last executing test programs:

9.577219865s ago: executing program 1 (id=2572):
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f00000001c0), 0xfffffecc)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x2c, 0x3e, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @typed={0x8, 0x0, 0x0, 0x0, @uid=0xffffffffffffffff}]}]}, 0x2c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, r5, 0xf05, 0x0, 0x0, {0x8}}, 0x14}}, 0x0)
sendmsg$IPVS_CMD_FLUSH(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xa8, r5, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x11}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffff516d}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffffa}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20048850}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f00000000c0)=@framed={{}, [@jmp={0x0, 0x0, 0x2, 0x0, 0x2}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000380), 0xffffffffffffffff)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r4)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r10, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x4b}, @val={0x8, 0x3, r12}, @void}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x4}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_to_batadv\x00'}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r3, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x2c, r8, 0x400, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x36}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x1}]}, 0x2c}}, 0x24000000)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r6, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x44, r7, 0x0, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x44}, 0x1, 0x0, 0x0, 0x163aa158b6f3c738}, 0x40800)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00'})

8.716938596s ago: executing program 1 (id=2583):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000020961b0a9f15000000000109022d"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x80401, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r4, 0x40806685, &(0x7f0000001640)={0x1, 0x0, 0x1000, 0x1, &(0x7f0000001480)="c5", 0x0, 0x0, 0x0})
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, 0x0, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
io_setup(0x0, &(0x7f00000003c0)=<r6=>0x0)
io_submit(r6, 0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r7, 0x0, 0x0)
getdents(r7, &(0x7f0000001fc0)=""/182, 0xb6)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xf4)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240))
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)

5.2257247s ago: executing program 1 (id=2599):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000)="af9956b7acb729022d6b80f144", 0xd, r0}, 0x64)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r3 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r3, 0x81044820, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
shutdown(r4, 0x0)
dup3(r4, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RELDISP(r5, 0x5605)
r6 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
syz_emit_ethernet(0x52, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd608a37f2001c2c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa06000003", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000054b3b0718c45302"], 0x0)
socket$inet(0x2, 0x0, 0x2)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000019400)=ANY=[@ANYBLOB="7424ea8ad4ac8b972fcf2b0342f8f0729e4e80279df6e134981e3500ebe13e931103bd518cad5a9f7f843a6d2140273cf342214b0fdbb5a8628e180f5fa705ed42bc72c4edaee74a16b03674057b26adc0387c2ce5e91b435c91bd", @ANYRESDEC, @ANYRES32], 0x10)
writev(r5, &(0x7f0000019580)=[{&(0x7f0000019380)="9733824102000000", 0x8}, {&(0x7f00000198c0)="fd65e69af21386501e98f8f9d59e2c7fde1d2c3e785626c8496e055499693730a6684f5157ec72c3b8c8d3abeb3851ea6f44cd4a43bcc461756a7c75315be80f6ef2b89ecdd7b1694153768995631f2f906aba1036d9a9c481653fd36793f0e1b888610affa300c26ebc4b8249627aa8801822045bf803405aaf0d568e4dfa7390f593", 0x83}, {&(0x7f0000019480)="8452ec2756d2819952619a387bda8d92a946ec5191e91c0085518298b92a743fe2e19ab9b3004365ddc89cd55bc8e3759352caf627c2a0b428af8e7027ac8af1ef9eeb3b1c2b953576e496de968c37448a467223bfb2e00e874827f9b00e845cd7968db57193113dd71582245374dc2786ac39514cb1e9010190aa5d96b95bac7ff9fa71e3409274e6435d6a74d05515bad246a80cc19bc893f7d3e0d201d583dba3f7a50a71155cc01607d02b367167ec02ba903b2df2e788c4ad435233ed7e0bf98089703147358442f786357631158c87831308c010586dc49b60b2d097238ef9aa631d5be5f28967ecc25989f981fe5cdf41f039c5331308f62e", 0xfc}, {&(0x7f0000019700)="b48ae69ac92f2483911f96a71e49c6c88d97b805519939e415495398ad10195ccb9b6e44585d1d679b4566aa2ba169fd0518d98f0560ff4b25416bfc63aae71ad6fc6d9de92e48d546ead366506779d98b6b3c40e2c5c5a91bb4291829c200cdb1074c00433782c45c1ca8a61098ff421eeae2159317931490c4fb393f08c95aa0ebea16b26b3c331149d36847967bfbc2e3080bfe7763e145122313ef870fd6fe2f9d0345dabe53be46f3068f1cd3842cc5b0577dfdee0b36a10cfec88796da88aa610000", 0xc5}, {&(0x7f00000193c0)="c343e4a91b1b99ef9dba7df828dd56e2281eb9cbb0a37529d0e31748fe97578f9031d9ed7497b4c45acb21004de0a616edd662b881a700000000b866ab1f7b0c", 0x40}], 0x5)

4.517006354s ago: executing program 0 (id=2600):
creat(0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="180100000000001d9eaac5e91d11e3ec850000006d000040670000000500000095812c6fa667892001f497e91f3fcdc4f6a72fc592cf00d4f6876e96ad2779fbad0be2dd66db5369def84a528d16000000000000000275abbe"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000050000000090a010400000000000000000100000008000a40000000000900020073797a32140000000900010073797a300000000008000340000000100c0009800800014000003c1f080005400000002d"], 0x98}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000207010000f8ffffffb702000008000000b70300000000000085000000061000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r5, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000030a00000000000000000000000000000900010073797a310000000020000000000a00000000004b000027a0d34305b929dbb611bd63490000000000000900010073797a300000000089ff00000000000000000000000a6b62de31c942a0aae8c86debc6bd89183cfa94125befd7e51887bd1c54751fdd1bf95cbd8c31834032517f3cb7cbc0db980e5f24e1c40639d81c8de24284d6fd5516aebf0026fab8ab0f2c34dd13edaa66504b07dbfd9e8fba2b45f9fe66fece0ec189695c1c989fc9a9901da7232055ee4b447b649d85000000000000"], 0x68}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=<r7=>0x0, @ANYBLOB="000000000000000000000100000008000100", @ANYRES32=<r8=>0xffffffffffffffff], 0x58}, 0x1, 0xf000}, 0x0)
sendmsg$netlink(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b000100000000000000001808"], 0x114}], 0x1}, 0x0)
linkat(r5, &(0x7f0000000240)='./file1\x00', r5, &(0x7f0000000200)='./file0\x00', 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
acct(0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001640)=ANY=[@ANYRES8, @ANYRES8=r8, @ANYRES32=r0, @ANYRES16=r0, @ANYRES16=0x0, @ANYRESDEC=0x0, @ANYBLOB='m', @ANYRESHEX=r6, @ANYRESOCT=r4, @ANYRESDEC=r7], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e00000003000000400000000104000080010000", @ANYRES32=r9, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500000004feffff00000d00000000529c7f07b6b899df5c0fc7056a"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x2)

4.007054329s ago: executing program 0 (id=2610):
creat(0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="180100000000001d9eaac5e91d11e3ec850000006d000040670000000500000095812c6fa667892001f497e91f3fcdc4f6a72fc592cf00d4f6876e96ad2779fbad0be2dd66db5369def84a528d16000000000000000275abbe"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000050000000090a010400000000000000000100000008000a40000000000900020073797a32140000000900010073797a300000000008000340000000100c0009800800014000003c1f080005400000002d"], 0x98}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000207010000f8ffffffb702000008000000b70300000000000085000000061000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r5, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000030a00000000000000000000000000000900010073797a310000000020000000000a00000000004b000027a0d34305b929dbb611bd63490000000000000900010073797a300000000089ff00000000000000000000000a6b62de31c942a0aae8c86debc6bd89183cfa94125befd7e51887bd1c54751fdd1bf95cbd8c31834032517f3cb7cbc0db980e5f24e1c40639d81c8de24284d6fd5516aebf0026fab8ab0f2c34dd13edaa66504b07dbfd9e8fba2b45f9fe66fece0ec189695c1c989fc9a9901da7232055ee4b447b649d85000000000000"], 0x68}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=<r7=>0x0, @ANYBLOB="000000000000000000000100000008000100", @ANYRES32=<r8=>0xffffffffffffffff], 0x58}, 0x1, 0xf000}, 0x0)
sendmsg$netlink(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b000100000000000000001808"], 0x114}], 0x1}, 0x0)
linkat(r5, &(0x7f0000000240)='./file1\x00', r5, &(0x7f0000000200)='./file0\x00', 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
acct(0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001640)=ANY=[@ANYRES8, @ANYRES8=r8, @ANYRES32=r0, @ANYRES16=r0, @ANYRES16=0x0, @ANYRESDEC=0x0, @ANYBLOB='m', @ANYRESHEX=r6, @ANYRESOCT=r4, @ANYRESDEC=r7], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e00000003000000400000000104000080010000", @ANYRES32=r9, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500000004feffff00000d00000000529c7f07b6b899df5c0fc7056a"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x2)

3.687018079s ago: executing program 0 (id=2604):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x6c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private}}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x6}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0x8, 0xffff}}, './file0\x00'})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_REJECT(r1, &(0x7f0000000100)={0x9, 0x108, 0xfa00, {r2, 0x8, "241878", "6ca488224d740b2f72e44eafa82fb33fb747775c49b46b230f7d82cd3a459bcca63f8234a73707f2331e0d5be7de64b301419a1365aba3ee9f2f6a6f0b19e2a824fa11d7704a1ab22d5b1ac0f1a15be90619b65c9573e2a0abe1a536f8146acdaed6eafb396d258025fe1a163da9d06ff0310ae4dc4a710f739e2bc6eb28587051252de3ae6085bf8b58b51a924e94ee2526b03924f21f5870a5bfc0f52dbd62805f7b3c033ebb81ff1b15e6d4a989a75e2411be399256bdcb22b688de1ebdee4b5a03eab071fbee01886523adfb139ea095b8479d397185d28b7501cf79273f8070a939293bc0d8b51372911867eb1eb395b02c48ebd7432d0086557e069dbd"}}, 0x110)
setresuid(0x0, 0xee01, 0x0)
setresuid(0x0, 0x0, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'veth1_to_bridge\x00'})
sendmsg$inet(r4, &(0x7f00000003c0)={&(0x7f0000000240)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)="b95020c4179d03873ceb4e2b9f3a191bcbc3da6e95431f1d056e6be5e8bb0424a8c2f9a44b0ca173003044f97c644b07ba33eb9986772e4f9a6d83a4f779cc78c103899ba7ff44364ede0be80058d775f6ba", 0x52}], 0x1, &(0x7f0000000380)=[@ip_tos_u8={{0xd, 0x0, 0x1, 0x9}}], 0x10}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setresgid(0xffffffffffffffff, 0x0, 0x0)
shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000002600)=""/27)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x28, 0x3, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x0)
r5 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001000)=@newqdisc={0xa0, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x70, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [], 0x0, [0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x14, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x7}]}, {0x4}]}]}}]}, 0xa0}}, 0x0)

2.849155435s ago: executing program 0 (id=2608):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='btrfs\x00', 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./bus\x00', 0xf9)
mount(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='pstore\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x6000, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

2.736725473s ago: executing program 2 (id=2612):
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x2, 0xfffffffffffffff7, 0x6, 0x3, 0x4, 0x5, 0x7f, 0x0, 0x81, 0x6, 0x799, 0x4, 0x0, 0x5, 0x6, 0x5], 0xdddd1000, 0x284400})
r0 = syz_usbip_server_init(0x4)
fcntl$setpipe(r0, 0x407, 0x6)
statx(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x400, 0x400, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000802, r1, &(0x7f0000000200)={0x86, 0x0, 0x6, 0x3, 0x46, 0x0, 0x8, 0xfff, 0x7})
ioctl$USBDEVFS_GET_SPEED(0xffffffffffffffff, 0x551f)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
listen(r3, 0x5)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f00000002c0)={0x3, 0x4})
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000300)=@arm64={0x31, 0x5, 0x4, '\x00', 0x3})
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000340)=<r5=>0xffffffffffffffff)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000380)={0x8, 0x800, 0x6, 0x0, 0x0, [{{r4}, 0x63}, {{r3}, 0x3}, {{r2}, 0xffffffffffff9383}, {{r5}, 0xb}, {{r6}, 0x9}, {{r2}, 0x7fffffff}]})
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000480)=[@in={0x2, 0x4e20, @multicast2}, @in6={0xa, 0x4e24, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x4}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x10}}, @in={0x2, 0x4e22, @rand_addr=0x64010100}, @in6={0xa, 0x4e20, 0xffec, @dev={0xfe, 0x80, '\x00', 0x16}, 0x5}, @in={0x2, 0x4e20, @multicast1}], 0x78)
r7 = fcntl$dupfd(r5, 0x0, r4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r7, 0x84, 0x6e, &(0x7f0000000500)=[@in6={0xa, 0x4e22, 0x2000000, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x3}, @in6={0xa, 0x4e21, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3ff}, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e24, @broadcast}, @in6={0xa, 0x4e20, 0x1, @remote, 0x5}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e20, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xffff11f3}, @in6={0xa, 0x4e21, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfff}], 0xbc)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000005c0)=<r8=>0x0)
ioctl$sock_SIOCDELRT(r6, 0x890c, &(0x7f0000000600)={0x0, @qipcrtr={0x2a, 0x4, 0xffffbffe}, @nfc={0x27, r8, 0xffffffffffffffff, 0x7}, @vsock={0x28, 0x0, 0x2711, @my=0x0}, 0x3c6, 0x0, 0x0, 0x0, 0x80, 0x0, 0x7fff, 0x40, 0x9})
mount$overlay(0x0, &(0x7f0000000680)='./file0\x00', &(0x7f00000006c0), 0x2, &(0x7f0000000700)={[{@nfs_export_off}], [{@smackfsfloor={'smackfsfloor', 0x3d, '^:-\x8c&-!//-+'}}]})
r9 = syz_open_dev$sndctrl(&(0x7f0000000740), 0x3a688edb, 0x400000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f0000000780)={{0x1, 0x1, 0x18, <r10=>r3}, './file0\x00'})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)={0x2, 0x4, 0x8, 0x1, 0x80, r7, 0x9, '\x00', 0x0, r10, 0x5, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r5, 0x80489439, &(0x7f0000000840))
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r10, 0x7a9, &(0x7f00000008c0)={{@local, 0x40}, 0x9, 0xfffffffffffffff8, 0xc, 0x4, 0xf01, 0x200, 0x6, 0x4})
sendto$inet(r5, &(0x7f0000000900)="3a10313a0ecf8e16cc0a7c8f99b7423bc92fa5e71d183d85b09232c5d1501312d914d7d4b65dd8d44e05d1df10be777eb6436cc2553234fd30aa14c1ee7d608e8b0058a8990ab8b0ce01c7c206ede3829c3d9ad6f631d1ac23033bfbb1e140b597b496d756f937004af04cf0fa7321f70e104b51f0ac2ba2de3911d74ba96e132ed507a672e47d3f4e3b3f5965b7eb3c2d5edff2f15769b9d7e8dd0512357bcd766b925f9a5f1ae288f1c78e82c08c", 0xaf, 0x228c1ffe56c2fd56, 0x0, 0x0)
socket$inet(0x2, 0x80000, 0xffffffff)
tee(r9, r10, 0x57ee, 0x6)
ioctl$USBDEVFS_FREE_STREAMS(r10, 0x8008551d, &(0x7f00000009c0)={0x4c23, 0xb, [{0xc}, {0x5, 0x1}, {0xd, 0x1}, {0xa}, {0x4, 0x1}, {0xd, 0x1}, {0xb, 0x1}, {0x8, 0x1}, {0xc, 0x1}, {0x6, 0x1}, {0x4}]})
ioctl$MEDIA_IOC_REQUEST_ALLOC(r10, 0x80047c05, &(0x7f0000000a00))

2.733475026s ago: executing program 0 (id=2613):
creat(0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="180100000000001d9eaac5e91d11e3ec850000006d000040670000000500000095812c6fa667892001f497e91f3fcdc4f6a72fc592cf00d4f6876e96ad2779fbad0be2dd66db5369def84a528d16000000000000000275abbe"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000050000000090a010400000000000000000100000008000a40000000000900020073797a32140000000900010073797a300000000008000340000000100c0009800800014000003c1f080005400000002d"], 0x98}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000207010000f8ffffffb702000008000000b70300000000000085000000061000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r5, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000030a00000000000000000000000000000900010073797a310000000020000000000a00000000004b000027a0d34305b929dbb611bd63490000000000000900010073797a300000000089ff00000000000000000000000a6b62de31c942a0aae8c86debc6bd89183cfa94125befd7e51887bd1c54751fdd1bf95cbd8c31834032517f3cb7cbc0db980e5f24e1c40639d81c8de24284d6fd5516aebf0026fab8ab0f2c34dd13edaa66504b07dbfd9e8fba2b45f9fe66fece0ec189695c1c989fc9a9901da7232055ee4b447b649d85000000000000"], 0x68}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=<r7=>0x0, @ANYBLOB="000000000000000000000100000008000100", @ANYRES32=<r8=>0xffffffffffffffff], 0x58}, 0x1, 0xf000}, 0x0)
sendmsg$netlink(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b000100000000000000001808"], 0x114}], 0x1}, 0x0)
linkat(r5, &(0x7f0000000240)='./file1\x00', r5, &(0x7f0000000200)='./file0\x00', 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
acct(0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001640)=ANY=[@ANYRES8, @ANYRES8=r8, @ANYRES32=r0, @ANYRES16=r0, @ANYRES16=0x0, @ANYRESDEC=0x0, @ANYBLOB='m', @ANYRESHEX=r6, @ANYRESOCT=r4, @ANYRESDEC=r7], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e00000003000000400000000104000080010000", @ANYRES32=r9, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500000004feffff00000d00000000529c7f07b6b899df5c0fc7056a"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x2)

2.549846287s ago: executing program 1 (id=2614):
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r0 = syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x0, 0x10100}, 0x0, 0x0) (async)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) (async)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) (async)
syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00') (async)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) (async)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}}) (async)
syz_clone(0x40000, &(0x7f00000000c0)="df64131fc3bac6e7b82e1d3623677189551cf9617b73a0e3c66d67c54afe401db8c6b95488451ebc2a16bd8386f3e60619b74de6496194a1c395abbf23dc995bdbd822339b12bd516a0fb44b0772da8b0b59bc0cefc767ba2f115735cf751abd72", 0x61, &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000180)="8f6f793994c159d2df4210cc12c7938e4b5bb00e177b8a4e8738670cb427908648684ec5ca449780b040e8f8014058bcc8170b1b23be98636c1b79445c0c12ef0e36b5f8c95b0438b5f13e09598d779f7e899a5073d947a886db4e6ee520fb9ab6a535faf505fc0a34a316c42e766ac902addc162e94abac0cbb5291f912f887e2638a6657")

2.474808724s ago: executing program 1 (id=2615):
r0 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$P9_RSTATu(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1d0200007d00000005df000000000000000000000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b65"], 0x21d)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000002100010000000000000000000a001400000000000000000014000200fe8000000000000000000000000000aa0c0014"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x8054)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r4, &(0x7f0000000180)={0x1a, 0x0, 0x80, 0x0, 0x0, 0x0, @multicast}, 0x10)
sendmsg$TIPC_NL_NODE_GET(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={0x0, 0x140}, 0x1, 0x0, 0x0, 0x800}, 0x40085)
sendmmsg(r4, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), r2)
sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r5, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @empty}, @FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @broadcast}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8004}, 0x4010)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$sock_int(r6, 0x1, 0x2c, &(0x7f0000000040)=0x3, 0x4)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x2c, &(0x7f0000000140)={0x0, 0x0}, 0x10)
sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="a96300000000000000000600000057f7e33fa9ce89d24363898061daefc249fbe95845a6decc6bd0ffff98f3ad38abeae640ad346c30b5165a3f47464e7ce343c1b31b7209144d787ba029e29a4f84b677d6a61d9474b912119bf42e0ec3ce940b3e045dc69d3b30cd57081d5f40c2f3e66cac776bdc374dcc715f5408c447dba6179a4325f94734578fe2e2d1ca1e132adac70a257a3fd7210057f1a626"], 0x14}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="3c00000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000031201001c0002800500170000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x10)

2.426360933s ago: executing program 0 (id=2616):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
r2 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1000001000104)
ioctl$NBD_SET_SOCK(r2, 0xab00, r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3, <r4=>0xffffffffffffffff}, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r5=>0x0})
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x2000000, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, 0xffffffffffffffff)
fcntl$getownex(r8, 0x10, &(0x7f0000000140)={0x0, <r9=>0x0})
r10 = syz_open_procfs(r9, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_SETFLAGS(r10, 0x40086602, &(0x7f0000000380))
r11 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000380), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x18, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffc01, 0x0, 0x0, 0x0, 0x9}, [@jmp={0x5, 0x0, 0x4, 0x0, 0x7, 0x20, 0x1}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x57}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000080)='GPL\x00', 0x3c61, 0x62, &(0x7f0000000300)=""/98, 0x41100, 0x60, '\x00', r5, 0x25, r11, 0x8, &(0x7f00000003c0)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000400)=[r3, r3, r3], &(0x7f0000000440)=[{0x0, 0x5, 0x10, 0x8}, {0x4, 0x4, 0xb, 0x7}, {0x0, 0x5, 0x9, 0xa}, {0x3, 0x1, 0x0, 0x5}, {0x0, 0x1, 0xd, 0x6}], 0x10, 0x6, @void, @value}, 0x90)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r12}, 0x10)
r13 = fsopen(&(0x7f0000000000)='ceph\x00', 0x0)
munlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000)
fsconfig$FSCONFIG_SET_STRING(r13, 0x1, &(0x7f00000000c0)='test_dummy_encryption', &(0x7f0000000180)='auto_da_alloc', 0x0)

2.107018931s ago: executing program 2 (id=2622):
r0 = openat$nullb(0xffffff9c, &(0x7f0000000180), 0x624100, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup2(r0, r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r5=>0x0})
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x5)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r4, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}]}, 0x24}}, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x101a02, 0x0)
sendfile(r8, r8, 0x0, 0x9)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r9, 0x0, 0x4000000)
sendmsg$IEEE802154_LIST_PHY(r9, 0x0, 0x4000000)
syz_open_dev$usbfs(0x0, 0x201, 0xcf341)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000140)={@local, @empty, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0bc0f7", 0x0, "de9560"}}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
r10 = getpid()
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r11=>0xffffffffffffffff})
recvmmsg(r11, 0x0, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, 0x0)
r12 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r12, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r12, 0xc0502100, &(0x7f0000000480)={<r13=>0x0})
r14 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r12, 0x40182103, &(0x7f0000000240)={r13, 0x3, r14})

1.697459382s ago: executing program 3 (id=2625):
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x230482, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(r0, 0x80044dfe, &(0x7f00000000c0))

1.647076142s ago: executing program 1 (id=2626):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0)
r1 = openat$bsg(0xffffff9c, 0x0, 0x40040, 0x0)
recvfrom(r1, 0x0, 0x0, 0x40000121, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$rxrpc(0x21, 0x2, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYRES64=r1, @ANYRESDEC], 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc058534b, &(0x7f0000000440)={0x80})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
r5 = socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x8, 0x12, 0xffffffffffffffff, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="4c00000010000304000000010000000000007400", @ANYRES32=r8, @ANYBLOB="00000000031201002c0012800b00010062726964676500001c000280050019000700000008000500010000000500170000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x10)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r9}, 0x10)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@newsa={0x134, 0x10, 0x20, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {@in=@empty, 0x0, 0x6c}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x134}}, 0x0)

1.646813687s ago: executing program 3 (id=2627):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000000f08000140000000020900010073797a30000000000900020073797a320000000014000000110001"], 0x78}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x700, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x2, 0x0, 0x0, 0x0, {[@exp_smc={0xfe, 0x6}, @exp_smc={0xfe, 0x6}, @sack_perm={0x4, 0x2}, @mss={0x2, 0x4, 0x5}, @sack={0x5, 0x2}]}}}}}}}, 0x0)

1.567105348s ago: executing program 3 (id=2628):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r2], 0x30}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c008e88", @ANYRES16=r4, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050"], 0x3c}}, 0x0)

1.51504096s ago: executing program 3 (id=2629):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r0=>0x0}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prlimit64(0x0, 0xe, 0x0, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil)
madvise(&(0x7f000058f000/0x3000)=nil, 0x3000, 0xd) (async)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe) (async)
getpid() (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6) (async)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x118, 0x0, 0x330, 0x298, 0x330, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'pimreg0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_bridge\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) (async)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0) (async)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0) (async)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="380100001000130727bd700000000000fe8000000000000000000000000000aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe80000000000000000000000000000f0000000032000000ac1414000000000000000000000000000000000000fdffff890200000000000000000000000000000000000000000000000000000000000042b1ffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002002000000000000004c001200726663343130362867636d286165732929000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000009d20a4ac6a26c164f2ade0a1ef5dccf83c69f8a317e0dc266e7826156e0641e1541806dcdb76c3d3268c3473c96a13ad273f30859bdf15b4c7e3819834bdc09757e016d5bb0344d45c8990b2c4ab0d81610ee42e23e7ea806b223b3724e00408ac2997568d5808f4f8b73dab1ffd955c1c5bfb56af205145b36cdf025da07b30b27e3a2c519f6ec32992257fe6ac325762752f4d9497a93e71de730e7a624af76ab9cf330c9913213b64fef07ed299f5dd312a72345e05184707e9cba7c1d94410f1c678bd8584f903956a929d388acc660a41a4a06402a681638b0e3a6f0edb0e517c8e2ed4da1da8a9cf7b58fd50421ecb086fdf1dadcad2427842b1cc2a2743df9f68d8e74b52ee6d36ecbf7ef09fa994014aa108"], 0x138}}, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r7 = openat$random(0xffffff9c, &(0x7f0000000140), 0x181000, 0x0)
ioctl$RNDADDENTROPY(r7, 0x40085203, &(0x7f0000000240)={0x5}) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000680)=ANY=[@ANYRESOCT=r2, @ANYRESHEX=r4, @ANYRESHEX=0x0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r8 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000a00)=ANY=[@ANYRES64=r0, @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002755fcadb809a2443c61813c69a9cced9e36a16daa18488327bd41e0e6b09b07d43950aae2c7a356a71a388b0c5b782626b8433109d5736430c4038f9a46ee0cae76749435c7075accc6369ae4ced7906773a48d2be5498cfc44c5b793b8e9ecfe99b0bc889e771a076ed2a072a896b9129e9389aec3f45f63b1595a783281aa18978dbdafed5070371bafbdb77ca4339"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.246703059s ago: executing program 2 (id=2630):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0xa34, 0x0, 0x11, 0x148, 0x8bc, 0x1d, 0x9a0, 0x2a8, 0x2a8, 0x9a0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x874, 0x8bc, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@unspec=@u32={{0x7e0}, {[], 0x29}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@uncond, 0x0, 0xb4, 0xe4, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@socket0={{0x20}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0xa90)

1.157008096s ago: executing program 2 (id=2631):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a3000f7ffff33000000030a01080000000000000000010000000900030073797a320000000008000a40000000020900010073797a3000"], 0x7c}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="000000000400"/19, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYRES32=r2, @ANYRES32, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b700000000000000950000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r3, 0x0, 0x0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x809, 0x8e}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000580)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(r4, 0x4b, &(0x7f0000000200)=0x81)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
r8 = open$dir(&(0x7f0000000080)='.\x00', 0x0, 0x0)
mknodat(r8, &(0x7f0000000000)='./file0\x00', 0x1, 0x10)
acct(&(0x7f0000000300)='./file0\x00')
write$UHID_INPUT(r7, &(0x7f0000001300)={0xc, {"a2e3ad214fc752f91b4847f70e06d038e7ff7fc6e5539b326d078b089b3b083872090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31300d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f097e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f028dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c000003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b611fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0xfffffffffffffebd}}, 0x1006)
socket$key(0xf, 0x3, 0x2)
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f00000002c0)={0x8, &(0x7f0000000440)=[{0x11, 0x7}, {0x6, 0x8}, {0x5cec, 0xc616}, {0x1, 0x929}, {0x800, 0xd}, {0x9, 0x9}, {0x4000, 0x1}, {0x7fff, 0xe559}]})

676.689426ms ago: executing program 3 (id=2632):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a3000f7ffff33000000030a01080000000000000000010000000900030073797a320000000008000a40000000020900010073797a3000"], 0x7c}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="000000000400"/19, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYRES32=r2, @ANYRES32, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b700000000000000950000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r3, 0x0, 0x0}, 0x10)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000080)=0xc)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000580)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(r4, 0x4b, &(0x7f0000000200)=0x81)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
r8 = open$dir(&(0x7f0000000080)='.\x00', 0x0, 0x0)
mknodat(r8, &(0x7f0000000000)='./file0\x00', 0x1, 0x10)
acct(&(0x7f0000000300)='./file0\x00')
write$UHID_INPUT(r7, &(0x7f0000001300)={0xc, {"a2e3ad214fc752f91b4847f70e06d038e7ff7fc6e5539b326d078b089b3b083872090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31300d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f097e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f028dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c000003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b611fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0xfffffffffffffebd}}, 0x1006)
socket$key(0xf, 0x3, 0x2)
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f00000002c0)={0x8, &(0x7f0000000440)=[{0x11, 0x7}, {0x6, 0x8}, {0x5cec, 0xc616}, {0x1, 0x929}, {0x800, 0xd}, {0x9, 0x9}, {0x4000, 0x1}, {0x7fff, 0xe559}]})

97.222479ms ago: executing program 2 (id=2633):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000280))
setuid(0x0)
setxattr$system_posix_acl(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000480)={{}, {0x1, 0x5}, [{0x2, 0x1}, {0x2, 0x5}, {0x2, 0x4}, {0x2, 0x1}], {0x4, 0x5}, [{0x8, 0x3}], {}, {0x20, 0x6}}, 0x4c, 0x1)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

73.182944ms ago: executing program 2 (id=2634):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000440)={0x0, 0xa, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000205000400000000000900020073797a30000000000500010007000000050005000a000400140007800800114000000000080012400000ffff0d000300686173683a6e6574"], 0x5c}}, 0x0)
add_key$user(&(0x7f0000000300), &(0x7f00000002c0)={'syz', 0x3}, &(0x7f0000000380)='X\\', 0x2, 0xfffffffffffffffe)
syz_io_uring_setup(0x46bb, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r3 = syz_io_uring_setup(0x2705, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x2, 0x1fc}, &(0x7f0000000100), &(0x7f0000001440))
io_uring_enter(r3, 0xa39, 0xaeff, 0xf, 0x0, 0x0)
r4 = io_uring_setup(0x624a, &(0x7f0000000280)={0x0, 0x0, 0x400})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0x18, 0x20000000, r5)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x10, 0x0, @fd_index=0x2, 0xc38, 0x0, 0x3, 0x0, 0x1, {0x0, r5}})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_emit_ethernet(0x7a, 0x0, 0x0)
r6 = openat$sequencer2(0xffffff9c, &(0x7f0000000180), 0x200002, 0x0)
ioctl$SNDCTL_SEQ_NRSYNTHS(r6, 0x8004510a, &(0x7f00000001c0))
ioctl$EVIOCGSW(0xffffffffffffffff, 0x80084503, &(0x7f00000020c0)=""/4096)
syz_open_dev$usbmon(&(0x7f0000000080), 0x8, 0x452281)
syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x103)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
bind$vsock_stream(r7, &(0x7f0000000000)={0x10}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r8 = openat$cdrom(0xffffff9c, &(0x7f0000000780), 0x80, 0x0)
ioctl$DVD_AUTH(r8, 0x5390, &(0x7f00000007c0)=@type=0x3)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)

0s ago: executing program 3 (id=2635):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, 0x0)
setuid(r1)
setxattr$system_posix_acl(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000480)={{}, {0x1, 0x5}, [{0x2, 0x1}, {0x2, 0x5}, {0x2, 0x4}, {0x2, 0x1, r1}], {0x4, 0x5}, [{0x8, 0x3}], {}, {0x20, 0x6}}, 0x4c, 0x1)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

ck nbd1: Send disconnect failed -89
[  383.421102][   T69] blk_print_req_error: 25 callbacks suppressed
[  383.421112][   T69] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.425755][   T69] buffer_io_error: 25 callbacks suppressed
[  383.425763][   T69] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.429611][ T5414] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.432016][ T5414] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.434446][ T5414] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.436753][ T5414] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.439263][ T5414] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.441988][ T5414] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.444234][ T5414] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.446733][ T5414] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.448783][ T5414] ldm_validate_partition_table(): Disk read failed.
[  383.450541][ T5414] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.453094][ T5414] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.457206][ T5414] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.459858][ T5414] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.462031][ T5414] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.465597][ T5414] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.469932][ T5414] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.472658][ T5414] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.475760][ T5414] Dev nbd1: unable to read RDB block 0
[  383.477889][ T5414] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  383.480404][ T5414] Buffer I/O error on dev nbd1, logical block 0, async page read
[  383.482822][ T5414]  nbd1: unable to read partition table
[  383.485755][ T5414] nbd1: partition table beyond EOD, truncated
[  383.488700][T13153] ldm_validate_partition_table(): Disk read failed.
[  383.491261][T13153] Dev nbd1: unable to read RDB block 0
[  383.493340][T13153]  nbd1: unable to read partition table
[  383.497631][T13153] nbd1: partition table beyond EOD, truncated
[  383.500565][ T5414] ldm_validate_partition_table(): Disk read failed.
[  383.504253][ T5414] Dev nbd1: unable to read RDB block 0
[  383.506315][ T5414]  nbd1: unable to read partition table
[  383.508352][ T5414] nbd1: partition table beyond EOD, truncated
[  383.604237][T13156] netlink: 16126 bytes leftover after parsing attributes in process `syz.1.2051'.
[  383.607152][T13156] netlink: 183228 bytes leftover after parsing attributes in process `syz.1.2051'.
[  383.856128][T13163] FAULT_INJECTION: forcing a failure.
[  383.856128][T13163] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  383.860519][T13163] CPU: 3 UID: 0 PID: 13163 Comm: syz.1.2054 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  383.864136][T13163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  383.867803][T13163] Call Trace:
[  383.868914][T13163]  <TASK>
[  383.869938][T13163]  dump_stack_lvl+0x16c/0x1f0
[  383.871577][T13163]  should_fail_ex+0x497/0x5b0
[  383.873161][T13163]  _copy_from_user+0x30/0xf0
[  383.874702][T13163]  get_compat_msghdr+0xa8/0x170
[  383.876313][T13163]  ? __pfx_get_compat_msghdr+0x10/0x10
[  383.878161][T13163]  ? find_held_lock+0x2d/0x110
[  383.879803][T13163]  ___sys_recvmsg+0x193/0x1a0
[  383.881418][T13163]  ? __pfx____sys_recvmsg+0x10/0x10
[  383.883192][T13163]  ? lock_acquire+0x2f/0xb0
[  383.884742][T13163]  ? __fget_files+0x40/0x3f0
[  383.886347][T13163]  ? __pfx___might_resched+0x10/0x10
[  383.888136][T13163]  ? fdget+0x176/0x210
[  383.889530][T13163]  do_recvmmsg+0x51a/0x750
[  383.891066][T13163]  ? __pfx_do_recvmmsg+0x10/0x10
[  383.892771][T13163]  ? __pfx_lock_release+0x10/0x10
[  383.894445][T13163]  ? vfs_write+0x14d/0x1140
[  383.895957][T13163]  ? __fget_files+0x244/0x3f0
[  383.897496][T13163]  __sys_recvmmsg+0x21e/0x280
[  383.899179][T13163]  ? __pfx___sys_recvmmsg+0x10/0x10
[  383.900871][T13163]  ? __pfx_ksys_write+0x10/0x10
[  383.902564][T13163]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  383.904645][T13163]  ? lockdep_hardirqs_on+0x7c/0x110
[  383.906384][T13163]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  383.908532][T13163]  __do_fast_syscall_32+0x73/0x120
[  383.910191][T13163]  do_fast_syscall_32+0x32/0x80
[  383.911782][T13163]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  383.913846][T13163] RIP: 0023:0xf7f68579
[  383.915221][T13163] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  383.921296][T13163] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  383.923977][T13163] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000840
[  383.926465][T13163] RDX: 0000000000000414 RSI: 0000000000000000 RDI: 0000000000000000
[  383.928481][T13163] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  383.930553][T13163] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  383.932844][T13163] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  383.934951][T13163]  </TASK>
[  384.003609][T13171] kAFS: Can only specify source 'none' with -o dyn
[  384.006843][T13171] ecryptfs_parse_options: eCryptfs: unrecognized option [GPL]
[  384.009289][T13171] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  384.013716][T13171] Error parsing options; rc = [-22]
[  384.071986][T13173] Invalid ELF header magic: != ELF
[  384.077375][   T39] kauditd_printk_skb: 47 callbacks suppressed
[  384.077390][   T39] audit: type=1326 audit(1728188148.018:11309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13172 comm="syz.1.2058" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f68579 code=0x0
[  384.448383][T13175] Process accounting resumed
[  384.495701][T13180] netlink: 'syz.0.2060': attribute type 4 has an invalid length.
[  384.638788][T13184] netlink: 'syz.0.2061': attribute type 11 has an invalid length.
[  384.839808][T13190] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2062'.
[  384.842074][T13190] netlink: 'syz.0.2062': attribute type 1 has an invalid length.
[  384.855728][T13190] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2062'.
[  385.086051][T13199] FAULT_INJECTION: forcing a failure.
[  385.086051][T13199] name failslab, interval 1, probability 0, space 0, times 0
[  385.089259][T13199] CPU: 2 UID: 0 PID: 13199 Comm: syz.3.2065 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  385.092021][T13199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  385.094736][T13199] Call Trace:
[  385.095591][T13199]  <TASK>
[  385.096360][T13199]  dump_stack_lvl+0x16c/0x1f0
[  385.097596][T13199]  should_fail_ex+0x497/0x5b0
[  385.098837][T13199]  should_failslab+0xc2/0x120
[  385.100052][T13199]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  385.101392][T13199]  ? dst_alloc+0x99/0x1a0
[  385.102495][T13199]  dst_alloc+0x99/0x1a0
[  385.103581][T13199]  ? fib_validate_source+0x13d/0x730
[  385.104901][T13199]  rt_dst_alloc+0x35/0x3a0
[  385.106033][T13199]  ip_route_input_slow+0x19bd/0x39a0
[  385.107399][T13199]  ? __pfx_ip_route_input_slow+0x10/0x10
[  385.108846][T13199]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  385.110561][T13199]  ? lock_acquire+0x2f/0xb0
[  385.111956][T13199]  ? ip_route_input_noref+0xb9/0x2e0
[  385.113335][T13199]  ip_route_input_noref+0x124/0x2e0
[  385.114708][T13199]  ? __pfx_ip_route_input_noref+0x10/0x10
[  385.116187][T13199]  ? __pfx_nf_hook.constprop.0+0x10/0x10
[  385.117570][T13199]  ? sock_wfree+0x11c/0x880
[  385.119011][T13199]  ip_rcv_finish_core.constprop.0+0x469/0x2280
[  385.120773][T13199]  ip_rcv+0x1c0/0x5d0
[  385.121813][T13199]  ? __pfx_ip_rcv+0x10/0x10
[  385.123031][T13199]  __netif_receive_skb_one_core+0x199/0x1e0
[  385.124595][T13199]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  385.126281][T13199]  ? trace_lock_acquire+0x14a/0x1d0
[  385.127637][T13199]  ? netif_receive_skb+0x109/0x7b0
[  385.128979][T13199]  __netif_receive_skb+0x1d/0x160
[  385.130296][T13199]  netif_receive_skb+0x13f/0x7b0
[  385.131567][T13199]  ? __pfx_netif_receive_skb+0x10/0x10
[  385.132988][T13199]  ? __pfx___lock_acquire+0x10/0x10
[  385.134367][T13199]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  385.135888][T13199]  tun_rx_batched+0x429/0x780
[  385.137026][T13199]  ? __pfx_tun_rx_batched+0x10/0x10
[  385.138331][T13199]  ? lock_acquire+0x2f/0xb0
[  385.139498][T13199]  ? tun_get_user+0x13ae/0x3d70
[  385.140713][T13199]  tun_get_user+0x2a3c/0x3d70
[  385.141898][T13199]  ? find_held_lock+0x2d/0x110
[  385.143117][T13199]  ? __pfx_tun_get_user+0x10/0x10
[  385.144348][T13199]  ? find_held_lock+0x2d/0x110
[  385.145560][T13199]  ? __pfx_lock_release+0x10/0x10
[  385.146868][T13199]  tun_chr_write_iter+0xdc/0x210
[  385.148170][T13199]  vfs_write+0x6b5/0x1140
[  385.149249][T13199]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  385.150650][T13199]  ? trace_lock_acquire+0x14a/0x1d0
[  385.152397][T13199]  ? __pfx_vfs_write+0x10/0x10
[  385.152415][T13199]  ? __fget_files+0x40/0x3f0
[  385.152433][T13199]  ksys_write+0x12f/0x260
[  385.152444][T13199]  ? __pfx_ksys_write+0x10/0x10
[  385.152458][T13199]  __do_fast_syscall_32+0x73/0x120
[  385.152474][T13199]  do_fast_syscall_32+0x32/0x80
[  385.152488][T13199]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  385.152504][T13199] RIP: 0023:0xf7f50579
[  385.152515][T13199] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  385.152526][T13199] RSP: 002b:00000000f56d6530 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  385.152539][T13199] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000240
[  385.152546][T13199] RDX: 00000000000000be RSI: 00000000f73dbff4 RDI: 0000000000000000
[  385.152553][T13199] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  385.152560][T13199] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  385.152567][T13199] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  385.152580][T13199]  </TASK>
[  385.232602][T13205] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  385.387633][   T39] audit: type=1326 audit(1728188149.328:11310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13204 comm="syz.3.2067" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  385.910193][T13197] Process accounting resumed
[  386.074152][   T39] audit: type=1326 audit(1728188149.998:11311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13204 comm="syz.3.2067" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f50579 code=0x7fc00000
[  386.079428][   T39] audit: type=1326 audit(1728188149.998:11312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13204 comm="syz.3.2067" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  386.104515][T13212] FAULT_INJECTION: forcing a failure.
[  386.104515][T13212] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.107680][T13212] CPU: 3 UID: 0 PID: 13212 Comm: syz.3.2069 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  386.110265][T13212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  386.111701][   T39] audit: type=1326 audit(1728188149.998:11313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13204 comm="syz.3.2067" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  386.112831][T13212] Call Trace:
[  386.119299][T13212]  <TASK>
[  386.120060][T13212]  dump_stack_lvl+0x16c/0x1f0
[  386.121228][T13212]  should_fail_ex+0x497/0x5b0
[  386.122418][T13212]  _copy_from_user+0x30/0xf0
[  386.123611][T13212]  csum_and_copy_from_iter_full+0x218/0x1eb0
[  386.125162][T13212]  ? __lock_acquire+0xbdd/0x3ce0
[  386.126464][T13212]  ? __pfx_csum_and_copy_from_iter_full+0x10/0x10
[  386.128248][T13212]  ? hlock_class+0x4e/0x130
[  386.129451][T13212]  ? mark_lock+0xb5/0xc60
[  386.130585][T13212]  ? mark_lock+0xb5/0xc60
[  386.131703][T13212]  ? __pfx_mark_lock+0x10/0x10
[  386.132941][T13212]  ? __pfx_mark_lock+0x10/0x10
[  386.134142][T13212]  ip_generic_getfrag+0x175/0x260
[  386.135436][T13212]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  386.136870][T13212]  ? do_csum+0x280/0x2e0
[  386.137696][   T39] audit: type=1326 audit(1728188149.998:11314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13204 comm="syz.3.2067" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  386.137975][T13212]  raw6_getfrag+0x1ed/0x270
[  386.145817][T13212]  __ip6_append_data.isra.0+0x12f9/0x4540
[  386.147319][T13212]  ? hlock_class+0x4e/0x130
[  386.148475][T13212]  ? mark_lock+0xb5/0xc60
[  386.149587][T13212]  ? __pfx_raw6_getfrag+0x10/0x10
[  386.150879][T13212]  ? __pfx___ip6_append_data.isra.0+0x10/0x10
[  386.151959][   T39] audit: type=1326 audit(1728188149.998:11315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13204 comm="syz.3.2067" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  386.152436][T13212]  ip6_append_data+0x1e6/0x500
[  386.159159][T13212]  ? __pfx_raw6_getfrag+0x10/0x10
[  386.160484][T13212]  rawv6_sendmsg+0x1578/0x43e0
[  386.161733][T13212]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  386.163048][T13212]  ? __pfx___lock_acquire+0x10/0x10
[  386.164370][   T39] audit: type=1326 audit(1728188149.998:11316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13204 comm="syz.3.2067" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  386.164377][T13212]  ? __fget_files+0x23a/0x3f0
[  386.164392][T13212]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  386.169787][T13212]  ? __pfx_aa_sk_perm+0x10/0x10
[  386.171199][   T39] audit: type=1326 audit(1728188149.998:11317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13204 comm="syz.3.2067" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  386.172629][T13212]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  386.172644][T13212]  ? inet_sendmsg+0x119/0x140
[  386.174568][   T39] audit: type=1326 audit(1728188149.998:11318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13204 comm="syz.3.2067" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  386.179924][T13212]  inet_sendmsg+0x119/0x140
[  386.190521][T13212]  __sys_sendto+0x426/0x4d0
[  386.191733][T13212]  ? __pfx___sys_sendto+0x10/0x10
[  386.193062][T13212]  ? ksys_write+0x1ad/0x260
[  386.194271][T13212]  ? __pfx_ksys_write+0x10/0x10
[  386.195550][T13212]  __ia32_sys_sendto+0xdd/0x1b0
[  386.196926][T13212]  ? lockdep_hardirqs_on+0x7c/0x110
[  386.198609][T13212]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  386.200284][T13212]  __do_fast_syscall_32+0x73/0x120
[  386.201547][T13212]  do_fast_syscall_32+0x32/0x80
[  386.202773][T13212]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  386.204380][T13212] RIP: 0023:0xf7f50579
[  386.205400][T13212] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  386.210320][T13212] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  386.212387][T13212] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000300
[  386.214386][T13212] RDX: 0000000000000016 RSI: 0000000000000000 RDI: 0000000000000000
[  386.216352][T13212] RBP: 00000000fffffdfd R08: 0000000000000000 R09: 0000000000000000
[  386.218347][T13212] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  386.220374][T13212] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  386.222368][T13212]  </TASK>
[  386.377176][T13210] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2068'.
[  386.470870][T13215] overlayfs: failed to resolve './file1': -2
[  386.471294][T13217] overlayfs: failed to resolve './file1': -2
[  387.388288][T13222] cannot load conntrack support for proto=3
[  387.390516][T13220] overlay: ./file0 is not a directory
[  387.644286][T13228] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2073'.
[  387.647358][T13228] netlink: 'syz.3.2073': attribute type 1 has an invalid length.
[  387.649924][T13228] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2073'.
[  388.837014][T13239] pim6reg: entered allmulticast mode
[  388.852596][T13239] pim6reg: left allmulticast mode
[  389.925265][T13252] netlink: 'syz.1.2081': attribute type 10 has an invalid length.
[  389.927353][T13252] ipvlan1: entered promiscuous mode
[  389.933491][T13252] team0: Device ipvlan1 failed to register rx_handler
[  389.996215][T13254] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2082'.
[  389.998869][T13254] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2082'.
[  390.001223][T13254] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.235832][T13260] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2083'.
[  390.238457][T13260] netlink: 'syz.1.2083': attribute type 1 has an invalid length.
[  390.240873][T13260] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2083'.
[  390.601083][T13257] Process accounting resumed
[  390.756554][T13266] netlink: 'syz.1.2086': attribute type 1 has an invalid length.
[  390.767682][T13266] bond2: entered promiscuous mode
[  390.813881][T13267] bond2: (slave veth3): Enslaving as an active interface with a down link
[  390.919299][T13267] bond2: (slave veth5): Enslaving as an active interface with a down link
[  390.923578][T13268] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2086'.
[  390.936895][T13268] bond2 (unregistering): (slave veth3): Releasing active interface
[  390.956182][T13268] bond2 (unregistering): (slave veth5): Releasing active interface
[  390.970716][T13268] bond2 (unregistering): Released all slaves
[  392.201242][T13288] netlink: 'syz.0.2090': attribute type 1 has an invalid length.
[  392.203538][T13288] netlink: 'syz.0.2090': attribute type 4 has an invalid length.
[  392.206385][T13288] netlink: 15334 bytes leftover after parsing attributes in process `syz.0.2090'.
[  392.505095][T13295] tmpfs: Bad value for 'mpol'
[  392.603247][T13277] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  392.899998][T13305] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  393.055909][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  393.055925][   T39] audit: type=1326 audit(1728188156.998:11322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.3.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  393.717326][   T39] audit: type=1326 audit(1728188157.658:11323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.3.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f50579 code=0x7fc00000
[  393.724582][   T39] audit: type=1326 audit(1728188157.658:11324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.3.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  393.744614][   T39] audit: type=1326 audit(1728188157.658:11325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.3.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  393.750667][   T39] audit: type=1326 audit(1728188157.658:11326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.3.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  394.277556][T13329] FAULT_INJECTION: forcing a failure.
[  394.277556][T13329] name failslab, interval 1, probability 0, space 0, times 0
[  394.277574][T13329] CPU: 2 UID: 0 PID: 13329 Comm: syz.2.2101 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  394.277595][T13329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  394.277603][T13329] Call Trace:
[  394.277608][T13329]  <TASK>
[  394.277613][T13329]  dump_stack_lvl+0x16c/0x1f0
[  394.277631][T13329]  should_fail_ex+0x497/0x5b0
[  394.277647][T13329]  ? fs_reclaim_acquire+0xae/0x160
[  394.277662][T13329]  should_failslab+0xc2/0x120
[  394.294310][T13329]  __kmalloc_cache_noprof+0x6b/0x310
[  394.294331][T13329]  ? alloc_super+0x52/0xbd0
[  394.294343][T13329]  ? __pfx_super_s_dev_test+0x10/0x10
[  394.294358][T13329]  alloc_super+0x52/0xbd0
[  394.294368][T13329]  ? lock_acquire+0x2f/0xb0
[  394.294384][T13329]  ? sget_fc+0xaf/0xb90
[  394.294395][T13329]  ? __pfx_super_s_dev_test+0x10/0x10
[  394.294410][T13329]  sget_fc+0x116/0xb90
[  394.294420][T13329]  ? kfree+0x274/0x4b0
[  394.294432][T13329]  ? __pfx_super_s_dev_set+0x10/0x10
[  394.294448][T13329]  get_tree_bdev+0x155/0x610
[  394.294458][T13329]  ? __pfx_ext4_fill_super+0x10/0x10
[  394.294474][T13329]  ? __pfx_get_tree_bdev+0x10/0x10
[  394.294487][T13329]  ? bpf_lsm_capable+0x9/0x10
[  394.294503][T13329]  vfs_get_tree+0x8f/0x380
[  394.294515][T13329]  path_mount+0x6e1/0x1f10
[  394.294528][T13329]  ? kmem_cache_free+0x152/0x4b0
[  394.294541][T13329]  ? __pfx_path_mount+0x10/0x10
[  394.294554][T13329]  ? putname+0x12e/0x170
[  394.318535][T13329]  __ia32_sys_mount+0x292/0x310
[  394.318557][T13329]  ? __pfx___ia32_sys_mount+0x10/0x10
[  394.318572][T13329]  __do_fast_syscall_32+0x73/0x120
[  394.318589][T13329]  do_fast_syscall_32+0x32/0x80
[  394.318602][T13329]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  394.318618][T13329] RIP: 0023:0xf747e579
[  394.318628][T13329] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  394.318638][T13329] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  394.318651][T13329] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000020000100
[  394.318658][T13329] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000
[  394.318665][T13329] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  394.318672][T13329] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  394.342561][T13329] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  394.342579][T13329]  </TASK>
[  394.645731][ T5351] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  394.733270][T13338] pim6reg: entered allmulticast mode
[  394.786513][T13338] pim6reg: left allmulticast mode
[  395.035723][T13326] Process accounting resumed
[  395.946853][T13349] tmpfs: Bad value for 'mpol'
[  396.693713][T13364] ./cgroup: Can't lookup blockdev
[  396.833755][T13364] hub 2-0:1.0: USB hub found
[  396.835690][T13364] hub 2-0:1.0: 2 ports detected
[  396.933716][T13370] overlay: ./file0 is not a directory
[  397.131727][T13373] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2113'.
[  397.154161][T13373] netlink: 'syz.2.2113': attribute type 1 has an invalid length.
[  397.156450][T13373] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2113'.
[  398.349033][T13388] overlay: ./file0 is not a directory
[  398.562869][T13394] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  398.717433][   T39] audit: type=1326 audit(1728188162.658:11327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.358845][   T39] audit: type=1326 audit(1728188163.298:11328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.367146][   T39] audit: type=1326 audit(1728188163.298:11329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.378426][   T39] audit: type=1326 audit(1728188163.298:11330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.386189][   T39] audit: type=1326 audit(1728188163.298:11331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.402661][   T39] audit: type=1326 audit(1728188163.298:11332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.412861][   T39] audit: type=1326 audit(1728188163.298:11333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.421597][   T39] audit: type=1326 audit(1728188163.298:11334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.434158][   T39] audit: type=1326 audit(1728188163.298:11335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.439890][   T39] audit: type=1326 audit(1728188163.298:11336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13393 comm="syz.1.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  399.522812][T13413] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  399.600067][T13416] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2122'.
[  399.604526][T13416] netlink: 'syz.2.2122': attribute type 1 has an invalid length.
[  399.608989][T13416] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2122'.
[  399.618660][T13416] Process accounting resumed
[  400.439476][T13437] syz.1.2129: attempt to access beyond end of device
[  400.439476][T13437] loop1: rw=4096, sector=2, nr_sectors = 2 limit=0
[  400.443262][T13437] EXT4-fs (loop1): unable to read superblock
[  400.509752][T13437] hub 2-0:1.0: USB hub found
[  400.515518][T13437] hub 2-0:1.0: 2 ports detected
[  400.718855][T13442] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2131'.
[  400.912433][T13452] netlink: set zone limit has 4 unknown bytes
[  401.488582][T13464] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2136'.
[  401.491675][T13464] netlink: 'syz.2.2136': attribute type 1 has an invalid length.
[  401.495291][T13464] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2136'.
[  401.503463][T13464] Process accounting resumed
[  402.656608][T13491] overlay: ./file0 is not a directory
[  402.913393][T13495] netlink: set zone limit has 4 unknown bytes
[  403.368688][T13509] syz.3.2148: attempt to access beyond end of device
[  403.368688][T13509] loop3: rw=4096, sector=2, nr_sectors = 2 limit=0
[  403.378452][T13509] EXT4-fs (loop3): unable to read superblock
[  403.439106][T13509] hub 2-0:1.0: USB hub found
[  403.441617][T13509] hub 2-0:1.0: 2 ports detected
[  403.928706][T13515] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  404.091210][   T39] kauditd_printk_skb: 12 callbacks suppressed
[  404.091228][   T39] audit: type=1326 audit(1728188168.028:11349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13512 comm="syz.1.2150" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  404.290748][T13523] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  404.477596][   T39] audit: type=1326 audit(1728188168.418:11350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.0.2156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  404.483542][   T39] audit: type=1326 audit(1728188168.418:11351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.0.2156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  404.490064][   T39] audit: type=1326 audit(1728188168.418:11352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.0.2156" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf73be579 code=0x7ffc0000
[  404.496024][   T39] audit: type=1326 audit(1728188168.418:11353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.0.2156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  404.504279][   T39] audit: type=1326 audit(1728188168.418:11354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.0.2156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  404.512125][   T39] audit: type=1326 audit(1728188168.418:11355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.0.2156" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf73be579 code=0x7ffc0000
[  404.519237][   T39] audit: type=1326 audit(1728188168.418:11356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.0.2156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  404.525006][   T39] audit: type=1326 audit(1728188168.418:11357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.0.2156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  404.530675][   T39] audit: type=1326 audit(1728188168.428:11358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.0.2156" exe="/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf73be579 code=0x7ffc0000
[  404.754709][T13545] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2160'.
[  405.788772][T13557] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2164'.
[  406.487611][T13579] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  406.882136][T13589] overlay: ./file0 is not a directory
[  407.014706][T13591] FAULT_INJECTION: forcing a failure.
[  407.014706][T13591] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  407.019171][T13591] CPU: 3 UID: 0 PID: 13591 Comm: syz.3.2172 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  407.022770][T13591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.026436][T13591] Call Trace:
[  407.027607][T13591]  <TASK>
[  407.028627][T13591]  dump_stack_lvl+0x16c/0x1f0
[  407.030314][T13591]  should_fail_ex+0x497/0x5b0
[  407.031966][T13591]  ? fs_reclaim_acquire+0xae/0x160
[  407.033731][T13591]  should_fail_alloc_page+0xe7/0x130
[  407.035544][T13591]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  407.037623][T13591]  ? mark_lock+0xb5/0xc60
[  407.039109][T13591]  __alloc_pages_noprof+0x190/0x25c0
[  407.040865][T13591]  ? __pfx_mark_lock+0x10/0x10
[  407.042513][T13591]  ? __pfx_mark_lock+0x10/0x10
[  407.043796][T13591]  ? __pfx_mark_lock+0x10/0x10
[  407.045083][T13591]  ? hlock_class+0x4e/0x130
[  407.046490][T13591]  ? __pfx_mark_lock+0x10/0x10
[  407.047845][T13591]  ? hlock_class+0x4e/0x130
[  407.049124][T13591]  ? mark_lock+0xb5/0xc60
[  407.050388][T13591]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  407.051979][T13591]  ? __pfx_mark_lock+0x10/0x10
[  407.053302][T13591]  ? hlock_class+0x4e/0x130
[  407.054568][T13591]  ? __lock_acquire+0xbdd/0x3ce0
[  407.055951][T13591]  ? hlock_class+0x4e/0x130
[  407.057373][T13591]  ? mark_lock+0xb5/0xc60
[  407.058615][T13591]  ? hlock_class+0x4e/0x130
[  407.059864][T13591]  ? mark_lock+0xb5/0xc60
[  407.060981][T13591]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.062512][T13591]  ? policy_nodemask+0xea/0x4e0
[  407.063797][T13591]  alloc_pages_mpol_noprof+0x2c9/0x610
[  407.065278][T13591]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  407.066960][T13591]  ? find_held_lock+0x2d/0x110
[  407.068258][T13591]  folio_alloc_mpol_noprof+0x36/0xd0
[  407.069703][T13591]  vma_alloc_folio_noprof+0xee/0x1b0
[  407.071160][T13591]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  407.072677][T13591]  ? __pfx___lock_acquire+0x10/0x10
[  407.074083][T13591]  do_wp_page+0x10d1/0x4930
[  407.075305][T13591]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  407.076876][T13591]  ? __pfx_do_wp_page+0x10/0x10
[  407.078204][T13591]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  407.079677][T13591]  ? lock_acquire+0x2f/0xb0
[  407.080915][T13591]  ? __handle_mm_fault+0xdcd/0x2a10
[  407.082351][T13591]  __handle_mm_fault+0x1a93/0x2a10
[  407.083645][T13591]  ? __pfx_mt_find+0x10/0x10
[  407.084843][T13591]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  407.086401][T13591]  ? __pfx___handle_mm_fault+0x10/0x10
[  407.087841][T13591]  ? find_vma+0xc0/0x140
[  407.088997][T13591]  ? __pfx_find_vma+0x10/0x10
[  407.090294][T13591]  ? mtree_load+0x30a/0xa40
[  407.091519][T13591]  handle_mm_fault+0x3fa/0xaa0
[  407.092776][T13591]  do_user_addr_fault+0x7a3/0x13f0
[  407.094134][T13591]  exc_page_fault+0x5c/0xc0
[  407.095450][T13591]  asm_exc_page_fault+0x26/0x30
[  407.096797][T13591] RIP: 0010:__put_user_4+0x11/0x20
[  407.098154][T13591] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  407.103241][T13591] RSP: 0018:ffffc90006e97d40 EFLAGS: 00050206
[  407.104884][T13591] RAX: 00000000fffffff2 RBX: 0000000000000000 RCX: 0000000020007000
[  407.107109][T13591] RDX: ffff88801e5d0000 RSI: ffffffff81ef8e2e RDI: ffffffff8bb12120
[  407.109275][T13591] RBP: 00000000fffffff2 R08: 0000000000000000 R09: fffffbfff20399d1
[  407.111460][T13591] R10: ffffffff901cce8f R11: 0000000000000000 R12: dffffc0000000000
[  407.113617][T13591] R13: ffffc90006e97e18 R14: 0000000020000000 R15: 0000000000000000
[  407.115893][T13591]  ? kernel_move_pages+0xcce/0x15a0
[  407.117787][T13591]  kernel_move_pages+0xce2/0x15a0
[  407.119367][T13591]  ? __pfx_kernel_move_pages+0x10/0x10
[  407.120785][T13591]  ? fput+0x30/0x390
[  407.121819][T13591]  ? ksys_write+0x1ad/0x260
[  407.123024][T13591]  ? __pfx_ksys_write+0x10/0x10
[  407.124305][T13591]  __ia32_sys_move_pages+0xdd/0x1b0
[  407.125685][T13591]  ? lockdep_hardirqs_on+0x7c/0x110
[  407.127155][T13591]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  407.128897][T13591]  __do_fast_syscall_32+0x73/0x120
[  407.130301][T13591]  do_fast_syscall_32+0x32/0x80
[  407.131634][T13591]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  407.133319][T13591] RIP: 0023:0xf7f50579
[  407.134441][T13591] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  407.140270][T13591] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 000000000000013d
[  407.142453][T13591] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000002064
[  407.144598][T13591] RDX: 0000000020000040 RSI: 0000000020001180 RDI: 0000000020000000
[  407.146708][T13591] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  407.148775][T13591] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  407.150869][T13591] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  407.152943][T13591]  </TASK>
[  407.422138][T13603] syz.2.2173: attempt to access beyond end of device
[  407.422138][T13603] loop2: rw=4096, sector=2, nr_sectors = 2 limit=0
[  407.426620][T13603] EXT4-fs (loop2): unable to read superblock
[  407.489714][T13603] hub 2-0:1.0: USB hub found
[  407.494253][T13603] hub 2-0:1.0: 2 ports detected
[  407.567061][T13612] overlay: ./file0 is not a directory
[  407.911035][T13625] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  408.386368][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x1
[  408.388347][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.390292][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.392236][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.404281][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.406462][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.408521][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x4
[  408.410486][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.424186][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x2
[  408.426221][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.428295][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.430257][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.432270][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.434677][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x4
[  408.437762][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.439753][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.441714][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.443777][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.446465][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.448649][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.450703][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.452725][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.455250][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.458312][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.460297][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.462302][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.464685][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.466742][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.468773][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.470796][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.472739][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.475392][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.477406][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.479408][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.481393][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.483343][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.485605][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.488015][ T5379] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  408.493928][ T5379] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  408.733677][T13636] set match dimension is over the limit!
[  409.698345][T13656] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2193'.
[  409.701762][T13656] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2193'.
[  409.709045][T13656] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.711990][T13656] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.714169][T13656] bridge0: port 2(bridge_slave_1) entered forwarding state
[  410.322905][T13670] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2197'.
[  410.325501][T13670] netlink: 'syz.1.2197': attribute type 1 has an invalid length.
[  410.327254][   T39] kauditd_printk_skb: 33 callbacks suppressed
[  410.327268][   T39] audit: type=1400 audit(1728188174.268:11392): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A090EA3680EB06A1A5FD3F7614EFCD31267A0590DD509A5EFFE069ABB05AD3352B3AC017439E1DBC66F4DF20C0741B02DB717F35BBBCD4A734DE1F70C73C07EDA77D9616BE3DD1E63E92055FE373A94F022B1F018E4B2A80C8DE7F63E446A7147 pid=13671 comm="syz.2.2198"
[  410.327510][T13670] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2197'.
[  410.364408][T13670] Process accounting resumed
[  410.460150][T13675] fuse: Unknown parameter 'groupú.œVåQßNƒ
<Cvqº'
[  410.957997][T13688] can0: slcan on pts0.
[  411.015087][T13688] can0 (unregistered): slcan off pts0.
[  412.112993][T13713] netlink: 'syz.0.2211': attribute type 29 has an invalid length.
[  412.257444][T13719] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2213'.
[  412.264065][T13719] netlink: 'syz.0.2213': attribute type 1 has an invalid length.
[  412.266246][T13719] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2213'.
[  412.275864][T13719] Process accounting resumed
[  412.906832][T13702] Process accounting resumed
[  413.796006][T13746] FAULT_INJECTION: forcing a failure.
[  413.796006][T13746] name failslab, interval 1, probability 0, space 0, times 0
[  413.799193][T13746] CPU: 3 UID: 0 PID: 13746 Comm: syz.0.2222 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  413.801831][T13746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  413.804498][T13746] Call Trace:
[  413.805336][T13746]  <TASK>
[  413.806094][T13746]  dump_stack_lvl+0x16c/0x1f0
[  413.807250][T13746]  should_fail_ex+0x497/0x5b0
[  413.808462][T13746]  ? fs_reclaim_acquire+0xae/0x160
[  413.809743][T13746]  should_failslab+0xc2/0x120
[  413.810914][T13746]  __kmalloc_node_noprof+0xd1/0x440
[  413.812329][T13746]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  413.813783][T13746]  __kvmalloc_node_noprof+0xad/0x1a0
[  413.815122][T13746]  alloc_netdev_mqs+0xa97/0x12a0
[  413.816370][T13746]  rtnl_create_link+0xbed/0xf10
[  413.817599][T13746]  __rtnl_newlink+0x10b3/0x1920
[  413.818842][T13746]  ? __pfx___rtnl_newlink+0x10/0x10
[  413.820112][T13746]  rtnl_newlink+0x67/0xa0
[  413.821207][T13746]  ? __pfx_rtnl_newlink+0x10/0x10
[  413.822466][T13746]  rtnetlink_rcv_msg+0x3c7/0xea0
[  413.823748][T13746]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  413.825151][T13746]  ? __pfx___dev_queue_xmit+0x10/0x10
[  413.826577][T13746]  netlink_rcv_skb+0x165/0x410
[  413.827801][T13746]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  413.829165][T13746]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  413.830486][T13746]  ? netlink_deliver_tap+0x1ae/0xcf0
[  413.831862][T13746]  netlink_unicast+0x53c/0x7f0
[  413.833113][T13746]  ? __pfx_netlink_unicast+0x10/0x10
[  413.834572][T13746]  ? __phys_addr_symbol+0x30/0x80
[  413.835880][T13746]  ? __check_object_size+0x488/0x710
[  413.837178][T13746]  netlink_sendmsg+0x8b8/0xd70
[  413.838398][T13746]  ? __pfx_netlink_sendmsg+0x10/0x10
[  413.839745][T13746]  ? lock_acquire+0x2f/0xb0
[  413.840887][T13746]  ____sys_sendmsg+0x9ae/0xb40
[  413.842073][T13746]  ? __pfx_____sys_sendmsg+0x10/0x10
[  413.843482][T13746]  ? get_compat_msghdr+0x11b/0x170
[  413.844781][T13746]  ? __pfx___lock_acquire+0x10/0x10
[  413.846088][T13746]  ___sys_sendmsg+0x135/0x1e0
[  413.847269][T13746]  ? __pfx____sys_sendmsg+0x10/0x10
[  413.848604][T13746]  ? lock_acquire+0x2f/0xb0
[  413.849764][T13746]  ? __fget_files+0x40/0x3f0
[  413.850930][T13746]  ? fdget+0x176/0x210
[  413.851968][T13746]  __sys_sendmsg+0x117/0x1f0
[  413.853157][T13746]  ? __pfx___sys_sendmsg+0x10/0x10
[  413.854538][T13746]  ? __fget_files+0x244/0x3f0
[  413.855762][T13746]  __do_fast_syscall_32+0x73/0x120
[  413.857046][T13746]  do_fast_syscall_32+0x32/0x80
[  413.858292][T13746]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  413.859867][T13746] RIP: 0023:0xf73be579
[  413.860914][T13746] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  413.866761][T13746] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  413.869322][T13746] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[  413.871312][T13746] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  413.873528][T13746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  413.875566][T13746] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  413.877528][T13746] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  413.879492][T13746]  </TASK>
[  414.061286][T13758] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2226'.
[  414.061305][T13758] netlink: 'syz.1.2226': attribute type 1 has an invalid length.
[  414.061312][T13758] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2226'.
[  414.063860][T13758] Process accounting resumed
[  414.138998][   T39] audit: type=1326 audit(1728188178.078:11393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.0.2225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  414.201784][T13762] overlay: ./file0 is not a directory
[  414.343628][T13771] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2230'.
[  414.506136][T13779] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2234'.
[  414.510535][T13779] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2234'.
[  414.515015][T13779] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2234'.
[  414.553765][T13783] input: syz0 as /devices/virtual/input/input21
[  414.764889][   T39] audit: type=1326 audit(1728188178.708:11394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.0.2225" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73be579 code=0x7fc00000
[  414.770214][   T39] audit: type=1326 audit(1728188178.708:11395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.0.2225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  414.793504][   T39] audit: type=1326 audit(1728188178.708:11396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.0.2225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  414.800361][   T39] audit: type=1326 audit(1728188178.708:11397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.0.2225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  414.806190][   T39] audit: type=1326 audit(1728188178.708:11398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.0.2225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  414.811619][   T39] audit: type=1326 audit(1728188178.708:11399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.0.2225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  414.818226][   T39] audit: type=1326 audit(1728188178.708:11400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.0.2225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  414.824161][   T39] audit: type=1326 audit(1728188178.708:11401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.0.2225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  414.864206][T13796] FAULT_INJECTION: forcing a failure.
[  414.864206][T13796] name failslab, interval 1, probability 0, space 0, times 0
[  414.868320][T13796] CPU: 2 UID: 0 PID: 13796 Comm: syz.0.2241 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  414.871582][T13796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  414.874713][T13796] Call Trace:
[  414.875842][T13796]  <TASK>
[  414.876851][T13796]  dump_stack_lvl+0x16c/0x1f0
[  414.878236][T13796]  should_fail_ex+0x497/0x5b0
[  414.879457][T13796]  should_failslab+0xc2/0x120
[  414.880741][T13796]  kmem_cache_alloc_node_noprof+0x71/0x310
[  414.882308][T13796]  ? __alloc_skb+0x2b3/0x380
[  414.883526][T13796]  __alloc_skb+0x2b3/0x380
[  414.884662][T13796]  ? __pfx___alloc_skb+0x10/0x10
[  414.885939][T13796]  hci_cmd_sync_alloc+0x39/0x3a0
[  414.887220][T13796]  __hci_cmd_sync_sk+0x155/0xc60
[  414.888483][T13796]  ? __pfx___hci_cmd_sync_sk+0x10/0x10
[  414.889876][T13796]  ? __mutex_trylock_common+0xea/0x250
[  414.891305][T13796]  ? hci_disable_advertising_sync+0x129/0x1f0
[  414.892925][T13796]  ? __pfx_hci_disable_advertising_sync+0x10/0x10
[  414.894566][T13796]  ? __mutex_lock+0x120/0x9c0
[  414.895787][T13796]  __hci_cmd_sync_status_sk+0x48/0x190
[  414.897161][T13796]  hci_suspend_sync+0x84c/0xab0
[  414.898471][T13796]  ? __pfx_hci_suspend_sync+0x10/0x10
[  414.899906][T13796]  hci_suspend_dev+0x221/0x550
[  414.901194][T13796]  hci_suspend_notifier+0x28d/0x2f0
[  414.902550][T13796]  notifier_call_chain+0xb9/0x410
[  414.903864][T13796]  ? __pfx_hci_suspend_notifier+0x10/0x10
[  414.905360][T13796]  blocking_notifier_call_chain_robust+0xc9/0x170
[  414.907116][T13796]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  414.908999][T13796]  pm_notifier_call_chain_robust+0x27/0x60
[  414.910525][T13796]  snapshot_open+0x189/0x2b0
[  414.911721][T13796]  ? __pfx_snapshot_open+0x10/0x10
[  414.913048][T13796]  misc_open+0x35a/0x420
[  414.914207][T13796]  ? __pfx_misc_open+0x10/0x10
[  414.915491][T13796]  chrdev_open+0x237/0x6a0
[  414.916682][T13796]  ? __pfx_chrdev_open+0x10/0x10
[  414.917960][T13796]  ? security_file_open+0x62a/0x9d0
[  414.919349][T13796]  do_dentry_open+0x6ca/0x1530
[  414.920622][T13796]  ? __pfx_chrdev_open+0x10/0x10
[  414.921898][T13796]  ? inode_permission+0xdd/0x5f0
[  414.923264][T13796]  vfs_open+0x82/0x3f0
[  414.924363][T13796]  ? may_open+0x1f2/0x400
[  414.925491][T13796]  path_openat+0x1e6a/0x2d60
[  414.926735][T13796]  ? __pfx_path_openat+0x10/0x10
[  414.928055][T13796]  ? __pfx___lock_acquire+0x10/0x10
[  414.929447][T13796]  do_filp_open+0x1dc/0x430
[  414.930647][T13796]  ? __pfx_do_filp_open+0x10/0x10
[  414.931953][T13796]  ? find_held_lock+0x2d/0x110
[  414.933163][T13796]  ? _raw_spin_unlock+0x28/0x50
[  414.934406][T13796]  ? alloc_fd+0x2d7/0x6c0
[  414.935539][T13796]  do_sys_openat2+0x17a/0x1e0
[  414.936765][T13796]  ? __pfx_do_sys_openat2+0x10/0x10
[  414.938089][T13796]  ? __fget_files+0x244/0x3f0
[  414.939324][T13796]  __ia32_compat_sys_openat+0x16e/0x210
[  414.940786][T13796]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  414.942360][T13796]  ? ksys_write+0x1ad/0x260
[  414.943576][T13796]  __do_fast_syscall_32+0x73/0x120
[  414.944887][T13796]  do_fast_syscall_32+0x32/0x80
[  414.946162][T13796]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  414.947797][T13796] RIP: 0023:0xf73be579
[  414.948876][T13796] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  414.953791][T13796] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  414.955939][T13796] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000200002c0
[  414.957994][T13796] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  414.960033][T13796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  414.962282][T13796] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  414.964409][T13796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  414.966479][T13796]  </TASK>
[  414.970067][T13796] Bluetooth: hci3: no memory for command (opcode 0x0c1a)
[  414.971959][T13796] Bluetooth: hci3: Opcode 0x0c1a failed: -12
[  414.973783][T13796] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  414.975504][T13796] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  415.854582][T13822] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  415.856099][T13822] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  415.857473][T13822] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  415.864083][ T5382] usb 7-1: new low-speed USB device number 25 using dummy_hcd
[  416.038591][ T5382] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  416.042910][ T5382] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  416.046455][ T5382] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  416.050096][ T5382] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  416.053213][ T5382] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.062133][T13820] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  416.078377][ T5382] hub 7-1:1.0: bad descriptor, ignoring hub
[  416.080385][ T5382] hub 7-1:1.0: probe with driver hub failed with error -5
[  416.088173][ T5382] cdc_wdm 7-1:1.0: skipping garbage
[  416.089907][ T5382] cdc_wdm 7-1:1.0: skipping garbage
[  416.097541][ T5382] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  416.099554][ T5382] cdc_wdm 7-1:1.0: Unknown control protocol
[  416.395021][T13829] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  416.551385][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  416.551396][   T39] audit: type=1326 audit(1728188180.488:11405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  416.844160][T13820] usb 7-1: reset low-speed USB device number 25 using dummy_hcd
[  417.239077][   T39] audit: type=1326 audit(1728188181.158:11406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f50579 code=0x7fc00000
[  417.249966][   T39] audit: type=1326 audit(1728188181.158:11407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  417.264244][   T39] audit: type=1326 audit(1728188181.158:11408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  417.269774][   T39] audit: type=1326 audit(1728188181.158:11409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  417.284128][   T39] audit: type=1326 audit(1728188181.158:11410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  417.298271][   T39] audit: type=1326 audit(1728188181.158:11411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  417.310874][   T39] audit: type=1326 audit(1728188181.158:11412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  417.327545][   T39] audit: type=1326 audit(1728188181.158:11413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  417.333186][   T39] audit: type=1326 audit(1728188181.158:11414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13828 comm="syz.3.2249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7fc00000
[  417.708405][T13851] netlink: set zone limit has 4 unknown bytes
[  417.904551][ T5351] Bluetooth: hci0: command 0x0c1a tx timeout
[  417.905398][   T65] Bluetooth: hci3: command 0x0c1a tx timeout
[  417.914177][T13853] Bluetooth: hci2: command 0x0c1a tx timeout
[  418.336364][    C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  418.578412][T13862] __nla_validate_parse: 2 callbacks suppressed
[  418.578461][T13862] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2258'.
[  418.584315][T13862] netlink: 'syz.3.2258': attribute type 1 has an invalid length.
[  418.589582][T13862] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2258'.
[  418.619547][T13862] Process accounting resumed
[  419.286006][T13876] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2262'.
[  419.288493][T13876] netlink: 'syz.1.2262': attribute type 1 has an invalid length.
[  419.290676][T13876] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2262'.
[  419.303316][T13876] Process accounting resumed
[  419.550986][T13878] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2263'.
[  419.984124][T13853] Bluetooth: hci0: command 0x0c1a tx timeout
[  420.316094][T13898] netlink: set zone limit has 4 unknown bytes
[  420.550312][T13906] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  421.088519][T13904] Process accounting resumed
[  421.194280][T13913] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2271'.
[  421.196795][T13913] netlink: 'syz.1.2271': attribute type 1 has an invalid length.
[  421.198881][T13913] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2271'.
[  421.206560][T13913] Process accounting resumed
[  421.364114][ T1421] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  421.524088][ T1421] usb 5-1: Using ep0 maxpacket: 8
[  421.527930][ T1421] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  421.531227][ T1421] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  421.535746][ T1421] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  421.539325][ T1421] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  421.543864][ T1421] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  421.547308][ T1421] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.696778][T13935] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  421.765518][ T1421] usb 5-1: GET_CAPABILITIES returned 0
[  421.767493][ T1421] usbtmc 5-1:16.0: can't read capabilities
[  421.853851][   T39] kauditd_printk_skb: 6 callbacks suppressed
[  421.853865][   T39] audit: type=1326 audit(1728188185.788:11421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13934 comm="syz.1.2281" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  422.069108][T13933] Process accounting resumed
[  422.174986][T13820] usb 7-1: device descriptor read/64, error -110
[  422.403429][T13946] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2283'.
[  422.406939][T13946] netlink: 'syz.3.2283': attribute type 1 has an invalid length.
[  422.409994][T13946] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2283'.
[  422.437348][T13946] Process accounting resumed
[  422.489127][   T39] audit: type=1326 audit(1728188186.428:11422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13934 comm="syz.1.2281" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f68579 code=0x7fc00000
[  422.614450][T13820] usb 7-1: reset low-speed USB device number 25 using dummy_hcd
[  422.914240][T13820] usb 7-1: device descriptor read/64, error -32
[  423.092902][T13974] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  423.253360][   T39] audit: type=1326 audit(1728188187.188:11423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13973 comm="syz.1.2292" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  423.294566][T13820] usb 7-1: reset low-speed USB device number 25 using dummy_hcd
[  423.324874][T13820] usb 7-1: device descriptor read/8, error -32
[  423.662980][T13982] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2294'.
[  423.704296][T13820] usb 7-1: reset low-speed USB device number 25 using dummy_hcd
[  423.726844][T13820] usb 7-1: device descriptor read/8, error -32
[  423.813414][T13987] netlink: set zone limit has 4 unknown bytes
[  423.845553][T13820] raw-gadget.0 gadget.2: failed to queue suspend event
[  423.851714][ T5382] usb 7-1: USB disconnect, device number 25
[  423.852333][T13820] cdc_wdm 7-1:1.0: Error autopm - -16
[  423.862694][T13940] cdc_wdm 7-1:1.0: Error autopm - -16
[  423.875086][   T39] audit: type=1326 audit(1728188187.808:11424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13973 comm="syz.1.2292" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f68579 code=0x7fc00000
[  423.875111][T13820] raw-gadget.0 gadget.2: failed to queue disconnect event
[  423.892477][   T39] audit: type=1326 audit(1728188187.808:11425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13973 comm="syz.1.2292" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  423.904377][   T39] audit: type=1326 audit(1728188187.808:11426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13973 comm="syz.1.2292" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  423.910597][   T39] audit: type=1326 audit(1728188187.808:11427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13973 comm="syz.1.2292" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  423.918054][   T39] audit: type=1326 audit(1728188187.808:11428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13973 comm="syz.1.2292" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  423.923650][   T39] audit: type=1326 audit(1728188187.808:11429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13973 comm="syz.1.2292" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  423.929558][   T39] audit: type=1326 audit(1728188187.808:11430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13973 comm="syz.1.2292" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  423.999381][T13853] Bluetooth: hci0: Malformed LE Event: 0x0d
[  424.164101][ T1421] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  424.314058][ T1421] usb 6-1: Using ep0 maxpacket: 16
[  424.316790][ T1421] usb 6-1: config 0 has no interfaces?
[  424.318502][ T1421] usb 6-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  424.321184][ T1421] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.328896][ T1421] usb 6-1: config 0 descriptor??
[  424.399778][ T1421] usb 5-1: USB disconnect, device number 20
[  424.566744][T13989] random: crng reseeded on system resumption
[  424.776105][T13989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.782817][T13989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  424.788990][   T35] usb 6-1: USB disconnect, device number 28
[  425.728863][T14018] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2304'.
[  425.731255][T14018] netlink: 'syz.0.2304': attribute type 1 has an invalid length.
[  425.743513][T14018] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2304'.
[  425.756835][T14018] Process accounting resumed
[  426.223702][T14030] FAULT_INJECTION: forcing a failure.
[  426.223702][T14030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.228644][T14030] CPU: 1 UID: 0 PID: 14030 Comm: syz.3.2309 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  426.232387][T14030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  426.236048][T14030] Call Trace:
[  426.237242][T14030]  <TASK>
[  426.238296][T14030]  dump_stack_lvl+0x16c/0x1f0
[  426.239964][T14030]  should_fail_ex+0x497/0x5b0
[  426.241649][T14030]  _copy_from_user+0x30/0xf0
[  426.243293][T14030]  generic_map_update_batch+0x391/0x5f0
[  426.245232][T14030]  ? __pfx_generic_map_update_batch+0x10/0x10
[  426.247426][T14030]  ? __pfx_generic_map_update_batch+0x10/0x10
[  426.249570][T14030]  bpf_map_do_batch+0x576/0x640
[  426.251303][T14030]  __sys_bpf+0x1c9f/0x5780
[  426.252859][T14030]  ? ksys_write+0x21e/0x260
[  426.254475][T14030]  ? __pfx___sys_bpf+0x10/0x10
[  426.256164][T14030]  ? vfs_write+0x14d/0x1140
[  426.257417][T14030]  ? __mutex_unlock_slowpath+0x164/0x650
[  426.259184][T14030]  ? fput+0x30/0x390
[  426.260569][T14030]  ? ksys_write+0x1ad/0x260
[  426.262179][T14030]  ? __pfx_ksys_write+0x10/0x10
[  426.263908][T14030]  __ia32_sys_bpf+0x76/0xe0
[  426.265170][T14030]  __do_fast_syscall_32+0x73/0x120
[  426.266557][T14030]  do_fast_syscall_32+0x32/0x80
[  426.267862][T14030]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  426.269540][T14030] RIP: 0023:0xf7f50579
[  426.270640][T14030] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  426.275854][T14030] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  426.278096][T14030] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000020000340
[  426.280192][T14030] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  426.282292][T14030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  426.284378][T14030] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  426.286502][T14030] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  426.288610][T14030]  </TASK>
[  426.486452][T14038] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2312'.
[  426.489747][T14038] netlink: 'syz.0.2312': attribute type 1 has an invalid length.
[  426.492406][T14038] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2312'.
[  426.514213][T14038] Process accounting resumed
[  426.788083][T14015] Process accounting resumed
[  426.845952][T14046] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2315'.
[  426.851699][T14046] netlink: 'syz.1.2315': attribute type 1 has an invalid length.
[  426.855989][T14046] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2315'.
[  426.867403][T14046] Process accounting resumed
[  427.019276][T14051] syz.2.2318 (14051): drop_caches: 2
[  427.211987][T14060] netlink: 'syz.2.2320': attribute type 4 has an invalid length.
[  427.404190][ T5379] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  427.574132][ T5379] usb 6-1: Using ep0 maxpacket: 16
[  427.577343][ T5379] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  427.579934][ T5379] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  427.583589][ T5379] usb 6-1: config 0 has no interface number 0
[  427.591350][ T5379] usb 6-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  427.597450][ T5379] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  427.600416][ T5379] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  427.602857][ T5379] usb 6-1: Product: syz
[  427.608040][ T5379] usb 6-1: SerialNumber: syz
[  427.612633][ T5379] usb 6-1: config 0 descriptor??
[  427.684090][T14064] futex_wake_op: syz.0.2322 tries to shift op by -1; fix this program
[  427.829985][ T5379] usb 6-1: USB disconnect, device number 29
[  427.962452][T14058] syz.2.2320 (14058) used greatest stack depth: 20800 bytes left
[  428.074509][T14068] netlink: set zone limit has 4 unknown bytes
[  428.401502][T14077] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  428.405472][T14077] FAULT_INJECTION: forcing a failure.
[  428.405472][T14077] name failslab, interval 1, probability 0, space 0, times 0
[  428.409156][T14077] CPU: 3 UID: 0 PID: 14077 Comm: syz.3.2327 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  428.411909][T14077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  428.415129][T14077] Call Trace:
[  428.416068][T14077]  <TASK>
[  428.416846][T14077]  dump_stack_lvl+0x16c/0x1f0
[  428.418199][T14077]  should_fail_ex+0x497/0x5b0
[  428.419420][T14077]  ? fs_reclaim_acquire+0xae/0x160
[  428.420809][T14077]  should_failslab+0xc2/0x120
[  428.422098][T14077]  __kmalloc_noprof+0xcb/0x410
[  428.423798][T14077]  ovl_cache_entry_new+0x38/0x700
[  428.425708][T14077]  ovl_fill_merge+0x2b5/0xa80
[  428.427029][T14077]  kernfs_fop_readdir+0x397/0x870
[  428.428435][T14077]  iterate_dir+0x52f/0xb40
[  428.429603][T14077]  ovl_dir_read_merged+0x3f1/0x5d0
[  428.430974][T14077]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[  428.432561][T14077]  ? __pfx_ovl_fill_merge+0x10/0x10
[  428.433932][T14077]  ? kasan_save_track+0x14/0x30
[  428.435407][T14077]  ovl_iterate+0x865/0xe40
[  428.436742][T14077]  ? down_read_killable+0xcc/0x380
[  428.438092][T14077]  ? __pfx_down_read_killable+0x10/0x10
[  428.439534][T14077]  ? __pfx_ovl_iterate+0x10/0x10
[  428.440964][T14077]  wrap_directory_iterator+0x9f/0xe0
[  428.442356][T14077]  iterate_dir+0x52f/0xb40
[  428.443532][T14077]  __ia32_compat_sys_getdents+0x14c/0x2d0
[  428.445101][T14077]  ? __pfx___ia32_compat_sys_getdents+0x10/0x10
[  428.446774][T14077]  ? __pfx_compat_filldir+0x10/0x10
[  428.448192][T14077]  __do_fast_syscall_32+0x73/0x120
[  428.449586][T14077]  do_fast_syscall_32+0x32/0x80
[  428.450894][T14077]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  428.452647][T14077] RIP: 0023:0xf7f50579
[  428.453729][T14077] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  428.458598][T14077] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 000000000000008d
[  428.460746][T14077] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  428.462811][T14077] RDX: 0000000000000058 RSI: 0000000000000000 RDI: 0000000000000000
[  428.464768][T14077] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  428.466849][T14077] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  428.468783][T14077] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  428.471317][T14077]  </TASK>
[  428.486856][T14078] CUSE: info not properly terminated
[  428.546520][T14081] tmpfs: Unknown parameter 'usrquota€'
[  428.595812][T14082] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2328'.
[  428.598620][T14082] netlink: 'syz.3.2328': attribute type 1 has an invalid length.
[  428.600916][T14082] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2328'.
[  428.607737][T14082] Process accounting resumed
[  429.493228][T14103] FAULT_INJECTION: forcing a failure.
[  429.493228][T14103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.496852][T14103] CPU: 3 UID: 0 PID: 14103 Comm: syz.0.2336 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  429.499646][T14103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  429.502413][T14103] Call Trace:
[  429.503352][T14103]  <TASK>
[  429.504445][T14103]  dump_stack_lvl+0x16c/0x1f0
[  429.506187][T14103]  should_fail_ex+0x497/0x5b0
[  429.507910][T14103]  _copy_to_user+0x30/0xc0
[  429.509540][T14103]  bpf_test_finish.isra.0+0x55f/0x680
[  429.511341][T14103]  ? __pfx_lock_release+0x10/0x10
[  429.512670][T14103]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  429.514334][T14103]  bpf_prog_test_run_xdp+0xa13/0x1580
[  429.515724][T14103]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  429.517225][T14103]  ? fput+0x30/0x390
[  429.518257][T14103]  ? __bpf_prog_get+0xa0/0x290
[  429.519500][T14103]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  429.521008][T14103]  __sys_bpf+0x1921/0x5780
[  429.522177][T14103]  ? ksys_write+0x21e/0x260
[  429.523437][T14103]  ? __pfx___sys_bpf+0x10/0x10
[  429.524731][T14103]  ? vfs_write+0x14d/0x1140
[  429.525936][T14103]  ? __mutex_unlock_slowpath+0x164/0x650
[  429.527390][T14103]  ? fput+0x30/0x390
[  429.528409][T14103]  ? ksys_write+0x1ad/0x260
[  429.529589][T14103]  ? __pfx_ksys_write+0x10/0x10
[  429.530871][T14103]  __ia32_sys_bpf+0x76/0xe0
[  429.532060][T14103]  __do_fast_syscall_32+0x73/0x120
[  429.533435][T14103]  do_fast_syscall_32+0x32/0x80
[  429.534709][T14103]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  429.536378][T14103] RIP: 0023:0xf73be579
[  429.537442][T14103] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  429.542467][T14103] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  429.545105][T14103] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000c80
[  429.547966][T14103] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  429.550808][T14103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  429.552902][T14103] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  429.554986][T14103] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  429.557178][T14103]  </TASK>
[  429.914241][T14111] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2338'.
[  429.914257][T14111] netlink: 'syz.3.2338': attribute type 1 has an invalid length.
[  429.914264][T14111] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2338'.
[  429.920918][T14111] Process accounting resumed
[  430.282483][T14114] xt_CT: No such helper "syz0"
[  430.623100][T14104] Process accounting resumed
[  430.662019][T14117] loop7: detected capacity change from 0 to 16384
[  430.804186][T14118] Invalid logical block size (1)
[  431.084087][   T35] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  431.244046][   T35] usb 6-1: Using ep0 maxpacket: 8
[  431.249005][   T35] usb 6-1: config 0 has no interfaces?
[  431.251839][   T35] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  431.255130][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.259908][   T35] usb 6-1: config 0 descriptor??
[  431.806243][ T5388] usb 6-1: USB disconnect, device number 30
[  431.838627][T14126] misc userio: Invalid payload size
[  431.842812][T14126] misc userio: No port type given on /dev/userio
[  432.791354][T14141] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2347'.
[  432.793872][T14141] netlink: 'syz.0.2347': attribute type 1 has an invalid length.
[  432.804155][T14141] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2347'.
[  432.814206][T14141] Process accounting resumed
[  433.372387][T14154] netlink: 'syz.3.2351': attribute type 4 has an invalid length.
[  433.460438][T14156] tipc: Started in network mode
[  433.462229][T14156] tipc: Node identity 7f000001, cluster identity 4711
[  433.467304][T14156] tipc: Enabled bearer <udp:syz2>, priority 10
[  434.609065][   T35] tipc: Node number set to 2130706433
[  434.805007][T14148] Process accounting resumed
[  434.893744][   T35] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  435.395923][   T35] usb 7-1: device descriptor read/64, error -71
[  435.634105][   T35] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  435.774094][   T35] usb 7-1: device descriptor read/64, error -71
[  435.884268][   T35] usb usb7-port1: attempt power cycle
[  436.234226][   T35] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  436.254788][   T35] usb 7-1: device descriptor read/8, error -71
[  436.494045][   T35] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  436.524881][   T35] usb 7-1: device descriptor read/8, error -71
[  436.635567][   T35] usb usb7-port1: unable to enumerate USB device
[  436.799821][T14209] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2369'.
[  437.312755][T14216] Process accounting resumed
[  437.718286][T14222] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2373'.
[  437.880221][T14230] pim6reg: entered allmulticast mode
[  437.896877][T14230] pim6reg: left allmulticast mode
[  437.904095][   T65] Bluetooth: hci0: command 0x0c1a tx timeout
[  439.222541][T14240] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2377'.
[  439.225083][T14240] netlink: 'syz.0.2377': attribute type 1 has an invalid length.
[  439.227257][T14240] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2377'.
[  439.240784][T14240] Process accounting resumed
[  439.447164][T14242] program syz.1.2378 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  439.570341][T14247] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2379'.
[  439.585793][   T39] audit: type=1800 audit(1728188203.528:11431): pid=14247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2379" name="SYSV00000000" dev="hugetlbfs" ino=4 res=0 errno=0
[  439.591340][   T39] audit: type=1800 audit(1728188203.528:11432): pid=14244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2379" name="SYSV00000000" dev="hugetlbfs" ino=5 res=0 errno=0
[  439.673320][T14252] evm: overlay not supported
[  439.709453][T14250] 9pnet_fd: Insufficient options for proto=fd
[  439.782592][T14255] FAULT_INJECTION: forcing a failure.
[  439.782592][T14255] name failslab, interval 1, probability 0, space 0, times 0
[  439.788084][T14255] CPU: 0 UID: 0 PID: 14255 Comm: syz.2.2383 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  439.790909][T14255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  439.793692][T14255] Call Trace:
[  439.794583][T14255]  <TASK>
[  439.795363][T14255]  dump_stack_lvl+0x16c/0x1f0
[  439.796612][T14255]  should_fail_ex+0x497/0x5b0
[  439.797868][T14255]  ? fs_reclaim_acquire+0xae/0x160
[  439.799217][T14255]  should_failslab+0xc2/0x120
[  439.800469][T14255]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  439.801894][T14255]  ? alloc_empty_file+0x73/0x1e0
[  439.803216][T14255]  alloc_empty_file+0x73/0x1e0
[  439.804489][T14255]  path_openat+0xe1/0x2d60
[  439.805688][T14255]  ? hlock_class+0x4e/0x130
[  439.807275][T14255]  ? __lock_acquire+0x163e/0x3ce0
[  439.808614][T14255]  ? __pfx_path_openat+0x10/0x10
[  439.809949][T14255]  ? __pfx___lock_acquire+0x10/0x10
[  439.811327][T14255]  do_filp_open+0x1dc/0x430
[  439.812579][T14255]  ? __pfx_do_filp_open+0x10/0x10
[  439.813958][T14255]  ? find_held_lock+0x2d/0x110
[  439.815271][T14255]  ? _raw_spin_unlock+0x28/0x50
[  439.816597][T14255]  ? alloc_fd+0x2d7/0x6c0
[  439.817786][T14255]  do_sys_openat2+0x17a/0x1e0
[  439.819031][T14255]  ? __pfx_do_sys_openat2+0x10/0x10
[  439.820394][T14255]  ? __fget_files+0x244/0x3f0
[  439.821757][T14255]  __ia32_compat_sys_openat+0x16e/0x210
[  439.823214][T14255]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  439.824818][T14255]  ? ksys_write+0x1ad/0x260
[  439.826070][T14255]  __do_fast_syscall_32+0x73/0x120
[  439.827422][T14255]  do_fast_syscall_32+0x32/0x80
[  439.828708][T14255]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  439.830377][T14255] RIP: 0023:0xf747e579
[  439.831458][T14255] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  439.836481][T14255] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  439.838667][T14255] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000100
[  439.840731][T14255] RDX: 0000000000000481 RSI: 0000000000000000 RDI: 0000000000000000
[  439.842840][T14255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  439.844906][T14255] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  439.846992][T14255] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  439.849063][T14255]  </TASK>
[  439.850000][    C0] vkms_vblank_simulate: vblank timer overrun
[  439.909650][T14255] syzkaller0: entered promiscuous mode
[  439.911334][T14255] syzkaller0: entered allmulticast mode
[  439.912950][T14259] FAULT_INJECTION: forcing a failure.
[  439.912950][T14259] name failslab, interval 1, probability 0, space 0, times 0
[  439.921548][T14259] CPU: 3 UID: 0 PID: 14259 Comm: syz.0.2384 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  439.925117][T14259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  439.928692][T14259] Call Trace:
[  439.929840][T14259]  <TASK>
[  439.930931][T14259]  dump_stack_lvl+0x16c/0x1f0
[  439.932628][T14259]  should_fail_ex+0x497/0x5b0
[  439.933943][T14259]  ? fs_reclaim_acquire+0xae/0x160
[  439.935280][T14259]  should_failslab+0xc2/0x120
[  439.936668][T14259]  __kmalloc_noprof+0xcb/0x410
[  439.937937][T14259]  ? rcu_is_watching+0x12/0xc0
[  439.939193][T14259]  tomoyo_encode2+0x100/0x3e0
[  439.940445][T14259]  tomoyo_realpath_from_path+0x1a7/0x710
[  439.941931][T14259]  tomoyo_realpath_nofollow+0xdd/0x100
[  439.943354][T14259]  ? __pfx_tomoyo_realpath_nofollow+0x10/0x10
[  439.944938][T14259]  ? tomoyo_domain+0xbb/0x150
[  439.946195][T14259]  ? tomoyo_init_request_info+0x101/0x370
[  439.947760][T14259]  tomoyo_find_next_domain+0x2ad/0x2070
[  439.949201][T14259]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[  439.950817][T14259]  ? tomoyo_bprm_check_security+0x116/0x1d0
[  439.952356][T14259]  ? lock_acquire+0x2f/0xb0
[  439.953563][T14259]  ? tomoyo_bprm_check_security+0x116/0x1d0
[  439.955108][T14259]  tomoyo_bprm_check_security+0x12b/0x1d0
[  439.956601][T14259]  ? tomoyo_bprm_check_security+0x116/0x1d0
[  439.958161][T14259]  security_bprm_check+0x1b9/0x1e0
[  439.959500][T14259]  bprm_execve+0x642/0x1960
[  439.960703][T14259]  ? __pfx_bprm_execve+0x10/0x10
[  439.962007][T14259]  ? copy_string_kernel+0x1d4/0x210
[  439.963361][T14259]  do_execveat_common.isra.0+0x4f1/0x630
[  439.964836][T14259]  __ia32_compat_sys_execveat+0xe0/0x120
[  439.966296][T14259]  __do_fast_syscall_32+0x73/0x120
[  439.967602][T14259]  do_fast_syscall_32+0x32/0x80
[  439.968875][T14259]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  439.970539][T14259] RIP: 0023:0xf73be579
[  439.971616][T14259] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  439.976608][T14259] RSP: 002b:00000000f568556c EFLAGS: 00000296 ORIG_RAX: 0000000000000166
[  439.978774][T14259] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000000
[  439.980812][T14259] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[  439.982849][T14259] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  439.984894][T14259] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  439.987025][T14259] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  439.989155][T14259]  </TASK>
[  439.992591][T14259] ERROR: Out of memory at tomoyo_realpath_from_path.
[  441.637534][T14281] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2389'.
[  441.639939][T14281] netlink: 'syz.1.2389': attribute type 1 has an invalid length.
[  441.641964][T14281] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2389'.
[  441.649355][T14281] Process accounting resumed
[  442.005158][T14283] ALSA: seq fatal error: cannot create timer (-22)
[  442.056482][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  442.675295][T14285] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2391'.
[  442.677745][T14286] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2391'.
[  442.752219][   T35] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  442.764858][   T35] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  442.827558][T14295] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2395'.
[  442.831289][T14295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.835709][T14295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.838839][T14295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.841971][T14295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.847393][T14295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.850409][T14295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  443.303933][T14305] Process accounting resumed
[  446.018571][T14334] misc userio: Invalid payload size
[  446.020110][T14334] misc userio: No port type given on /dev/userio
[  446.257657][T14340] FAULT_INJECTION: forcing a failure.
[  446.257657][T14340] name failslab, interval 1, probability 0, space 0, times 0
[  446.261208][T14340] CPU: 1 UID: 0 PID: 14340 Comm: syz.3.2408 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  446.264207][T14340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  446.267125][T14340] Call Trace:
[  446.267997][T14340]  <TASK>
[  446.268776][T14340]  dump_stack_lvl+0x16c/0x1f0
[  446.270018][T14340]  should_fail_ex+0x497/0x5b0
[  446.271227][T14340]  ? fs_reclaim_acquire+0xae/0x160
[  446.272562][T14340]  should_failslab+0xc2/0x120
[  446.273824][T14340]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[  446.275483][T14340]  ? push_jmp_history+0x254/0x620
[  446.276775][T14340]  ? lockdep_hardirqs_on+0x7c/0x110
[  446.278123][T14340]  krealloc_noprof+0x5d/0x130
[  446.279313][T14340]  push_jmp_history+0x254/0x620
[  446.280580][T14340]  do_check_common+0xb63/0xd610
[  446.281867][T14340]  ? tc_cls_act_func_proto+0x75/0x500
[  446.283282][T14340]  ? __pfx_mark_fastcall_pattern_for_call+0x10/0x10
[  446.285002][T14340]  ? __pfx_do_check_common+0x10/0x10
[  446.286406][T14340]  ? kvfree+0x47/0x50
[  446.287468][T14340]  ? check_cfg+0x400/0x840
[  446.288648][T14340]  bpf_check+0x7737/0xc7c0
[  446.289818][T14340]  ? __schedule+0xefd/0x5750
[  446.291009][T14340]  ? __pfx_bpf_check+0x10/0x10
[  446.292258][T14340]  ? find_held_lock+0x2d/0x110
[  446.293530][T14340]  ? ktime_get_with_offset+0x13a/0x240
[  446.294933][T14340]  ? irqentry_exit+0x3b/0x90
[  446.296181][T14340]  ? lockdep_hardirqs_on+0x7c/0x110
[  446.297553][T14340]  ? bpf_prog_load+0xdc5/0x2670
[  446.298839][T14340]  ? security_bpf_prog_load+0x18/0x240
[  446.300248][T14340]  ? security_bpf_prog_load+0x1fe/0x240
[  446.301697][T14340]  bpf_prog_load+0xe3f/0x2670
[  446.302945][T14340]  ? __pfx_bpf_prog_load+0x10/0x10
[  446.304279][T14340]  ? find_held_lock+0x2d/0x110
[  446.305548][T14340]  __sys_bpf+0x4c8c/0x5780
[  446.306738][T14340]  ? finish_task_switch.isra.0+0x217/0xcc0
[  446.308256][T14340]  ? __pfx___sys_bpf+0x10/0x10
[  446.309481][T14340]  ? __schedule+0xefd/0x5750
[  446.310646][T14340]  ? fput+0x30/0x390
[  446.311669][T14340]  ? ksys_write+0x1ad/0x260
[  446.312829][T14340]  __ia32_sys_bpf+0x76/0xe0
[  446.314002][T14340]  __do_fast_syscall_32+0x73/0x120
[  446.315352][T14340]  do_fast_syscall_32+0x32/0x80
[  446.316662][T14340]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  446.318310][T14340] RIP: 0023:0xf7f50579
[  446.319351][T14340] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  446.324197][T14340] RSP: 002b:00000000f569456c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  446.326343][T14340] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080
[  446.328375][T14340] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  446.330362][T14340] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  446.332315][T14340] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  446.334296][T14340] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  446.336223][T14340]  </TASK>
[  446.405265][T14342] libceph: resolve '.
[  446.405265][T14342] #)|.زf͹Ç�²a×ïÅ2sˆoÖw¿úÕ?£'Ê%Ð�KAq‰f»�CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM�¤¨ìó¤h‡E$
[  446.405265][T14342] ' (ret=-3): failed
[  447.730067][T14348] Process accounting resumed
[  447.754126][ T1282] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  447.915333][ T1282] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  447.918295][ T1282] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  447.921246][ T1282] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  447.923744][ T1282] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  447.940716][ T1282] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  447.943202][ T1282] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  447.945418][ T1282] usb 7-1: Manufacturer: syz
[  447.953765][ T1282] usb 7-1: config 0 descriptor??
[  448.151016][T14368] netlink: 16126 bytes leftover after parsing attributes in process `syz.3.2417'.
[  448.160978][T14368] netlink: 183228 bytes leftover after parsing attributes in process `syz.3.2417'.
[  449.340142][T14386] FAULT_INJECTION: forcing a failure.
[  449.340142][T14386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  449.354535][T14386] CPU: 0 UID: 0 PID: 14386 Comm: syz.1.2421 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  449.357330][T14386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.360944][T14386] Call Trace:
[  449.362091][T14386]  <TASK>
[  449.363101][T14386]  dump_stack_lvl+0x16c/0x1f0
[  449.364698][T14386]  should_fail_ex+0x497/0x5b0
[  449.366315][T14386]  _copy_from_user+0x30/0xf0
[  449.367894][T14386]  get_compat_msghdr+0xa8/0x170
[  449.369560][T14386]  ? __pfx_get_compat_msghdr+0x10/0x10
[  449.371434][T14386]  ? find_held_lock+0x2d/0x110
[  449.373081][T14386]  ___sys_recvmsg+0x193/0x1a0
[  449.374728][T14386]  ? __pfx____sys_recvmsg+0x10/0x10
[  449.376487][T14386]  ? lock_acquire+0x2f/0xb0
[  449.378070][T14386]  ? __fget_files+0x40/0x3f0
[  449.379643][T14386]  ? __pfx___might_resched+0x10/0x10
[  449.381415][T14386]  ? fdget+0x176/0x210
[  449.382816][T14386]  do_recvmmsg+0x51a/0x750
[  449.384311][T14386]  ? __pfx_do_recvmmsg+0x10/0x10
[  449.386023][T14386]  ? __pfx_lock_release+0x10/0x10
[  449.387707][T14386]  ? vfs_write+0x14d/0x1140
[  449.389262][T14386]  ? __fget_files+0x244/0x3f0
[  449.390523][T14386]  __sys_recvmmsg+0x21e/0x280
[  449.392091][T14386]  ? __pfx___sys_recvmmsg+0x10/0x10
[  449.393690][T14386]  ? __pfx_ksys_write+0x10/0x10
[  449.394963][T14386]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  449.396607][T14386]  ? lockdep_hardirqs_on+0x7c/0x110
[  449.397989][T14386]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  449.399680][T14386]  __do_fast_syscall_32+0x73/0x120
[  449.400957][T14386]  do_fast_syscall_32+0x32/0x80
[  449.402294][T14386]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  449.403947][T14386] RIP: 0023:0xf7f68579
[  449.405015][T14386] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  449.409996][T14386] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  449.410012][T14386] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000840
[  449.410020][T14386] RDX: 0000000000000414 RSI: 0000000000000000 RDI: 0000000000000000
[  449.410026][T14386] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  449.410033][T14386] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  449.410040][T14386] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  449.422982][T14386]  </TASK>
[  449.603364][T14405] hfs: can't find a HFS filesystem on dev nullb0
[  449.893282][T14414] netlink: 'syz.0.2429': attribute type 21 has an invalid length.
[  449.898286][T14414] netlink: 'syz.0.2429': attribute type 1 has an invalid length.
[  450.388251][   T39] audit: type=1326 audit(1728188214.328:11433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.3.2432" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7ffc0000
[  450.393916][   T39] audit: type=1326 audit(1728188214.328:11434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.3.2432" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7ffc0000
[  450.537515][ T1282] usbhid 7-1:0.0: can't add hid device: -71
[  450.539201][ T1282] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  450.544293][T13853] Bluetooth: hci0: command 0x0c1a tx timeout
[  450.555827][ T1282] usb 7-1: USB disconnect, device number 31
[  450.560326][T14429] rtc_cmos 00:05: Alarms can be up to one day in the future
[  450.666990][T14447] cannot load conntrack support for proto=3
[  450.669605][T14446] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  450.673407][T14444] netlink: 'syz.3.2433': attribute type 29 has an invalid length.
[  452.757792][T13853] Bluetooth: hci0: unexpected event for opcode 0x080f
[  453.223888][T14486] Process accounting resumed
[  453.271343][T14502] [U] 
[  453.286385][T14503] overlay: Bad value for 'index'
[  453.307495][T14503] vlan2: entered allmulticast mode
[  453.309210][T14503] mac80211_hwsim hwsim39 wlan1: entered allmulticast mode
[  453.314710][T14505] overlayfs: failed to clone upperpath
[  453.316849][T14503] mac80211_hwsim hwsim39 wlan1: left allmulticast mode
[  453.323773][T14505] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2458'.
[  453.541441][T14514] 9pnet_virtio: no channels available for device syz
[  454.118452][   T39] audit: type=1326 audit(1728188218.058:11435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.1.2469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  454.399540][T14548] overlayfs: failed to get index nlink (file1/bus, err=-61)
[  454.404341][   T39] audit: type=1800 audit(1728188218.348:11436): pid=14548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2473" name="bus" dev="overlay" ino=2058 res=0 errno=0
[  454.653239][T14520] Process accounting resumed
[  454.683624][   T39] audit: type=1326 audit(1728188218.618:11437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.1.2469" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f68579 code=0x7fc00000
[  454.694181][   T39] audit: type=1326 audit(1728188218.618:11438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.1.2469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  454.700560][   T39] audit: type=1326 audit(1728188218.618:11439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.1.2469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  454.706882][   T39] audit: type=1326 audit(1728188218.618:11440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.1.2469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  454.712560][   T39] audit: type=1326 audit(1728188218.618:11441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.1.2469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  454.718503][   T39] audit: type=1326 audit(1728188218.618:11442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.1.2469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  455.209559][T14576] FAULT_INJECTION: forcing a failure.
[  455.209559][T14576] name failslab, interval 1, probability 0, space 0, times 0
[  455.213223][T14576] CPU: 2 UID: 0 PID: 14576 Comm: syz.2.2482 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  455.216114][T14576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  455.218940][T14576] Call Trace:
[  455.219853][T14576]  <TASK>
[  455.220685][T14576]  dump_stack_lvl+0x16c/0x1f0
[  455.222008][T14576]  should_fail_ex+0x497/0x5b0
[  455.223270][T14576]  ? fs_reclaim_acquire+0xae/0x160
[  455.224644][T14576]  should_failslab+0xc2/0x120
[  455.225928][T14576]  __kmalloc_cache_noprof+0x6b/0x310
[  455.227331][T14576]  ? genl_start+0x1e7/0x950
[  455.228553][T14576]  genl_start+0x1e7/0x950
[  455.229724][T14576]  __netlink_dump_start+0x615/0x980
[  455.231118][T14576]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  455.232645][T14576]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  455.234314][T14576]  ? __pfx_genl_start+0x10/0x10
[  455.235618][T14576]  ? __pfx_genl_dumpit+0x10/0x10
[  455.236962][T14576]  ? __pfx_genl_done+0x10/0x10
[  455.238249][T14576]  ? bpf_lsm_capable+0x9/0x10
[  455.239516][T14576]  ? security_capable+0x7e/0x260
[  455.241301][T14576]  genl_rcv_msg+0x470/0x800
[  455.243000][T14576]  ? __pfx_genl_rcv_msg+0x10/0x10
[  455.244858][T14576]  ? __pfx_seg6_genl_dumphmac_start+0x10/0x10
[  455.247131][T14576]  ? __pfx_seg6_genl_dumphmac+0x10/0x10
[  455.249179][T14576]  ? __pfx_seg6_genl_dumphmac_done+0x10/0x10
[  455.251404][T14576]  netlink_rcv_skb+0x165/0x410
[  455.253176][T14576]  ? __pfx_genl_rcv_msg+0x10/0x10
[  455.255056][T14576]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  455.257006][T14576]  ? down_read+0xc9/0x330
[  455.258633][T14576]  ? __pfx_down_read+0x10/0x10
[  455.260263][T14576]  ? netlink_deliver_tap+0x1ae/0xcf0
[  455.261685][T14576]  genl_rcv+0x28/0x40
[  455.262759][T14576]  netlink_unicast+0x53c/0x7f0
[  455.264037][T14576]  ? __pfx_netlink_unicast+0x10/0x10
[  455.265441][T14576]  ? __phys_addr_symbol+0x30/0x80
[  455.266836][T14576]  ? __check_object_size+0x488/0x710
[  455.268366][T14576]  netlink_sendmsg+0x8b8/0xd70
[  455.270151][T14576]  ? __pfx_netlink_sendmsg+0x10/0x10
[  455.271927][T14576]  ? lock_acquire+0x2f/0xb0
[  455.273141][T14576]  ____sys_sendmsg+0x9ae/0xb40
[  455.274439][T14576]  ? __pfx_____sys_sendmsg+0x10/0x10
[  455.275871][T14576]  ? get_compat_msghdr+0x11b/0x170
[  455.277348][T14576]  ? __pfx___lock_acquire+0x10/0x10
[  455.278691][T14576]  ___sys_sendmsg+0x135/0x1e0
[  455.279866][T14576]  ? __pfx____sys_sendmsg+0x10/0x10
[  455.281580][T14576]  ? lock_acquire+0x2f/0xb0
[  455.283299][T14576]  ? __fget_files+0x40/0x3f0
[  455.285044][T14576]  ? fdget+0x176/0x210
[  455.286599][T14576]  __sys_sendmsg+0x117/0x1f0
[  455.288336][T14576]  ? __pfx___sys_sendmsg+0x10/0x10
[  455.290246][T14576]  ? __fget_files+0x244/0x3f0
[  455.292021][T14576]  __do_fast_syscall_32+0x73/0x120
[  455.293951][T14576]  do_fast_syscall_32+0x32/0x80
[  455.295682][T14576]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  455.297901][T14576] RIP: 0023:0xf747e579
[  455.299365][T14576] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  455.306297][T14576] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  455.308992][T14576] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000600
[  455.311674][T14576] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  455.313966][T14576] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  455.316098][T14576] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  455.318235][T14576] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  455.320362][T14576]  </TASK>
[  455.966539][T14589] FAULT_INJECTION: forcing a failure.
[  455.966539][T14589] name failslab, interval 1, probability 0, space 0, times 0
[  455.971584][T14589] CPU: 2 UID: 0 PID: 14589 Comm: syz.0.2486 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  455.974400][T14589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  455.977183][T14589] Call Trace:
[  455.978082][T14589]  <TASK>
[  455.978869][T14589]  dump_stack_lvl+0x16c/0x1f0
[  455.980129][T14589]  should_fail_ex+0x497/0x5b0
[  455.981380][T14589]  ? fs_reclaim_acquire+0xae/0x160
[  455.982744][T14589]  should_failslab+0xc2/0x120
[  455.983994][T14589]  __kmalloc_cache_noprof+0x6b/0x310
[  455.985397][T14589]  ? shrinker_alloc+0xf8/0xb00
[  455.986645][T14589]  shrinker_alloc+0xf8/0xb00
[  455.987860][T14589]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  455.989388][T14589]  ? rcu_is_watching+0x12/0xc0
[  455.990661][T14589]  ? pcpu_alloc_noprof+0x1f5/0x16c0
[  455.992023][T14589]  ? __pfx_shrinker_alloc+0x10/0x10
[  455.993455][T14589]  ? lockdep_init_map_type+0x16d/0x7d0
[  455.994914][T14589]  ? lockdep_init_map_type+0x16d/0x7d0
[  455.996347][T14589]  ? __raw_spin_lock_init+0x3a/0x110
[  455.997747][T14589]  ? __init_rwsem+0x12d/0x1b0
[  455.998902][T14589]  alloc_super+0x7cc/0xbd0
[  456.000039][T14589]  ? __pfx_test_bdev_super+0x10/0x10
[  456.001426][T14589]  sget+0x11b/0x6c0
[  456.002445][T14589]  ? __pfx_set_bdev_super+0x10/0x10
[  456.003812][T14589]  ? __pfx_hpfs_fill_super+0x10/0x10
[  456.005210][T14589]  mount_bdev+0x108/0x2d0
[  456.006366][T14589]  ? __pfx_mount_bdev+0x10/0x10
[  456.007646][T14589]  ? __pfx_hpfs_mount+0x10/0x10
[  456.008929][T14589]  legacy_get_tree+0x109/0x220
[  456.010203][T14589]  vfs_get_tree+0x8f/0x380
[  456.011382][T14589]  path_mount+0x6e1/0x1f10
[  456.012557][T14589]  ? kmem_cache_free+0x152/0x4b0
[  456.013867][T14589]  ? __pfx_path_mount+0x10/0x10
[  456.015145][T14589]  ? putname+0x12e/0x170
[  456.016263][T14589]  __ia32_sys_mount+0x292/0x310
[  456.017547][T14589]  ? __pfx___ia32_sys_mount+0x10/0x10
[  456.018963][T14589]  __do_fast_syscall_32+0x73/0x120
[  456.020320][T14589]  do_fast_syscall_32+0x32/0x80
[  456.021616][T14589]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  456.023263][T14589] RIP: 0023:0xf73be579
[  456.024333][T14589] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  456.029320][T14589] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  456.031482][T14589] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000020000180
[  456.033521][T14589] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000020000340
[  456.035581][T14589] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  456.037647][T14589] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  456.039716][T14589] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  456.041802][T14589]  </TASK>
[  456.263952][   T39] kauditd_printk_skb: 32 callbacks suppressed
[  456.263964][   T39] audit: type=1326 audit(1728188220.198:11475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  456.476208][T14593] Process accounting resumed
[  456.743382][T14605] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2492'.
[  456.795422][T13853] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  456.799576][T13853] Bluetooth: hci0: Injecting HCI hardware error event
[  456.804254][   T65] Bluetooth: hci0: hardware error 0x00
[  456.840657][T14607] hpfs: Bad magic ... probably not HPFS
[  456.922339][   T39] audit: type=1326 audit(1728188220.858:11476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73be579 code=0x7fc00000
[  456.928087][   T39] audit: type=1326 audit(1728188220.858:11477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  456.933679][   T39] audit: type=1326 audit(1728188220.858:11478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  456.939444][   T39] audit: type=1326 audit(1728188220.858:11479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  456.947611][   T39] audit: type=1326 audit(1728188220.858:11480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  456.953500][   T39] audit: type=1326 audit(1728188220.858:11481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  456.959628][   T39] audit: type=1326 audit(1728188220.858:11482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  456.967275][   T39] audit: type=1326 audit(1728188220.858:11483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  456.972937][   T39] audit: type=1326 audit(1728188220.858:11484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14590 comm="syz.0.2487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  457.107894][T14609] /dev/sr0: Can't open blockdev
[  457.716158][T14615] Process accounting resumed
[  457.862788][T14630] tmpfs: Unknown parameter 'usrque_hardlimit'
[  457.871554][T14630] tmpfs: Unknown parameter 'usrque_hardlimit'
[  458.216154][T14635] /dev/sr0: Can't open blockdev
[  458.257364][T14641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2505'.
[  458.568313][T14652] overlayfs: failed to resolve './file2': -2
[  458.683449][T14659] tmpfs: Bad value for 'nr_blocks'
[  458.705278][T14661] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  458.864159][   T65] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  459.113535][T14648] Process accounting resumed
[  459.578628][T14702] vlan2: entered allmulticast mode
[  459.580045][T14702] mac80211_hwsim hwsim39 wlan1: entered allmulticast mode
[  459.593545][T14702] mac80211_hwsim hwsim39 wlan1: left allmulticast mode
[  459.657507][T14710] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2524'.
[  459.772608][T14715] openvswitch: netlink: Missing key (keys=40, expected=100)
[  460.023118][T14736] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  460.947166][T14745] vlan2: entered allmulticast mode
[  460.948954][T14745] mac80211_hwsim hwsim39 wlan1: entered allmulticast mode
[  460.954223][T14745] mac80211_hwsim hwsim39 wlan1: left allmulticast mode
[  461.035827][T14747] ubi0: attaching mtd0
[  461.039429][T14747] ubi0: scanning is finished
[  461.040680][T14747] ubi0: empty MTD device detected
[  461.126331][T14747] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  461.128321][T14747] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  461.130429][T14747] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  461.132195][T14747] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  461.134169][T14747] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  461.135947][T14747] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  461.138082][T14747] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2898654359
[  461.141307][T14747] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  461.149712][T14751] ubi0: background thread "ubi_bgt0d" started, PID 14751
[  461.195168][T14753] FAULT_INJECTION: forcing a failure.
[  461.195168][T14753] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  461.199041][T14753] CPU: 2 UID: 0 PID: 14753 Comm: syz.3.2537 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  461.201794][T14753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  461.204569][T14753] Call Trace:
[  461.205669][T14753]  <TASK>
[  461.206465][T14753]  dump_stack_lvl+0x16c/0x1f0
[  461.207768][T14753]  should_fail_ex+0x497/0x5b0
[  461.208998][T14753]  _copy_from_iter+0x29b/0x13e0
[  461.210291][T14753]  ? _copy_from_iter+0x159/0x13e0
[  461.211604][T14753]  ? __pfx__copy_from_iter+0x10/0x10
[  461.212988][T14753]  ? __pfx__copy_from_iter+0x10/0x10
[  461.214385][T14753]  ? __virt_addr_valid+0x1a4/0x590
[  461.215744][T14753]  copy_page_from_iter+0xa5/0x120
[  461.217057][T14753]  skb_copy_datagram_from_iter+0x29b/0x710
[  461.218612][T14753]  packet_sendmsg+0x2135/0x54c0
[  461.219896][T14753]  ? __fget_files+0x23a/0x3f0
[  461.221122][T14753]  ? __pfx___might_resched+0x10/0x10
[  461.222501][T14753]  ? trace_lock_acquire+0x14a/0x1d0
[  461.223848][T14753]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  461.225422][T14753]  ? aa_sk_perm+0x2f5/0xb20
[  461.226618][T14753]  ? __pfx_packet_sendmsg+0x10/0x10
[  461.227992][T14753]  ? __pfx_aa_sk_perm+0x10/0x10
[  461.229272][T14753]  __sys_sendto+0x479/0x4d0
[  461.230482][T14753]  ? __pfx___sys_sendto+0x10/0x10
[  461.231816][T14753]  ? ksys_write+0x1ad/0x260
[  461.233008][T14753]  ? __pfx_ksys_write+0x10/0x10
[  461.234286][T14753]  __ia32_sys_sendto+0xdd/0x1b0
[  461.235566][T14753]  ? lockdep_hardirqs_on+0x7c/0x110
[  461.236924][T14753]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  461.238718][T14753]  __do_fast_syscall_32+0x73/0x120
[  461.240050][T14753]  do_fast_syscall_32+0x32/0x80
[  461.241317][T14753]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  461.242961][T14753] RIP: 0023:0xf7f50579
[  461.244024][T14753] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  461.248982][T14753] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  461.251146][T14753] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000280
[  461.253184][T14753] RDX: 000000000000fc13 RSI: 0000000000000800 RDI: 0000000000000000
[  461.255238][T14753] RBP: 000000000000002f R08: 0000000000000000 R09: 0000000000000000
[  461.257276][T14753] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  461.259359][T14753] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  461.261413][T14753]  </TASK>
[  461.368795][T14759] @: renamed from vlan0 (while UP)
[  461.387617][T14758] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2539'.
[  461.398167][T14758] Process accounting resumed
[  461.646743][T14763] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  461.686683][T14773] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  461.803390][T14778] vlan2: entered allmulticast mode
[  461.803408][T14778] mac80211_hwsim hwsim39 wlan1: entered allmulticast mode
[  461.806593][T14778] mac80211_hwsim hwsim39 wlan1: left allmulticast mode
[  461.846856][   T39] kauditd_printk_skb: 51 callbacks suppressed
[  461.846868][   T39] audit: type=1326 audit(1728188225.788:11536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.067845][T14795] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2551'.
[  462.071021][T14795] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2551'.
[  462.242629][T14807] netlink: 'syz.0.2556': attribute type 1 has an invalid length.
[  462.250438][T14807] bridge0: entered allmulticast mode
[  462.253031][T14807] bridge_slave_1: left allmulticast mode
[  462.255180][T14807] bridge_slave_1: left promiscuous mode
[  462.261759][T14807] bridge0: port 2(bridge_slave_1) entered disabled state
[  462.267740][T14807] bridge_slave_0: left allmulticast mode
[  462.269256][T14807] bridge_slave_0: left promiscuous mode
[  462.270878][T14807] bridge0: port 1(bridge_slave_0) entered disabled state
[  462.291463][T14807] bridge0 (unregistering): left allmulticast mode
[  462.294244][T14808] Invalid logical block size (1)
[  462.357156][T14805] tap0: tun_chr_ioctl cmd 1074025672
[  462.358648][T14805] tap0: ignored: set checksum enabled
[  462.461777][T14812] mac80211_hwsim hwsim42 wlan1: entered allmulticast mode
[  462.461932][   T39] audit: type=1326 audit(1728188226.398:11537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.474332][   T39] audit: type=1326 audit(1728188226.398:11538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.481901][   T39] audit: type=1326 audit(1728188226.398:11539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.506079][   T39] audit: type=1326 audit(1728188226.398:11540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.513313][   T39] audit: type=1326 audit(1728188226.398:11541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.535001][   T39] audit: type=1326 audit(1728188226.398:11542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.542615][   T39] audit: type=1326 audit(1728188226.398:11543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.552523][   T39] audit: type=1326 audit(1728188226.398:11544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.560215][   T39] audit: type=1326 audit(1728188226.398:11545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.1.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000
[  462.623268][T14820] netlink: set zone limit has 4 unknown bytes
[  462.717252][T14823] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2560'.
[  462.766737][T14825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2561'.
[  463.612174][T14842] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2565'.
[  463.619897][T14842] Process accounting resumed
[  463.836393][T14847] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2566'.
[  463.846795][T14847] Process accounting resumed
[  463.858689][T14850] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  464.434738][T14861] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2570'.
[  464.446814][T14858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  464.506993][T14858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  464.736841][T14870] netlink: set zone limit has 4 unknown bytes
[  464.789472][T14872] vlan0: entered allmulticast mode
[  464.789491][T14872] mac80211_hwsim hwsim33 wlan1: entered allmulticast mode
[  464.794644][T14872] mac80211_hwsim hwsim33 wlan1: left allmulticast mode
[  464.972754][T14877] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2573'.
[  464.981393][T14877] Process accounting resumed
[  465.178424][T14864] Process accounting resumed
[  465.334713][T14895] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  465.361208][T14891] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2575'.
[  465.367191][T14891] Process accounting resumed
[  465.482285][T14899] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  465.484046][T14899] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  465.487175][T14899] vhci_hcd vhci_hcd.0: Device attached
[  465.580033][T14905] overlay: Bad value for 'metacopy'
[  465.624188][    T8] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  465.704188][ T1282] vhci_hcd: vhci_device speed not set
[  465.776978][ T1282] usb 19-1: new full-speed USB device number 3 using vhci_hcd
[  465.779725][ T5382] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  465.785444][    T8] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  465.788905][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  465.791940][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  465.795211][    T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  465.801360][    T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  465.806470][    T8] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  465.809578][    T8] usb 5-1: Manufacturer: syz
[  465.812796][    T8] usb 5-1: config 0 descriptor??
[  465.924160][ T5382] usb 6-1: Using ep0 maxpacket: 32
[  465.935446][ T5382] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  465.938874][ T5382] usb 6-1: config 0 has no interfaces?
[  465.940783][ T5382] usb 6-1: New USB device found, idVendor=1b96, idProduct=9f0a, bcdDevice= 0.15
[  465.943868][ T5382] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.948061][ T5382] usb 6-1: config 0 descriptor??
[  466.248090][T14909] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  466.272182][    T8] appleir 0003:05AC:8243.0009: unknown main item tag 0x0
[  466.275698][    T8] appleir 0003:05AC:8243.0009: No inputs registered, leaving
[  466.298615][    T8] appleir 0003:05AC:8243.0009: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  466.363330][T14900] vhci_hcd: connection reset by peer
[  466.368492][T11132] vhci_hcd: stop threads
[  466.369938][T11132] vhci_hcd: release socket
[  466.371168][T11132] vhci_hcd: disconnect device
[  466.794749][T14914] overlayfs: missing 'lowerdir'
[  466.902621][    T8] usb 5-1: USB disconnect, device number 21
[  467.076132][   T39] kauditd_printk_skb: 80 callbacks suppressed
[  467.076143][   T39] audit: type=1326 audit(1728188231.018:11626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14908 comm="syz.2.2592" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf747e579 code=0x7fc00000
[  467.572435][T14936] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2590'.
[  467.582057][T14936] Process accounting resumed
[  467.924706][T14939] netlink: set zone limit has 4 unknown bytes
[  468.388096][T14950] ebtables: wrong size: *len 80, entries_size 48, replsz 48
[  468.627472][T14957] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2595'.
[  469.046593][ T6916] usb 6-1: USB disconnect, device number 31
[  469.494121][ T6916] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  469.677572][ T6916] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  469.680965][ T6916] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  469.686243][ T6916] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  469.688769][ T6916] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  469.695492][ T6916] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  469.698483][ T6916] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  469.700729][ T6916] usb 6-1: Manufacturer: syz
[  469.705619][ T6916] usb 6-1: config 0 descriptor??
[  469.850913][T14998] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2600'.
[  469.864377][T14998] Process accounting resumed
[  470.135375][ T6916] appleir 0003:05AC:8243.000A: unknown main item tag 0x0
[  470.137955][ T6916] appleir 0003:05AC:8243.000A: No inputs registered, leaving
[  470.161723][ T6916] appleir 0003:05AC:8243.000A: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  470.403065][T15010] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2610'.
[  470.419522][T15010] Process accounting resumed
[  470.449391][T15008] bridge0: port 2(bridge_slave_1) entered disabled state
[  470.451498][T15008] bridge0: port 1(bridge_slave_0) entered disabled state
[  470.628041][T15019] netlink: 'syz.0.2604': attribute type 4 has an invalid length.
[  470.864229][ T1282] vhci_hcd: vhci_device speed not set
[  470.988861][T15007] Process accounting resumed
[  471.011018][T15022] FAULT_INJECTION: forcing a failure.
[  471.011018][T15022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  471.015709][T15022] CPU: 3 UID: 0 PID: 15022 Comm: syz.2.2605 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  471.019378][T15022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  471.023027][T15022] Call Trace:
[  471.024207][T15022]  <TASK>
[  471.025260][T15022]  dump_stack_lvl+0x16c/0x1f0
[  471.026920][T15022]  should_fail_ex+0x497/0x5b0
[  471.028566][T15022]  _copy_from_iter+0x29b/0x13e0
[  471.030264][T15022]  ? _copy_from_iter+0x159/0x13e0
[  471.031990][T15022]  ? __pfx__copy_from_iter+0x10/0x10
[  471.033842][T15022]  ? __pfx__copy_from_iter+0x10/0x10
[  471.035661][T15022]  ? __virt_addr_valid+0x1a4/0x590
[  471.037444][T15022]  copy_page_from_iter+0xa5/0x120
[  471.039208][T15022]  skb_copy_datagram_from_iter+0x29b/0x710
[  471.041233][T15022]  packet_sendmsg+0x2135/0x54c0
[  471.042940][T15022]  ? __pfx___might_resched+0x10/0x10
[  471.044767][T15022]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  471.046832][T15022]  ? aa_sk_perm+0x2f5/0xb20
[  471.048407][T15022]  ? __pfx_packet_sendmsg+0x10/0x10
[  471.050211][T15022]  ? __pfx_aa_sk_perm+0x10/0x10
[  471.051897][T15022]  __sys_sendto+0x479/0x4d0
[  471.053489][T15022]  ? __pfx___sys_sendto+0x10/0x10
[  471.055266][T15022]  ? ksys_write+0x1ad/0x260
[  471.056859][T15022]  ? __pfx_ksys_write+0x10/0x10
[  471.058576][T15022]  __ia32_sys_sendto+0xdd/0x1b0
[  471.060268][T15022]  ? lockdep_hardirqs_on+0x7c/0x110
[  471.062080][T15022]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  471.064338][T15022]  __do_fast_syscall_32+0x73/0x120
[  471.066146][T15022]  do_fast_syscall_32+0x32/0x80
[  471.067842][T15022]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  471.070028][T15022] RIP: 0023:0xf747e579
[  471.071445][T15022] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  471.077421][T15022] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  471.079723][T15022] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180
[  471.081884][T15022] RDX: 000000000001000a RSI: 0000000000000000 RDI: 0000000020000140
[  471.084079][T15022] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  471.086327][T15022] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  471.088492][T15022] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  471.090641][T15022]  </TASK>
[  471.180279][ T1421] usb 6-1: USB disconnect, device number 32
[  471.451973][T15032] vlan0: entered allmulticast mode
[  471.549688][T15038] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  471.551908][T15038] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  471.584979][T15038] vhci_hcd vhci_hcd.0: Device attached
[  471.604919][T15039] vhci_hcd: connection closed
[  471.605279][T11142] vhci_hcd: stop threads
[  471.608107][T11142] vhci_hcd: release socket
[  471.609575][T11142] vhci_hcd: disconnect device
[  471.665657][T15043] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2613'.
[  471.671739][T15043] Process accounting resumed
[  471.836722][T15052] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2615'.
[  471.910946][T15058] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2618'.
[  472.096420][T15069] vlan2: entered allmulticast mode
[  472.097858][T15069] mac80211_hwsim hwsim39 wlan1: entered allmulticast mode
[  472.102743][T15069] mac80211_hwsim hwsim39 wlan1: left allmulticast mode
[  472.147751][T15071] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  472.253697][   T39] audit: type=1326 audit(1728188236.188:11627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15070 comm="syz.2.2622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7fc00000
[  472.410475][T15077] netlink: 248 bytes leftover after parsing attributes in process `syz.3.2624'.
[  472.419133][T15077] Process accounting resumed
[  472.701395][T15085] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2628'.
[  472.728154][T15051] block nbd0: shutting down sockets
[  472.978675][   T39] audit: type=1326 audit(1728188236.918:11628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15070 comm="syz.2.2622" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf747e579 code=0x7fc00000
[  474.131475][T15098] Process accounting resumed
[  474.262059][T15099] Process accounting resumed
[  474.305917][T15106] ------------[ cut here ]------------
[  474.308866][T15106] kmem_cache of name '9p-fcall-cache' already exists
[  474.311271][T15106] WARNING: CPU: 3 PID: 15106 at mm/slab_common.c:107 __kmem_cache_create_args+0xb0/0x3c0
[  474.314764][T15106] Modules linked in:
[  474.316296][T15106] CPU: 3 UID: 0 PID: 15106 Comm: syz.3.2635 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  474.321402][T15106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  474.325267][T15106] RIP: 0010:__kmem_cache_create_args+0xb0/0x3c0
[  474.327486][T15106] Code: 98 48 3d 10 bb f1 8d 74 25 48 8b 7b 60 48 89 ee e8 c5 68 34 09 85 c0 75 e0 90 48 c7 c7 e8 1f 58 8d 48 89 ee e8 41 b1 7e ff 90 <0f> 0b 90 90 be 20 00 00 00 48 89 ef e8 4f 6a 34 09 48 85 c0 0f 85
[  474.334325][T15106] RSP: 0018:ffffc90006e9f8f0 EFLAGS: 00010286
[  474.336498][T15106] RAX: 0000000000000000 RBX: ffff888045a98dc0 RCX: ffffc90027091000
[  474.339299][T15106] RDX: 0000000000040000 RSI: ffffffff814e28c6 RDI: 0000000000000001
[  474.342094][T15106] RBP: ffffffff8ca1e320 R08: 0000000000000001 R09: 0000000000000000
[  474.345478][T15106] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  474.348260][T15106] R13: 0000000000020018 R14: ffffc90006e9f9e0 R15: 0000000000020018
[  474.351048][T15106] FS:  0000000000000000(0000) GS:ffff88802b700000(0063) knlGS:00000000f56d6b40
[  474.354457][T15106] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  474.356742][T15106] CR2: 00000000f7415008 CR3: 000000004a580000 CR4: 0000000000352ef0
[  474.359521][T15106] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  474.362798][T15106] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  474.365738][T15106] Call Trace:
[  474.366920][T15106]  <TASK>
[  474.367968][T15106]  ? __warn+0xea/0x3d0
[  474.369440][T15106]  ? __kmem_cache_create_args+0xb0/0x3c0
[  474.371453][T15106]  ? report_bug+0x3c0/0x580
[  474.373086][T15106]  ? handle_bug+0x54/0xa0
[  474.374693][T15106]  ? exc_invalid_op+0x17/0x50
[  474.376367][T15106]  ? asm_exc_invalid_op+0x1a/0x20
[  474.378166][T15106]  ? __warn_printk+0x1a6/0x350
[  474.379898][T15106]  ? __kmem_cache_create_args+0xb0/0x3c0
[  474.381909][T15106]  p9_client_create+0xe04/0x1150
[  474.383803][T15106]  ? __pfx_p9_client_create+0x10/0x10
[  474.385834][T15106]  ? __raw_spin_lock_init+0x3a/0x110
[  474.387647][T15106]  v9fs_session_init+0x1f8/0x1a80
[  474.389410][T15106]  ? __pfx_v9fs_session_init+0x10/0x10
[  474.390920][T15106]  ? kasan_save_track+0x14/0x30
[  474.392220][T15106]  v9fs_mount+0xc6/0xa50
[  474.393357][T15106]  ? __pfx_v9fs_mount+0x10/0x10
[  474.394737][T15106]  ? __pfx_v9fs_mount+0x10/0x10
[  474.396097][T15106]  legacy_get_tree+0x109/0x220
[  474.397467][T15106]  vfs_get_tree+0x8f/0x380
[  474.398676][T15106]  path_mount+0x6e1/0x1f10
[  474.399859][T15106]  ? kmem_cache_free+0x152/0x4b0
[  474.401175][T15106]  ? __pfx_path_mount+0x10/0x10
[  474.402481][T15106]  ? putname+0x12e/0x170
[  474.403618][T15106]  __ia32_sys_mount+0x292/0x310
[  474.404977][T15106]  ? __pfx___ia32_sys_mount+0x10/0x10
[  474.406644][T15106]  __do_fast_syscall_32+0x73/0x120
[  474.408388][T15106]  do_fast_syscall_32+0x32/0x80
[  474.410065][T15106]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  474.412215][T15106] RIP: 0023:0xf7f50579
[  474.413633][T15106] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  474.420144][T15106] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  474.422970][T15106] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000020000480
[  474.425775][T15106] RDX: 00000000200004c0 RSI: 0000000000000000 RDI: 0000000000000000
[  474.428458][T15106] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  474.431141][T15106] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  474.433834][T15106] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  474.436629][T15106]  </TASK>
[  474.437709][T15106] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  474.440179][T15106] CPU: 3 UID: 0 PID: 15106 Comm: syz.3.2635 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  474.443798][T15106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  474.447429][T15106] Call Trace:
[  474.448564][T15106]  <TASK>
[  474.449590][T15106]  dump_stack_lvl+0x3d/0x1f0
[  474.451176][T15106]  panic+0x71d/0x800
[  474.452523][T15106]  ? __pfx_panic+0x10/0x10
[  474.454060][T15106]  ? show_trace_log_lvl+0x29d/0x3d0
[  474.455834][T15106]  ? __kmem_cache_create_args+0xb0/0x3c0
[  474.457751][T15106]  check_panic_on_warn+0xab/0xb0
[  474.459453][T15106]  __warn+0xf6/0x3d0
[  474.460799][T15106]  ? __kmem_cache_create_args+0xb0/0x3c0
[  474.462680][T15106]  report_bug+0x3c0/0x580
[  474.464148][T15106]  handle_bug+0x54/0xa0
[  474.465512][T15106]  exc_invalid_op+0x17/0x50
[  474.467001][T15106]  asm_exc_invalid_op+0x1a/0x20
[  474.468646][T15106] RIP: 0010:__kmem_cache_create_args+0xb0/0x3c0
[  474.470733][T15106] Code: 98 48 3d 10 bb f1 8d 74 25 48 8b 7b 60 48 89 ee e8 c5 68 34 09 85 c0 75 e0 90 48 c7 c7 e8 1f 58 8d 48 89 ee e8 41 b1 7e ff 90 <0f> 0b 90 90 be 20 00 00 00 48 89 ef e8 4f 6a 34 09 48 85 c0 0f 85
[  474.477136][T15106] RSP: 0018:ffffc90006e9f8f0 EFLAGS: 00010286
[  474.479212][T15106] RAX: 0000000000000000 RBX: ffff888045a98dc0 RCX: ffffc90027091000
[  474.481183][T15106] RDX: 0000000000040000 RSI: ffffffff814e28c6 RDI: 0000000000000001
[  474.483192][T15106] RBP: ffffffff8ca1e320 R08: 0000000000000001 R09: 0000000000000000
[  474.485165][T15106] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  474.487162][T15106] R13: 0000000000020018 R14: ffffc90006e9f9e0 R15: 0000000000020018
[  474.489243][T15106]  ? __warn_printk+0x1a6/0x350
[  474.490710][T15106]  p9_client_create+0xe04/0x1150
[  474.492372][T15106]  ? __pfx_p9_client_create+0x10/0x10
[  474.494214][T15106]  ? __raw_spin_lock_init+0x3a/0x110
[  474.496017][T15106]  v9fs_session_init+0x1f8/0x1a80
[  474.497618][T15106]  ? __pfx_v9fs_session_init+0x10/0x10
[  474.499239][T15106]  ? kasan_save_track+0x14/0x30
[  474.500437][T15106]  v9fs_mount+0xc6/0xa50
[  474.501510][T15106]  ? __pfx_v9fs_mount+0x10/0x10
[  474.503044][T15106]  ? __pfx_v9fs_mount+0x10/0x10
[  474.504592][T15106]  legacy_get_tree+0x109/0x220
[  474.506157][T15106]  vfs_get_tree+0x8f/0x380
[  474.507316][T15106]  path_mount+0x6e1/0x1f10
[  474.508449][T15106]  ? kmem_cache_free+0x152/0x4b0
[  474.509804][T15106]  ? __pfx_path_mount+0x10/0x10
[  474.511453][T15106]  ? putname+0x12e/0x170
[  474.512913][T15106]  __ia32_sys_mount+0x292/0x310
[  474.514504][T15106]  ? __pfx___ia32_sys_mount+0x10/0x10
[  474.516327][T15106]  __do_fast_syscall_32+0x73/0x120
[  474.518050][T15106]  do_fast_syscall_32+0x32/0x80
[  474.519297][T15106]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  474.520836][T15106] RIP: 0023:0xf7f50579
[  474.522127][T15106] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  474.526833][T15106] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  474.528896][T15106] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000020000480
[  474.530971][T15106] RDX: 00000000200004c0 RSI: 0000000000000000 RDI: 0000000000000000
[  474.533323][T15106] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  474.535453][T15106] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  474.537545][T15106] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  474.539634][T15106]  </TASK>
[  474.540979][T15106] Kernel Offset: disabled
[  474.542312][T15106] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:17:18  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000002 RBX=0000000000000001 RCX=ffffffff81d30a06 RDX=ffff88801f364880
RSI=ffffffff81d31b1d RDI=0000000000000005 RBP=00000000000000bc RSP=ffffc90007fd7790
R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000000
R12=ffff88806e90c808 R13=0000000000000001 R14=00000000002d0000 R15=ffff88802acc6ba0
RIP=ffffffff818ca801 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020009004 CR3=000000006656c000 CR4=00352ef0
DR0=0000000000000000 DR1=00000000872c9164 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000001fae24b RBX=0000000000000001 RCX=ffffffff8b12f709 RDX=0000000000000000
RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb12120 RBP=ffffed10036e9910 RSP=ffffc90000477e08
R8 =0000000000000001 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000000
R12=0000000000000001 R13=ffff88801b74c880 R14=ffffffff901cce88 R15=0000000000000000
RIP=ffffffff8b130aef RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020032000 CR3=0000000055480000 CR4=00352ef0
DR0=0000000000000000 DR1=00000000872c9164 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffffed1003ed35e3 RCX=0000000000000000 RDX=0000000000000000
RSI=0000000000000000 RDI=ffff88801f69af40 RBP=ffff88801f69af20 RSP=ffffc90000ebf580
R8 =ffff88801f69af20 R9 =fffffbfff2d31588 R10=ffffffff9698ac47 R11=0000000000000002
R12=dffffc0000000000 R13=0000000000000000 R14=0000000000000004 R15=ffff88801f69a440
RIP=ffffffff8169e879 RFL=00000806 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5258fff CR3=00000000255a2000 CR4=00352ef0
DR0=0000000000000000 DR1=00000000872c9164 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=792cce7d171bd18c 7406d6a266b5f745 792cce7d171bd18c 7406d6a266b5f745 792cce7d171bd18c 7406d6a266b5f745 792cce7d171bd18c 7406d6a266b5f745
ZMM18=bd89472fbaea1eef 45f080434ffa07b9 bd89472fbaea1eef 45f080434ffa07b9 bd89472fbaea1eef 45f080434ffa07b9 bd89472fbaea1eef 45f080434ffa07b9
ZMM19=5111000000000000 0000000000000005 5111000000000000 0000000000000004 5111000000000000 0000000000000003 5111000000000000 0000000000000002
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=7406d6a27406d6a2 7406d6a27406d6a2 7406d6a27406d6a2 7406d6a27406d6a2 7406d6a27406d6a2 7406d6a27406d6a2 7406d6a27406d6a2 7406d6a27406d6a2
ZMM22=171bd18c171bd18c 171bd18c171bd18c 171bd18c171bd18c 171bd18c171bd18c 171bd18c171bd18c 171bd18c171bd18c 171bd18c171bd18c 171bd18c171bd18c
ZMM23=792cce7d792cce7d 792cce7d792cce7d 792cce7d792cce7d 792cce7d792cce7d 792cce7d792cce7d 792cce7d792cce7d 792cce7d792cce7d 792cce7d792cce7d
ZMM24=4ffa07b94ffa07b9 4ffa07b94ffa07b9 4ffa07b94ffa07b9 4ffa07b94ffa07b9 4ffa07b94ffa07b9 4ffa07b94ffa07b9 4ffa07b94ffa07b9 4ffa07b94ffa07b9
ZMM25=45f0804345f08043 45f0804345f08043 45f0804345f08043 45f0804345f08043 45f0804345f08043 45f0804345f08043 45f0804345f08043 45f0804345f08043
ZMM26=baea1eefbaea1eef baea1eefbaea1eef baea1eefbaea1eef baea1eefbaea1eef baea1eefbaea1eef baea1eefbaea1eef baea1eefbaea1eef baea1eefbaea1eef
ZMM27=bd89472fbd89472f bd89472fbd89472f bd89472fbd89472f bd89472fbd89472f bd89472fbd89472f bd89472fbd89472f bd89472fbd89472f bd89472fbd89472f
ZMM28=000000500000004f 0000004e0000004d 0000004c0000004b 0000004a00000049 0000004800000047 0000004600000045 0000004400000043 0000004200000041
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=5011000050110000 5011000050110000 5011000050110000 5011000050110000 5011000050110000 5011000050110000 5011000050110000 5011000050110000
info registers vcpu 3

CPU#3
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85034e45 RDI=ffffffff9a63a220 RBP=ffffffff9a63a1e0 RSP=ffffc90006e9f258
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000020 R14=ffffffff85034de0 R15=0000000000000000
RIP=ffffffff85034e6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7415008 CR3=000000004a580000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000