[  395.087490][T13281]  do_fast_syscall_32+0x32/0x80
[  395.088762][T13281]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  395.090410][T13281] RIP: 0023:0xf7f0f579
[  395.091476][T13281] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  395.096417][T13281] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  395.098573][T13281] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001140
[  395.100613][T13281] RDX: 0000000000000700 RSI: 0000000000000002 RDI: 0000000000000000
[  395.102672][T13281] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  395.104709][T13281] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  395.106696][T13281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  395.108730][T13281]  </TASK>
[  395.150882][T13283] binder: 13282:13283 ioctl c00c620f 20000340 returned -22
[  395.156669][T13283] veth0_vlan: entered allmulticast mode
[  395.524590][T13289] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2242'.
[  396.978353][T13317] random: crng reseeded on system resumption
[  397.376164][T13333] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2255'.
[  397.395101][T13333] batman_adv: batadv3: Adding interface: netdevsim0
[  397.396900][T13333] batman_adv: batadv3: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  397.403883][T13333] batman_adv: batadv3: Interface activated: netdevsim0
[  397.541826][T13339] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2257'.
[  397.561139][T13339] : entered promiscuous mode
[  399.573936][T13383] lo speed is unknown, defaulting to 1000
[  399.874286][T13398] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2275'.
[  399.876913][T13398] netlink: 'syz.2.2275': attribute type 11 has an invalid length.
[  399.879110][T13398] netlink: 'syz.2.2275': attribute type 7 has an invalid length.
[  399.886441][T13398] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  399.889060][T13398] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  399.891342][T13398] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  399.893579][T13398] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  399.897706][T13398] vxlan0: entered promiscuous mode
[  400.876179][T13435] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2288'.
[  402.136971][ T5354] Bluetooth: hci5: unexpected cc 0x2027 length: 2 > 1
[  402.140003][ T5354] Bluetooth: hci5: unexpected event for opcode 0x2027
[  402.456786][   T35] IPVS: starting estimator thread 0...
[  402.471046][T13458] IPVS: ovf: SCTP 127.0.0.1:0 - no destination available
[  402.558558][T13462] IPVS: using max 34 ests per chain, 81600 per kthread
[  402.674333][T13464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  402.676890][T13464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  402.682158][T13464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  402.685058][T13464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  402.691227][T13464] loop2: detected capacity change from 0 to 7
[  402.693255][T13464] Dev loop2: unable to read RDB block 7
[  402.694726][T13464]  loop2: AHDI p1 p2
[  402.695751][T13464] loop2: partition table partially beyond EOD, truncated
[  402.943527][T13466] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2296'.
[  405.062063][T13508] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2308'.
[  405.096480][T13513] netlink: 'syz.1.2309': attribute type 5 has an invalid length.
[  405.665954][ T5354] Bluetooth: hci5: unexpected cc 0x2027 length: 2 > 1
[  405.669008][ T5354] Bluetooth: hci5: unexpected event for opcode 0x2027
[  406.188803][ T5354] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  406.191476][ T5354] Bluetooth: hci5: Injecting HCI hardware error event
[  406.195061][ T5351] Bluetooth: hci5: hardware error 0x00
[  406.498021][T13543] FAULT_INJECTION: forcing a failure.
[  406.498021][T13543] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  406.502821][T13543] CPU: 1 UID: 0 PID: 13543 Comm: syz.2.2318 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  406.506258][T13543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  406.509729][T13543] Call Trace:
[  406.510977][T13543]  <TASK>
[  406.511959][T13543]  dump_stack_lvl+0x16c/0x1f0
[  406.513524][T13543]  should_fail_ex+0x497/0x5b0
[  406.515065][T13543]  ? fs_reclaim_acquire+0xae/0x150
[  406.516923][T13543]  should_fail_alloc_page+0xe7/0x130
[  406.518660][T13543]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  406.520676][T13543]  __alloc_pages_noprof+0x190/0x25a0
[  406.522438][T13543]  ? __pfx_mark_lock+0x10/0x10
[  406.524025][T13543]  ? hlock_class+0x4e/0x130
[  406.525507][T13543]  ? __lock_acquire+0xbdd/0x3ce0
[  406.527131][T13543]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  406.528997][T13543]  ? hlock_class+0x4e/0x130
[  406.530505][T13543]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  406.532414][T13543]  ? policy_nodemask+0xea/0x4e0
[  406.533991][T13543]  alloc_pages_mpol_noprof+0x2c9/0x610
[  406.535787][T13543]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  406.537808][T13543]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  406.539682][T13543]  folio_alloc_mpol_noprof+0x36/0xd0
[  406.541457][T13543]  vma_alloc_folio_noprof+0xee/0x1b0
[  406.543241][T13543]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  406.545175][T13543]  ? find_held_lock+0x2d/0x110
[  406.546773][T13543]  do_pte_missing+0x2010/0x3e50
[  406.548363][T13543]  ? rcu_is_watching+0x12/0xc0
[  406.549898][T13543]  __handle_mm_fault+0x100a/0x2a10
[  406.551575][T13543]  ? __pfx___handle_mm_fault+0x10/0x10
[  406.553369][T13543]  ? __pfx_lock_release+0x10/0x10
[  406.555007][T13543]  ? follow_page_pte+0x50d/0x1eb0
[  406.556626][T13543]  handle_mm_fault+0x3fa/0xaa0
[  406.558202][T13543]  __get_user_pages+0x90f/0x3b90
[  406.559917][T13543]  ? rwsem_read_trylock+0x12d/0x250
[  406.561654][T13543]  ? __pfx___get_user_pages+0x10/0x10
[  406.563432][T13543]  ? lock_acquire+0x2f/0xb0
[  406.564943][T13543]  faultin_page_range+0x24a/0x980
[  406.566588][T13543]  do_madvise+0x4e9/0x760
[  406.567999][T13543]  ? __pfx_do_madvise+0x10/0x10
[  406.569606][T13543]  ? ksys_write+0x1ad/0x260
[  406.571120][T13543]  ? __pfx_ksys_write+0x10/0x10
[  406.572751][T13543]  __ia32_sys_madvise+0xa7/0x110
[  406.574381][T13543]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  406.576529][T13543]  __do_fast_syscall_32+0x73/0x120
[  406.578228][T13543]  do_fast_syscall_32+0x32/0x80
[  406.579930][T13543]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  406.582063][T13543] RIP: 0023:0xf7f88579
[  406.583431][T13543] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  406.589667][T13543] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 00000000000000db
[  406.592411][T13543] RAX: ffffffffffffffda RBX: 00000000200ec000 RCX: 0000000000800000
[  406.594961][T13543] RDX: 0000000000000017 RSI: 0000000000000000 RDI: 0000000000000000
[  406.597522][T13543] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  406.600127][T13543] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  406.602712][T13543] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  406.605298][T13543]  </TASK>
[  406.793727][T13553] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2320'.
[  406.885148][T13559] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2322'.
[  407.467541][T13570] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  407.496460][T13570] FAULT_INJECTION: forcing a failure.
[  407.496460][T13570] name failslab, interval 1, probability 0, space 0, times 0
[  407.503874][T13570] CPU: 1 UID: 0 PID: 13570 Comm: syz.0.2326 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  407.506757][T13570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.509396][T13570] Call Trace:
[  407.510413][T13570]  <TASK>
[  407.511183][T13570]  dump_stack_lvl+0x16c/0x1f0
[  407.512407][T13570]  should_fail_ex+0x497/0x5b0
[  407.513671][T13570]  ? fs_reclaim_acquire+0xae/0x150
[  407.515051][T13570]  should_failslab+0xc2/0x120
[  407.516354][T13570]  __kmalloc_noprof+0xcb/0x410
[  407.517637][T13570]  ? rcu_is_watching+0x12/0xc0
[  407.518944][T13570]  p9_fcall_init+0x97/0x260
[  407.520278][T13570]  p9_tag_alloc+0x21c/0x870
[  407.521625][T13570]  ? __pfx_p9_tag_alloc+0x10/0x10
[  407.522980][T13570]  p9_client_prepare_req+0x19f/0x4d0
[  407.524310][T13570]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  407.525864][T13570]  ? lock_acquire.part.0+0x11b/0x380
[  407.527202][T13570]  ? find_held_lock+0x2d/0x110
[  407.528414][T13570]  p9_client_rpc+0x1c3/0xc10
[  407.529596][T13570]  ? __pfx_p9_client_rpc+0x10/0x10
[  407.530886][T13570]  ? lock_acquire+0x2f/0xb0
[  407.532058][T13570]  ? v9fs_fid_find+0xaa/0x330
[  407.533266][T13570]  ? do_raw_spin_unlock+0x172/0x230
[  407.534590][T13570]  ? _raw_spin_unlock+0x28/0x50
[  407.535839][T13570]  ? __pfx_v9fs_fid_find+0x10/0x10
[  407.537259][T13570]  ? __pfx_make_vfsuid+0x10/0x10
[  407.538708][T13570]  p9_client_wstat+0x1f4/0x300
[  407.540075][T13570]  v9fs_vfs_setattr+0x4f8/0xab0
[  407.541507][T13570]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  407.542996][T13570]  ? evm_inode_setattr+0x65/0x680
[  407.544329][T13570]  ? __pfx_from_vfsgid+0x10/0x10
[  407.545625][T13570]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  407.546955][T13570]  notify_change+0x6a6/0x1230
[  407.548151][T13573] overlayfs: failed to resolve './file1/file0': -2
[  407.548153][T13570]  chown_common+0x538/0x670
[  407.551045][T13570]  ? mark_held_locks+0x9f/0xe0
[  407.552299][T13570]  ? __pfx_chown_common+0x10/0x10
[  407.553576][T13570]  ? irqentry_exit+0x3b/0x90
[  407.554757][T13570]  ? lockdep_hardirqs_on+0x7c/0x110
[  407.556128][T13570]  ? do_fchownat+0x123/0x200
[  407.557344][T13570]  do_fchownat+0x1ac/0x200
[  407.558725][T13570]  ? __pfx_do_fchownat+0x10/0x10
[  407.560188][T13570]  ? __pfx_ksys_write+0x10/0x10
[  407.561598][T13570]  __ia32_sys_lchown16+0xe6/0x120
[  407.562988][T13570]  __do_fast_syscall_32+0x73/0x120
[  407.564286][T13570]  do_fast_syscall_32+0x32/0x80
[  407.565527][T13570]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  407.567088][T13570] RIP: 0023:0xf7f0f579
[  407.568102][T13570] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  407.572775][T13570] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000010
[  407.574979][T13570] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000000000
[  407.577078][T13570] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  407.579221][T13570] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  407.581263][T13570] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  407.583285][T13570] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  407.585263][T13570]  </TASK>
[  407.805736][T13580] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2328'.
[  408.281055][ T5351] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  409.212405][T13625] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  409.229815][T13625] overlayfs: failed to resolve './file1/file0': -2
[  409.550260][T13636] FAULT_INJECTION: forcing a failure.
[  409.550260][T13636] name failslab, interval 1, probability 0, space 0, times 0
[  409.553978][T13636] CPU: 0 UID: 0 PID: 13636 Comm: syz.1.2342 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  409.556645][T13636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  409.559217][T13636] Call Trace:
[  409.560102][T13636]  <TASK>
[  409.560828][T13636]  dump_stack_lvl+0x16c/0x1f0
[  409.562040][T13636]  should_fail_ex+0x497/0x5b0
[  409.563266][T13636]  ? fs_reclaim_acquire+0xae/0x150
[  409.564541][T13636]  should_failslab+0xc2/0x120
[  409.565771][T13636]  __kmalloc_noprof+0xcb/0x410
[  409.566918][T13636]  ? rcu_is_watching+0x12/0xc0
[  409.568132][T13636]  tomoyo_encode2+0x100/0x3e0
[  409.569329][T13636]  tomoyo_realpath_from_path+0x1a7/0x710
[  409.570755][T13636]  ? tomoyo_path_number_perm+0x232/0x5b0
[  409.572206][T13636]  tomoyo_path_number_perm+0x245/0x5b0
[  409.573588][T13636]  ? tomoyo_path_number_perm+0x232/0x5b0
[  409.575076][T13636]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  409.576556][T13636]  ? trace_lock_acquire+0x14a/0x1d0
[  409.577923][T13636]  ? lock_acquire+0x2f/0xb0
[  409.579022][T13636]  ? __fget_files+0x40/0x3f0
[  409.580306][T13636]  ? __fget_files+0x244/0x3f0
[  409.581523][T13636]  security_file_ioctl_compat+0x9b/0x240
[  409.582977][T13636]  __do_compat_sys_ioctl+0x52/0x2b0
[  409.584321][T13636]  __do_fast_syscall_32+0x73/0x120
[  409.585609][T13636]  do_fast_syscall_32+0x32/0x80
[  409.586881][T13636]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  409.588422][T13636] RIP: 0023:0xf7f16579
[  409.589506][T13636] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  409.594267][T13636] RSP: 002b:00000000f565456c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  409.596337][T13636] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c0502100
[  409.598342][T13636] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000
[  409.600275][T13636] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  409.602295][T13636] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  409.604300][T13636] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  409.606188][T13636]  </TASK>
[  409.607459][T13636] ERROR: Out of memory at tomoyo_realpath_from_path.
[  409.638044][T13639] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  410.271542][T13657] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  412.020646][T13680] ptrace attach of "/syz-executor exec"[12824] was attempted by "/syz-executor exec"[13680]
[  412.117314][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.119822][T13691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  412.122023][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.123905][T13691] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  412.126037][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.127874][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.130326][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.132130][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.133983][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.133993][T13695] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.2359'.
[  412.135831][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.135854][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.135865][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.143861][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.145819][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.147654][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.149860][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.151762][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.153583][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.155363][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.157172][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.159134][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.160922][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.162782][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.164782][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.166687][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.168558][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.170424][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.172414][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.174295][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.176284][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.182762][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.184652][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.186577][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.188446][   T62] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  412.203306][   T62] hid-generic 0000:0000:0000.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  412.545690][T13707] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2361'.
[  413.625664][T13728] netlink: 'syz.2.2367': attribute type 1 has an invalid length.
[  413.628156][T13728] netlink: 636 bytes leftover after parsing attributes in process `syz.2.2367'.
[  414.277641][T13743] FAULT_INJECTION: forcing a failure.
[  414.277641][T13743] name failslab, interval 1, probability 0, space 0, times 0
[  414.281028][T13743] CPU: 2 UID: 0 PID: 13743 Comm: syz.3.2372 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  414.283632][T13743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  414.286373][T13743] Call Trace:
[  414.287225][T13743]  <TASK>
[  414.287978][T13743]  dump_stack_lvl+0x16c/0x1f0
[  414.289170][T13743]  should_fail_ex+0x497/0x5b0
[  414.290388][T13743]  should_failslab+0xc2/0x120
[  414.291581][T13743]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  414.292950][T13743]  ? skb_clone+0x190/0x3f0
[  414.294107][T13743]  skb_clone+0x190/0x3f0
[  414.295216][T13743]  netlink_deliver_tap+0xb26/0xcf0
[  414.296528][T13743]  netlink_unicast+0x5e1/0x7f0
[  414.297754][T13743]  ? __pfx_netlink_unicast+0x10/0x10
[  414.299111][T13743]  ? __phys_addr_symbol+0x30/0x80
[  414.300416][T13743]  ? __check_object_size+0x488/0x710
[  414.301815][T13743]  netlink_sendmsg+0x8b8/0xd70
[  414.303056][T13743]  ? __pfx_netlink_sendmsg+0x10/0x10
[  414.304430][T13743]  ? lock_acquire+0x2f/0xb0
[  414.305633][T13743]  ____sys_sendmsg+0x9ae/0xb40
[  414.306872][T13743]  ? __pfx_____sys_sendmsg+0x10/0x10
[  414.308235][T13743]  ? get_compat_msghdr+0x11b/0x170
[  414.309559][T13743]  ? __pfx___lock_acquire+0x10/0x10
[  414.310882][T13743]  ___sys_sendmsg+0x135/0x1e0
[  414.312073][T13743]  ? __pfx____sys_sendmsg+0x10/0x10
[  414.313432][T13743]  ? lock_acquire+0x2f/0xb0
[  414.314617][T13743]  ? __fget_files+0x40/0x3f0
[  414.315820][T13743]  ? fdget+0x176/0x210
[  414.316888][T13743]  __sys_sendmsg+0x117/0x1f0
[  414.318106][T13743]  ? __pfx___sys_sendmsg+0x10/0x10
[  414.319441][T13743]  ? __fget_files+0x244/0x3f0
[  414.320672][T13743]  __do_fast_syscall_32+0x73/0x120
[  414.322034][T13743]  do_fast_syscall_32+0x32/0x80
[  414.323234][T13743]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  414.324804][T13743] RIP: 0023:0xf7f0f579
[  414.325830][T13743] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  414.330631][T13743] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  414.332876][T13743] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000200
[  414.334834][T13743] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  414.336812][T13743] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  414.338817][T13743] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  414.340814][T13743] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  414.343307][T13743]  </TASK>
[  414.346494][T13743] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2372'.
[  415.764476][T13774] nfs4: Unknown parameter 'fd'
[  415.844001][T13778] x_tables: duplicate underflow at hook 2
[  416.240601][T13790] xt_TPROXY: Can be used only with -p tcp or -p udp
[  417.215268][T13811] syz.2.2390: vmalloc error: size 4096, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  417.219725][T13811] CPU: 2 UID: 0 PID: 13811 Comm: syz.2.2390 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  417.222509][T13811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.225203][T13811] Call Trace:
[  417.226106][T13811]  <TASK>
[  417.226842][T13811]  dump_stack_lvl+0x16c/0x1f0
[  417.228034][T13811]  warn_alloc+0x24d/0x3a0
[  417.229176][T13811]  ? __pfx_warn_alloc+0x10/0x10
[  417.230452][T13811]  ? policy_nodemask+0xea/0x4e0
[  417.231721][T13811]  ? alloc_pages_mpol_noprof+0x315/0x610
[  417.233175][T13811]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  417.234740][T13811]  ? __pfx___might_resched+0x10/0x10
[  417.236110][T13811]  __vmalloc_node_range_noprof+0x1326/0x15a0
[  417.237671][T13811]  ? xt_compat_init_offsets+0xe1/0x1f0
[  417.239087][T13811]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  417.240719][T13811]  ? hlock_class+0x4e/0x130
[  417.241928][T13811]  ? __pfx___mutex_lock+0x10/0x10
[  417.243240][T13811]  ? xt_compat_init_offsets+0xe1/0x1f0
[  417.244643][T13811]  vmalloc_noprof+0x6b/0x90
[  417.245832][T13811]  ? xt_compat_init_offsets+0xe1/0x1f0
[  417.247243][T13811]  xt_compat_init_offsets+0xe1/0x1f0
[  417.248621][T13811]  translate_compat_table+0x1fc/0x1380
[  417.250040][T13811]  ? find_held_lock+0x2d/0x110
[  417.251304][T13811]  ? __pfx_translate_compat_table+0x10/0x10
[  417.252827][T13811]  ? __pfx_lock_release+0x10/0x10
[  417.254149][T13811]  do_arpt_set_ctl+0x911/0x1050
[  417.255414][T13811]  ? find_held_lock+0x2d/0x110
[  417.256643][T13811]  ? __pfx_do_arpt_set_ctl+0x10/0x10
[  417.257986][T13811]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  417.259516][T13811]  ? rcu_is_watching+0x12/0xc0
[  417.260751][T13811]  ? __mutex_unlock_slowpath+0x164/0x650
[  417.262171][T13811]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  417.263540][T13811]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  417.265088][T13811]  nf_setsockopt+0x8a/0xf0
[  417.266264][T13811]  ip_setsockopt+0xcb/0xf0
[  417.267378][T13811]  raw_setsockopt+0xb8/0x290
[  417.268495][T13811]  ? __pfx_raw_setsockopt+0x10/0x10
[  417.269834][T13811]  ? sock_common_setsockopt+0x2e/0xf0
[  417.271220][T13811]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  417.272664][T13811]  do_sock_setsockopt+0x222/0x480
[  417.273974][T13811]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  417.275392][T13811]  ? fdget+0x176/0x210
[  417.276451][T13811]  __sys_setsockopt+0x1a4/0x270
[  417.277713][T13811]  ? __pfx___sys_setsockopt+0x10/0x10
[  417.279095][T13811]  ? fput+0x30/0x390
[  417.280113][T13811]  ? ksys_write+0x1ad/0x260
[  417.281298][T13811]  ? __pfx_ksys_write+0x10/0x10
[  417.282560][T13811]  __ia32_sys_setsockopt+0xbc/0x160
[  417.283895][T13811]  ? lockdep_hardirqs_on+0x7c/0x110
[  417.285237][T13811]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  417.286923][T13811]  __do_fast_syscall_32+0x73/0x120
[  417.288248][T13811]  do_fast_syscall_32+0x32/0x80
[  417.289509][T13811]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  417.291129][T13811] RIP: 0023:0xf7f88579
[  417.292186][T13811] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  417.297074][T13811] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  417.299204][T13811] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  417.301227][T13811] RDX: 0000000000000060 RSI: 0000000020000000 RDI: 0000000000000424
[  417.303191][T13811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  417.305153][T13811] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  417.307175][T13811] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  417.309147][T13811]  </TASK>
[  417.312812][T13811] Mem-Info:
[  417.314019][T13811] active_anon:6710 inactive_anon:3660 isolated_anon:0
[  417.314019][T13811]  active_file:10686 inactive_file:28901 isolated_file:0
[  417.314019][T13811]  unevictable:2 dirty:38 writeback:0
[  417.314019][T13811]  slab_reclaimable:5176 slab_unreclaimable:65747
[  417.314019][T13811]  mapped:31345 shmem:7841 pagetables:625
[  417.314019][T13811]  sec_pagetables:335 bounce:0
[  417.314019][T13811]  kernel_misc_reclaimable:0
[  417.314019][T13811]  free:37292 free_pcp:9548 free_cma:0
[  417.325602][T13811] Node 0 active_anon:1520kB inactive_anon:20kB active_file:60kB inactive_file:8kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:1836kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9748kB pagetables:1272kB sec_pagetables:1264kB all_unreclaimable? no
[  417.335485][T13811] Node 1 active_anon:25296kB inactive_anon:14620kB active_file:42684kB inactive_file:115596kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:123584kB dirty:152kB writeback:0kB shmem:29828kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3476kB pagetables:1324kB sec_pagetables:76kB all_unreclaimable? no
[  417.344055][T13811] Node 0 DMA free:948kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:100kB local_pcp:72kB free_cma:0kB
[  417.351280][T13811] lowmem_reserve[]: 0 273 0 0 0
[  417.352596][T13811] Node 0 DMA32 free:20916kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:476kB inactive_anon:1064kB active_file:60kB inactive_file:8kB unevictable:4kB writepending:0kB present:1032196kB managed:306280kB mlocked:0kB bounce:0kB free_pcp:3320kB local_pcp:1924kB free_cma:0kB
[  417.360334][T13811] lowmem_reserve[]: 0 0 0 0 0
[  417.361608][T13811] Node 1 DMA32 free:127496kB boost:8192kB min:55336kB low:67120kB high:78904kB reserved_highatomic:0KB active_anon:25296kB inactive_anon:14620kB active_file:42684kB inactive_file:115596kB unevictable:4kB writepending:152kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:34792kB local_pcp:844kB free_cma:0kB
[  417.369749][T13811] lowmem_reserve[]: 0 0 0 0 0
[  417.371014][T13811] Node 0 DMA: 46*4kB (U) 9*8kB (U) 16*16kB (U) 14*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 960kB
[  417.374410][T13811] Node 0 DMA32: 339*4kB (UEH) 297*8kB (UEH) 44*16kB (UMEH) 95*32kB (UMEH) 40*64kB (UMEH) 21*128kB (UMEH) 10*256kB (UM) 3*512kB (UM) 0*1024kB 2*2048kB (M) 0*4096kB = 20916kB
[  417.379248][T13811] Node 1 DMA32: 114*4kB (UE) 52*8kB (UM) 24*16kB (UE) 51*32kB (UME) 126*64kB (UM) 35*128kB (UME) 34*256kB (UME) 22*512kB (UME) 32*1024kB (UME) 13*2048kB (UME) 8*4096kB (UM) = 127560kB
[  417.384742][T13811] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  417.387371][T13811] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  417.390080][T13811] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  417.392359][T13811] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  417.394624][T13811] 47907 total pagecache pages
[  417.395844][T13811] 484 pages in swap cache
[  417.396963][T13811] Free swap  = 114756kB
[  417.398057][T13811] Total swap = 124996kB
[  417.399700][T13811] 524155 pages RAM
[  417.400685][T13811] 0 pages HighMem/MovableOnly
[  417.401909][T13811] 206682 pages reserved
[  417.402987][T13811] 0 pages cma reserved
[  417.645556][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  419.101981][ T5351] Bluetooth: hci6: unexpected cc 0x2027 length: 2 > 1
[  419.170746][T13861] FAULT_INJECTION: forcing a failure.
[  419.170746][T13861] name failslab, interval 1, probability 0, space 0, times 0
[  419.175256][T13861] CPU: 3 UID: 0 PID: 13861 Comm: syz.0.2405 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  419.179075][T13861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  419.182908][T13861] Call Trace:
[  419.184124][T13861]  <TASK>
[  419.185201][T13861]  dump_stack_lvl+0x16c/0x1f0
[  419.186920][T13861]  should_fail_ex+0x497/0x5b0
[  419.188645][T13861]  ? fs_reclaim_acquire+0xae/0x150
[  419.190507][T13861]  should_failslab+0xc2/0x120
[  419.192220][T13861]  __kmalloc_cache_noprof+0x6b/0x310
[  419.194276][T13861]  ? create_io_worker+0xcc/0x5f0
[  419.196073][T13861]  ? create_io_worker+0x49/0x5f0
[  419.197890][T13861]  create_io_worker+0xcc/0x5f0
[  419.199626][T13861]  io_wq_enqueue+0x664/0xb30
[  419.201372][T13861]  ? __pfx_io_wq_enqueue+0x10/0x10
[  419.203226][T13861]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  419.205324][T13861]  ? io_prep_async_work+0x50e/0x770
[  419.207222][T13861]  io_queue_iowq+0x259/0x4e0
[  419.208904][T13861]  io_queue_async+0x251/0x4b0
[  419.210630][T13861]  io_submit_sqes+0x16b2/0x2530
[  419.212416][T13861]  __do_sys_io_uring_enter+0xc0f/0x1170
[  419.214417][T13861]  ? __fget_files+0x244/0x3f0
[  419.216130][T13861]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  419.218317][T13861]  ? fput+0x30/0x390
[  419.219747][T13861]  ? ksys_write+0x1ad/0x260
[  419.221415][T13861]  ? __pfx_ksys_write+0x10/0x10
[  419.223187][T13861]  __do_fast_syscall_32+0x73/0x120
[  419.225037][T13861]  do_fast_syscall_32+0x32/0x80
[  419.226816][T13861]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  419.229110][T13861] RIP: 0023:0xf7f0f579
[  419.230602][T13861] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  419.235947][T13861] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  419.238109][T13861] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000000047ba
[  419.240213][T13861] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  419.242410][T13861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  419.244444][T13861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  419.246727][T13861] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  419.249381][T13861]  </TASK>
[  419.758463][T13880] Bluetooth: MGMT ver 1.23
[  420.050619][T13891] binder: 13890:13891 ioctl c018620c 20000140 returned -1
[  420.731159][T13905] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2419'.
[  420.885930][T13907] overlayfs: failed to resolve './file1': -2
[  422.022193][T13924] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.024210][T13924] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.047515][T13926] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  422.049255][T13926] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  422.053689][T13926] vhci_hcd vhci_hcd.0: Device attached
[  422.056364][T13927] vhci_hcd: cannot find the pending unlink 5
[  422.198936][T13944] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.2428'.
[  422.233441][T13924] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  422.235982][T13924] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  422.238351][T13924] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  422.240955][T13924] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  422.288682][T13927] vhci_hcd: connection closed
[  422.290114][T11368] vhci_hcd: stop threads
[  422.292489][T11368] vhci_hcd: release socket
[  422.293777][T11368] vhci_hcd: disconnect device
[  422.319066][ T1300] usb 19-1: new high-speed USB device number 4 using vhci_hcd
[  422.323237][ T1300] usb 19-1: enqueue for inactive port 0
[  422.402036][ T1300] vhci_hcd: vhci_device speed not set
[  423.148593][ T5351] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  423.151774][ T5351] Bluetooth: hci6: Injecting HCI hardware error event
[  423.155285][ T5351] Bluetooth: hci6: hardware error 0x00
[  424.887297][ T5354] Bluetooth: hci6: unexpected cc 0x2027 length: 2 > 1
[  424.890037][ T5354] Bluetooth: hci6: unexpected event for opcode 0x2027
[  424.986791][T14001] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  424.988678][T14001] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  424.996289][T14001] vhci_hcd vhci_hcd.0: Device attached
[  425.015591][T14002] vhci_hcd: connection closed
[  425.016411][T11275] vhci_hcd: stop threads
[  425.019087][T11275] vhci_hcd: release socket
[  425.020275][T11275] vhci_hcd: disconnect device
[  425.238736][ T5351] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  425.690502][T14025] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2454'.
[  426.589965][T14046] siw: device registration error -23
[  426.707355][T14051] fuse: Bad value for 'user_id'
[  426.713030][T14051] fuse: Bad value for 'user_id'
[  427.485105][T14068] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  427.685139][T14073] siw: device registration error -23
[  428.104129][T14079] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2470'.
[  428.562029][T14100] siw: device registration error -23
[  429.651319][T14119] tipc: Started in network mode
[  429.653452][T14119] tipc: Node identity b84, cluster identity 4711
[  429.655198][T14119] tipc: Node number set to 2948
[  430.429482][T14143] lo speed is unknown, defaulting to 1000
[  430.768908][T14155] @: renamed from vlan0
[  430.788045][T14155] EXT4-fs warning (device sda1): __ext4_ioctl:1257: Setting inode version is not supported with metadata_csum enabled.
SYZFAIL: bad allocate request
allocated=0 size=1701996132/1701996136 (errno 9: Bad file descriptor)
[  431.764228][T11370] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  431.767050][T11370] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.833682][T11370] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  431.836283][T11370] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.945241][T11370] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  431.948983][T11370] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.040249][T11370] batman_adv: batadv3: Interface deactivated: netdevsim0
[  432.052113][T11370] batman_adv: batadv3: Removing interface: netdevsim0
[  432.054336][T11370] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  432.056864][T11370] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.192537][T11370] bridge_slave_1: left allmulticast mode
[  432.194038][T11370] bridge_slave_1: left promiscuous mode
[  432.195495][T11370] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.198075][T11370] bridge_slave_0: left allmulticast mode
[  432.199682][T11370] bridge_slave_0: left promiscuous mode
[  432.201146][T11370] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.204186][T11370] bridge_slave_1: left allmulticast mode
[  432.205603][T11370] bridge_slave_1: left promiscuous mode
[  432.207036][T11370] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.214352][T11370] bridge_slave_0: left allmulticast mode
[  432.215789][T11370] bridge_slave_0: left promiscuous mode
[  432.217258][T11370] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.223301][T11370] tipc: Resetting bearer <eth:xfrm0>
[  432.322812][T11370] tipc: Disabling bearer <eth:xfrm0>
[  432.746610][T11370] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  432.750014][T11370] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  432.753606][T11370] bond0 (unregistering): Released all slaves
[  432.759810][T11370] bond1 (unregistering): (slave bond2): Releasing backup interface
[  432.762996][T11370] bond1 (unregistering): Released all slaves
[  432.847409][T11370] bond2 (unregistering): Released all slaves
[  432.851964][T11370] bond3 (unregistering): Released all slaves
[  432.856672][T11370] bond4 (unregistering): (slave bond5): Releasing backup interface
[  432.859333][T11370] bond4 (unregistering): Released all slaves
[  432.943397][T11370] bond5 (unregistering): Released all slaves
[  433.038996][T11370] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  433.043447][T11370] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  433.046933][T11370] bond0 (unregistering): Released all slaves
[  433.145855][T11370] : left promiscuous mode
[  433.187642][T11370] tipc: Left network mode
[  433.207842][T11370] tipc: Left network mode
[  433.585575][T11370] hsr_slave_0: left promiscuous mode
[  433.587821][T11370] hsr_slave_1: left promiscuous mode
[  433.595104][T11370] hsr_slave_0: left promiscuous mode
[  433.597148][T11370] hsr_slave_1: left promiscuous mode
[  433.599369][T11370] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  433.601550][T11370] batman_adv: batadv0: Removing interface: batadv_slave_0
[  433.604375][T11370] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  433.606326][T11370] batman_adv: batadv0: Removing interface: batadv_slave_1
[  433.639176][T11370] veth1_macvtap: left promiscuous mode
[  433.640620][T11370] veth0_macvtap: left promiscuous mode
[  433.642066][T11370] veth1_vlan: left promiscuous mode
[  433.643403][T11370] veth0_vlan: left promiscuous mode
[  434.374455][T11370] team0 (unregistering): Port device team_slave_1 removed
[  434.474831][T11370] team0 (unregistering): Port device team_slave_0 removed
[  435.080569][T11370] pim6reg (unregistering): left allmulticast mode
[  435.784527][T11370] team0 (unregistering): Port device team_slave_1 removed
[  435.861282][T11370] team0 (unregistering): Port device team_slave_0 removed
[  437.204447][T11370] IPVS: stop unused estimator thread 0...
[  437.275045][T11370] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.362909][T11370] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.434458][T11370] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.520017][T11370] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.630226][T11370] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.704173][T11370] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.781598][T11370] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.851142][T11370] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.942583][T11370] bridge_slave_1: left allmulticast mode
[  437.944696][T11370] bridge_slave_1: left promiscuous mode
[  437.946839][T11370] bridge0: port 2(bridge_slave_1) entered disabled state
[  437.951963][T11370] bridge_slave_0: left allmulticast mode
[  437.954068][T11370] bridge_slave_0: left promiscuous mode
[  437.956206][T11370] bridge0: port 1(bridge_slave_0) entered disabled state
[  437.964646][T11370] bridge_slave_1: left allmulticast mode
[  437.966744][T11370] bridge_slave_1: left promiscuous mode
[  437.969032][T11370] bridge0: port 2(bridge_slave_1) entered disabled state
[  437.972276][T11370] bridge_slave_0: left allmulticast mode
[  437.973767][T11370] bridge_slave_0: left promiscuous mode
[  437.975286][T11370] bridge0: port 1(bridge_slave_0) entered disabled state
[  438.502424][T11370] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  438.506214][T11370] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  438.510073][T11370] bond0 (unregistering): Released all slaves
[  438.591715][T11370] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  438.596421][T11370] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  438.601292][T11370] bond0 (unregistering): Released all slaves
[  438.653596][T11370] : left promiscuous mode
[  439.230915][T11370] hsr_slave_0: left promiscuous mode
[  439.232686][T11370] hsr_slave_1: left promiscuous mode
[  439.234610][T11370] batman_adv: batadv0: Interface deactivated: dummy0
[  439.236641][T11370] batman_adv: batadv0: Removing interface: dummy0
[  439.239358][T11370] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  439.241314][T11370] batman_adv: batadv0: Removing interface: batadv_slave_0
[  439.243398][T11370] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  439.245318][T11370] batman_adv: batadv0: Removing interface: batadv_slave_1
[  439.249022][T11370] hsr_slave_0: left promiscuous mode
[  439.250774][T11370] hsr_slave_1: left promiscuous mode
[  439.254464][T11370] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  439.256362][T11370] batman_adv: batadv0: Removing interface: batadv_slave_0
[  439.258665][T11370] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  439.260501][T11370] batman_adv: batadv0: Removing interface: batadv_slave_1
[  439.310798][T11370] veth1_macvtap: left promiscuous mode
[  439.312266][T11370] veth0_macvtap: left promiscuous mode
[  439.313725][T11370] veth1_vlan: left promiscuous mode
[  439.315096][T11370] veth0_vlan: left promiscuous mode
[  439.317135][T11370] veth1_macvtap: left promiscuous mode
[  439.318684][T11370] veth0_macvtap: left promiscuous mode
[  439.320255][T11370] veth1_vlan: left promiscuous mode
[  439.321654][T11370] veth0_vlan: left promiscuous mode
[  439.482182][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  440.162260][T11370] team0 (unregistering): Port device team_slave_1 removed
[  440.248072][T11370] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
07:17:39  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000001 RBX=0000000000000037 RCX=ffffffff81694fde RDX=fffffbfff2d31989
RSI=0000000000000008 RDI=ffffffff9698cc40 RBP=ffffc90003a27580 RSP=ffffc90003a27430
R8 =0000000000000000 R9 =fffffbfff2d31988 R10=ffffffff9698cc47 R11=0000000000000000
R12=ffff888074060000 R13=0000000000000004 R14=0000000000000002 R15=1ffff92000744e8e
RIP=ffffffff81694fe8 RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f06e40 CR3=0000000057884000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000001000008fd RBX=ffff888074060000 RCX=0000000000000830 RDX=0000000000000001
RSI=00000000000000fd RDI=0000000000000001 RBP=0000000000000000 RSP=ffffc90000477bc8
R8 =0000000000000000 R9 =fffffbfff2039ae9 R10=ffffffff901cd74f R11=0000000000000001
R12=1ffff9200008ef7a R13=ffffc90000477bf0 R14=ffff88802b43fc90 R15=ffffffff8da957c0
RIP=ffffffff813bb068 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020032000 CR3=0000000057884000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000fe70afce RBX=ffffffff932f2080 RCX=0000000000000002 RDX=0000000000000105
RSI=ffffffff81326d4b RDI=ffffffff932f2080 RBP=ffff88802b43ee98 RSP=ffffc90003007578
R8 =0000000000000000 R9 =fffffbfff2039ae9 R10=1ffffffff1b03571 R11=0000000000000000
R12=0000000000000006 R13=ffffed10055c8a6b R14=ffff88802ae45360 R15=0000000000000003
RIP=ffffffff8b13132a RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73694a0 CR3=00000000765c4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=000000000000000d RCX=ffffffff848f075e RDX=ffff888024e7c880
RSI=ffffffff848f0768 RDI=0000000000000001 RBP=ffffc900033f7538 RSP=ffffc900033f72c8
R8 =0000000000000001 R9 =0000000000000007 R10=000000000000000d R11=0000000000000000
R12=00000000000001ff R13=ffffc900033f7380 R14=ffff88805d35ba97 R15=ffffc900033f7540
RIP=ffffffff818cb976 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ff96ea92d00 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055ccab8ef000 CR3=0000000029fba000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000ffff3f01 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=c0ea0e6fc0ea0e6f c0ea0e6fc0ea0e6f c0ea0e6fc0ea0e6f c0ea0e6fc0ea0e6f c0ea0e6fc0ea0e6f c0ea0e6fc0ea0e6f c0ea0e6fc0ea0e6f c0ea0e6fc0ea0e6f
ZMM22=08759b7208759b72 08759b7208759b72 08759b7208759b72 08759b7208759b72 08759b7208759b72 08759b7208759b72 08759b7208759b72 08759b7208759b72
ZMM23=8b9296498b929649 8b9296498b929649 8b9296498b929649 8b9296498b929649 8b9296498b929649 8b9296498b929649 8b9296498b929649 8b9296498b929649
ZMM24=52a66bb552a66bb5 52a66bb552a66bb5 52a66bb552a66bb5 52a66bb552a66bb5 52a66bb552a66bb5 52a66bb552a66bb5 52a66bb552a66bb5 52a66bb552a66bb5
ZMM25=278d9c75278d9c75 278d9c75278d9c75 278d9c75278d9c75 278d9c75278d9c75 278d9c75278d9c75 278d9c75278d9c75 278d9c75278d9c75 278d9c75278d9c75
ZMM26=6cf9d3f66cf9d3f6 6cf9d3f66cf9d3f6 6cf9d3f66cf9d3f6 6cf9d3f66cf9d3f6 6cf9d3f66cf9d3f6 6cf9d3f66cf9d3f6 6cf9d3f66cf9d3f6 6cf9d3f66cf9d3f6
ZMM27=518a3e6b518a3e6b 518a3e6b518a3e6b 518a3e6b518a3e6b 518a3e6b518a3e6b 518a3e6b518a3e6b 518a3e6b518a3e6b 518a3e6b518a3e6b 518a3e6b518a3e6b
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=cf0f0000cf0f0000 cf0f0000cf0f0000 cf0f0000cf0f0000 cf0f0000cf0f0000 cf0f0000cf0f0000 cf0f0000cf0f0000 cf0f0000cf0f0000 cf0f0000cf0f0000